When we start talking about security, there are different aspects: We could keep the discussion at the academic level, explaining what an SQL injection is, learning what a watering hole is, discussing the most critical malware of the year and debating whether the mainframe is the strongest secure system currently available. On the Internet, we can find a lot of literature on this subject.

Another approach could be to discuss security tools and products.

We would begin the discussion about security with knowledge — knowledge on possible threats and understanding the real risks. Investments are driven by real risks and therefore enterprises very much focus on this. The problem is that a lot of information is coming in, often from untrusted sources. In order to be effective, the information should arrive in a timely manner.

Finding the Best Security Products

The IBM answer to the need for knowledge is X-Force. X-Force is a team of researchers focused on understanding cybercrime and providing continuous information for products. In fact, it even delivers a report on cybercrime every quarter. But it is not just a matter of reports.

IBM has also launched X-Force Exchange. There are two main features: a portal where users can run queries and receive information on specific threats and IP reputation, and an API interface. The platform is open, accessible and social. That is the best answer against cybercrime.

But IBM is more than just X-Force: We have end-to-end solutions to protect all the configuration items necessary to provide services, from mainframe to endpoint. This includes identity and access management, fraud protection, static and dynamic application analysis, data protection and data masking and endpoint protection, all integrated in the security intelligence platform.

Talking about end-to-end security includes all possible platforms, and with each we need to talk about security and manage it in the best way.

One of the best platforms is the mainframe security system, which is currently the most secure in the market and uses an easy approach. However, this is not the only option.

Beyond Threat Intelligence

Risk management and vulnerability management are always strong characteristics of mainframe platforms, obtained by a successful marriage between hardware and software. A strong push is given by IBM zSecure, born from the acquisition of the Dutch company Consul, which allowed mainframe administrators and users to work with security objects in an easier way and allowed people with no security skills to deal with issues.

So let’s talk about security information and event management (SIEM) and log management needs in mainframe solutions as seen from a security point of view. In the past, log management was very strong in the mainframe, but its scope was not to analyze and detect attacks due to the very strong and solid security infrastructure.

Log management’s scope was mainly to allow system programmers to find errors and solve them. In the past 10 years, many customers, especially in the public sector, experienced attacks inside the mainframe thanks to malicious insiders. These insider threats could be, for example, changing the value of a given cash amount, viewing colleagues’ salaries or accessing sensitive information for fraudulent purposes. Due to this, log management from a security perspective went from “nice to have” to “mandatory.”

These recent changes encouraged IBM to extend SIEM capabilities for log management to mainframe solutions, increasing capabilities to capture security events. A very tight integration has been built between all security tools, allowing for event exchange and easier log management analysis.

Read the white paper: Safeguard Enterprise Compliance and Remain Vigilant Against Threats

More from CISO

Making smart cybersecurity spending decisions in 2025

4 min read - December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many budgets heading into the New Year.Gartner expects that cybersecurity spending is expected to increase 15% in 2025, from $183.9 billion to $212 billion. Security services lead the way for the segment…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today