Mainframe Blog

How to Enable Adaptive Cybersecurity from the Mainframe to the Cloud

Enable Adaptive Cybersecurity
John McKenny
4 minute read
John McKenny
image_pdfimage_print

Unfortunately, cybercriminals are always working to find the vulnerabilities in business systems. And in many instances, they succeed.

As reported earlier this year, a leading global hotel chain suffered a data breach, impacting 5.2 million customers and exposed their names, genders, phone numbers, travel information, and loyalty program data. Another massive data breach occurred in May 2020 at a U.K.-based jet airline company, resulting in the loss of personal information for more than 9 million customers.

Security Intelligence reports that the average cost of a data breach in 2019 was $3.92 million.  And if you have ever gone through one yourself as an IT security professional, you know just how much valuable time is lost responding to a breach.

Consider also that the tactics—and tools—of cybercriminals are becoming more sophisticated by the day. As noted by Forbes, cybercriminals are “integrating AI and machine learning into their malware programs to bypass and infiltrate targeted systems.”

With the methods of cybercriminals constantly changing, it is essential to continuously assess and expand your cybersecurity strategy to ensure that no system—no matter how obscure or “safe” it is believed to be—can be compromised. Every point of weakness needs to be considered in your strategy to prevent a potential breach.

So, how can your security team protect systems, applications, and data in this brave new world of cybercrime, pinpointing vulnerabilities in your systems, bringing indicators of compromise to the surface and taking proactive actions to prevent attacks?

Adopting a Zero Trust Strategy

Ultimately, protecting your environment today requires a holistic approach to cybersecurity. A Zero Trust strategy is recommended, one based on the premise that everything needs to be considered unsecured until proven trusted and secured.

Securing systems, applications and data also requires the right tools. Fortunately, a new generation of adaptive cybersecurity solutions is fast advancing, leveraging AI and machine learning technologies to uncover hidden threats to your environment in real time, wherever they may occur.

How Adaptive Cybersecurity Works

Adaptive cybersecurity tools are designed to evolve as they automatically protect, detect, and respond to suspicious events like privilege escalations, unusual access requests, and threats from within and outside your environment. Among their many benefits is the ability to integrate security technologies across the infrastructure, breaking down technological silos and elevating visibility for all.

Because adaptive cybersecurity tools apply AI to the continuous monitoring of systems, applications, and user behaviors, they allow security teams to reliably detect threats well before they surface and advance through internal systems. AI is especially valuable for establishing the broader, more inclusive visibility needed today to ensure every system is monitored and secured.

Even as data proliferates across your hybrid cloud environment, it remains important to remember that your organization’s most sensitive data resides on your mainframes.

While CISOs and enterprise security analysts strive to ensure that every system is secured and visible to the Security Operations Center (SOC), they often lack awareness of the vulnerabilities within their mainframe systems.

The reality is 0-day threats, configuration weaknesses, and modern threats like ransomware are all present risks to sensitive mainframe data. Relying on the native security of the mainframe can leave this data vulnerable to attacks.

Securing the Mainframe with BMC AMI Security

BMC AMI Security equips you well for the fight against cybercrime by becoming a virtual, always-on security expert for the mainframe. Built on the guidance and expertise of the industry’s most recognized mainframe security experts, BMC AMI Security allows you to quickly bring threat events, vulnerabilities, and potentially malicious actors to the attention of your SOC experts.

BMC AMI Security delivers on the promise of adaptive cybersecurity by:

  • Automating responses to mainframe security events
  • Ensuring that real-time visibility of threats and suspicious behaviors on your mainframe are integrated with your enterprise SIEM
  • Consistently updating and delivering one of the industry’s broadest set of mainframe indicators of compromise
  • Providing out-of-the-box policies that automatically harden the mainframe and reduce your attack surface
  • Translating security events into common language, enabling security analysts to respond to incidents on the mainframe regardless of their level of mainframe expertise

In addition to securing mainframe systems, BMC AMI Security helps you remain in compliance with the growing list of global regulations, including PCI DSS, HIPAA, SOX, FISMA, GDPR, ISO 27001, IRS Pub. 1075, NERC, and many others.

BMC AMI Security is also supported by BMC Mainframe Services from RSM Partners, a service organization of highly experienced IT professionals offering on-demand expertise to determine the current health of your mainframe security, uncover vulnerabilities attackers may exploit, and deliver a plan to remediate them. This support resource is particularly valuable to organizations experiencing a shortage of skilled mainframe managers.

Adaptive Cybersecurity and ROI

The need to invest in new, modern cybersecurity tools will only increase as your infrastructure advances and becomes more complex. To get C-suite buy-in for the investments you need to make, you must build a business case for them.

As noted by Business Times, it is difficult to “measure the return on investment in cybersecurity solutions, because success is demonstrated through the absence of something rather than the generation of business income.”

Ultimately, an investment in BMC AMI Security delivers value by helping your organization achieve the following:

  • Implement an inclusive strategy that enables more insight, greater context, and confidence that data, applications, and systems are secure across the entire hybrid environment
  • Integrate mainframe security with enterprise security solutions extending the value of your current investments in security staff and software
  • Help ensure the most securable platform you own is free from software, hardware and configuration vulnerabilities

Data breaches are not going away and any one potential point of failure is a win for an attacker. The tools and strategies you put in place today will directly impact your ability to protect data, systems, and applications down the road.

For more information on how to build an effective cybersecurity strategy, download our eBook, Mitigating Mainframe Security Risks with Endpoint Detection and Response.

Mitigating Mainframe Security Risks with Endpoint Detection and Response

Keep ransomware and other threats out of your mainframe
Read now ›

These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.

See an error or have a suggestion? Please let us know by emailing blogs@bmc.com.

Run and Reinvent Your Business with BMC

From core to cloud to edge, BMC delivers the software and services that enable nearly 10,000 global customers, including 84% of the Forbes Global 100, to thrive in their ongoing evolution to an Autonomous Digital Enterprise.
Learn more about BMC ›

About the author

John McKenny

John McKenny

As Senior Vice President of Strategy and Innovation for ZSolutions at BMC Software, John leads the Product Management and Solutions Marketing teams to innovate the mainframe to meet the needs of today’s evolving digital economy. John has over 24yrs of management experience at BMC alone and, prior to joining, he led various IT management teams and strategies for 15 years in the transportation and insurance industries.