By Praveen Kumar
ALTHOUGH cloud platforms and applications have become widely popular, many businesses still rely on mainframes to handle their most mission-critical tasks. According to IBM, over 70% of information technology (IT) workloads worldwide are handled by mainframes — and business leaders are steadily increasing their reliance on mainframes in parallel with cloud-based technologies. This is reflected in the Asia-Pacific mainframe market’s continued expansion, with GII Research expecting an increase in market value to about $1.78 million by 2030 from $1.249 million in 2022, with a compounded annual growth rate of 4.6%.
When it comes to security, companies have traditionally considered mainframes to be safer and far less vulnerable to cyberattacks. Such perceptions can create a false sense of security and cause organizations to prioritize other security investments and neglect important mainframe enhancements over time.
In life and in the realm of business, perceptions that don’t match reality can be perilous, especially amid the growing threat of cyberattacks in the Asia-Pacific region. In the Philippines, the Department of Information and Communications Technology’s National Cybersecurity Plan showed that the National Computer Emergency Response Team tracked 57,400 cybersecurity threats and managed 3,470 incidents from 2021 to February 2023. Most of these attacks targeted critical sectors such as government emergency systems (61%), academia (13%), and telecommunications (8%). These attacks can be financially devastating, with a PwC report showing that 35% of organizations suffered losses anywhere from $1 million to $20 million over the past three years.
The rise in frequency and potency of cyberattacks is a consequence of threat actors’ improving sophistication, as cybercriminals now have access to advanced technologies and artificial intelligence (AI)-powered tools. The only logical response to this is for organizations to evolve accordingly.
COMMON MAINFRAME VULNERABILITIESWhile mainframes have a reputation for robust security, they are hardly immune to vulnerabilities. In the Philippines where digital transformation is rapidly advancing, the risk of cyberthreats is also on the rise. Statista reported that data breaches in the Philippines reached roughly 140,000 in the fourth quarter of 2023 driven by rapid digitalization, advanced hacking techniques, and insufficient cybersecurity measures. Given the growing reliance on mainframes in industries that handle mission-critical operations, businesses must rethink their approach to mainframe security.
Awareness is always the first step, and every organization should understand the following vulnerabilities:
– Configuration-based vulnerabilities, stemming from errors in system setup and parameters, create unintended access points for malicious actors.
– Code-based vulnerabilities grow out of programming errors or flaws within the mainframe’s software code, which can be exploited by malicious actors as entry points to infiltrate the system to siphon off data or cause system disruptions.
– Insider threats also pose a significant risk. Employees and contractors with authorized access can be weak links.
– Relying solely on passwords significantly weakens mainframe security. Multi-factor authentication (MFA), for instance, adds a layer of protection by requiring multiple forms of verification.
PRACTICAL STEPS TO WIN CONTROL BACKNew research by Rocket Software found that only 28% of IT leaders said they can assure that they could proactively navigate threats despite acknowledging mainframe security as a top priority.
To protect mainframe systems effectively and improve confidence, organizations should consider the following:
– Employ a mainframe security architect — A dedicated security architect aids the design and maintenance of a secure mainframe environment that is also tailored for an organization’s specific needs.
– Implement code-based vulnerability scanning — Regularly scrutinizing code for vulnerabilities helps identify issues before they escalate into more serious threats.
– Conduct regular mainframe penetration tests — To uncover possible weaknesses, scheduled penetration testing can unlock valuable insights, which can be used to enhance defenses.
– Implement real-time compliance checking — Compliance is crucial for cyber resilience, and continuously monitoring adherence to organizational policies ensures alignment with regulations and upholds mainframe security.
– Deploy MFA systemwide — MFA is central to a modern cybersecurity strategy. Implementing MFA across the system adds an additional layer of security that minimizes the risk of unauthorized access.
PROTECT YOUR BUSINESS, INVEST IN MAINFRAME SECURITYThe Philippine government is driving digital growth through infrastructure improvements and fostering local business development. As part of this effort, mainframes play a critical role in supporting essential functions for banks, government institutions, and large firms, but as cyberthreats evolve, organizations cannot afford to overlook their mainframe security. Failing to address these vulnerabilities not only increases the risk of financial losses and exposure to potential liabilities but also makes compliance with crucial regulations, such as PCI 4.0 or the Payment Card Industry Data Security Standard and the Data Privacy Act, more difficult.
IT and security leaders need to understand that mainframe security is an ongoing commitment and not just a one-time task. By being constantly aware of the vulnerabilities inherent to mainframes and implementing proactive security measures, they can significantly bolster their organization’s defenses against costly breaches and stay within the bounds of industry regulations.
Praveen Kumar is the vice-president for Asia-Pacific at Rocket Software.
