Light Dark
June 12, 2013 By Glinda Cummings 3 min read
Mainframe
Intelligence & Analytics

What You Don’t Know Can Still Hurt You

When it comes to enterprise security, no news is not necessarily good news. A common challenge to the need for greater security is the lack of visible incidents. But, the question that needs to be answered is: Would you know? A lack of alerts about attempts to attack your system or actual intrusions doesn’t mean they didn’t happen—because chances are, they did.

Many large organizations track multiple attempts a week.  A lack of alerts just means that while previous attacks were unsuccessful, you may not have received the information and insight you need from your security system to protect against the next attack. That next attack could be successful—and devastating.

No System Is Immune to Threats

In today’s interconnected business environment, no system is immune to threats, including mainframe environments.  In the security-sensitive healthcare sector, for example, a recent survey revealed that:

43% of organizations graded their ability to withstand security threats as poor, failing, or in need of improvement.

More importantly…

23% of organizations admitted to security breaches in a recent 12-month period.

Security issues don’t happen in a vacuum, but few security solutions are broad and integrated enough to deliver insights that make a difference. Information provided by third-party log management and security information and event management (SIEM) solutions typically includes voluminous data with limited context—and hence, limited value. Identifying who did what and when, recognizing what’s abnormal, and obtaining visibility into subtle connections between millions of data points are the goals—but achieving them requires a great deal of contextual data and the analytical means to make sense of it.

Making Sense of All the Data

Security intelligence. That’s what we at IBM Security call the approach to enterprise security that we have developed. Using multiple solutions, IBM Security delivers integrated threat analysis, real-time alerts, audit consolidation and compliance reporting to help you keep pace with today’s increasing threats with a single view into the risks affecting both mainframe and distributed systems. Covering people, data, applications and infrastructure, the IBM security intelligence program includes the automated analysis and reporting capabilities you need to deal with the complexity of event monitoring and reporting without burying your staff with an endless stream of log data that does not record threats.

And, while the mainframe itself can save up to 70% in audit overhead, security intelligence can increase the depth of insight and real-time anomaly detection, improving the integrity of systems and protecting your mission-critical workloads.

Only a highly integrated series of solutions, like those found in the IBM security intelligence offering, can produce the necessary visibility to safeguard your environment. Security intelligence enables the organization to better discover and respond to:

  • External threats such as financially-motivated criminals and “hacktivists” seeking sensitive data
  • Internal threats such as employee theft of intellectual property
  • Unintentional but exploitable weaknesses such as misconfigured security devices or improperly configured access controls

To achieve consistent reporting on vulnerabilities or threats, including monitoring privileged and non-privileged users, the organization needs centralized logging and intelligent normalization of security data. To ensure that compliance and security goals align, it needs visibility into network segments where logging may be problematic. To discover unknown, excessive or unauthorized mainframe access, it needs visibility into asset communication patterns.

It has never been more difficult to protect both your mainframe and distributed environments—and if you are not able to connect the dots between disparate security data in a manageable and insightful way, the time is now to consider new approaches.  Security intelligence offerings from IBM help provide organizations with comprehensive and actionable insight into threats and risks in mainframe and distributed systems environments. Applying real-time collection, normalization, and analysis of access information and other security-related data, it can reduce both the risk of security breaches and—just as important—the manual effort of security operations, freeing your team to focus on more serious incidents rather than wading through an endless stream of data without context.

Get actionable insight with security intelligence for mainframe environments

 

 |  |  | 
Glinda Cummings
Product Manager for zSecure, IBM Security

More from Mainframe
May 17, 2022

How dangerous is the cyberattack risk to transportation?

4 min read - If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and subway routes. The results could be terrible. Between June of 2020 and June of 2021, the transportation industry witnessed a 186% increase in weekly ransomware attacks. In one event, attackers breached the New York Metropolitan Transportation Authority (MTA) systems. Thankfully, no one was harmed, but incidents like these are cause…

March 28, 2022

Low-code is easy, but is it secure?

4 min read - Low-code and no-code solutions are awesome. Why? With limited or no programming experience, you can quickly create software using a visual dashboard. This amounts to huge time and money savings. But with all this software out there, security experts worry about the risks. The global low-code platform market revenue was valued at nearly $13 billion in 2020. The market is forecast to reach over $47 billion in 2025 and $65 billion in 2027 with a CAGR of 26.1%. Very few,…

December 15, 2021

Starting From Scratch: How to Build a Small Business Cybersecurity Program

4 min read - When you run a small business, outsourcing for services like IT and security makes a lot of sense. While you might not have the budget for a full-time professional on staff to do these jobs, you still need the services.However, while it might be helpful to have a managed service provider handle your software and computing issues, cybersecurity for small and medium businesses (SMBs) also requires a personal, hands-on approach. While you can continue to outsource some areas of cybersecurity,…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature