In a digital age of cloud computing and mobile systems; where cyber security, cyber crime and cyber war are part of the day-to-day vocabulary, how secure is the mainframe? Is it safe to assume that the mainframe is secure by default? Can we ignore the fact that the mainframe is just another platform in the great scheme of things? How vital is the mainframe and the data that it stores for you and your company?
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
Cyber security and the mainframe (v1.3)
1. Cyber
Security
and
the
Mainframe
Rui
Miguel
Feio
RSM
Partners
Date
of
presenta<on
(03/11/2015)
Session
<FC>
2. Delivering
the
best
in
z
services,
soJware,
hardware
and
training.
Delivering
the
best
in
z
services,
soJware,
hardware
and
training.
World
Class,
Full
Spectrum,
z
Services
Cyber
Security
and
the
Mainframe
Rui
Miguel
Feio
Security
Lead
3. Agenda
• Introduc<on
• Cyber
Crime
• Recent
APacks
• The
Mainframe
• What
to
Do
• World
Wide
Real-‐Time
Cyber
APacks
• References
and
Resources
• Ques<ons?
4. Introduc<on
Rui
Miguel
Feio
is…
– Security
lead
at
RSM
Partners
– Mainframe
technician
specialising
in
mainframe
security
– Has
been
working
with
mainframes
for
the
past
16
years
– Started
as
an
MVS
Systems
Programmer
– Experience
in
other
plaorms
as
well
6. Cyber
Crime
–
The
Actors
• Cyber
Crime
is
any
criminal
act
dealing
with
electronic
devices
and
networks.
Cyber
crime
also
includes
tradi<onal
crimes
conducted
through
the
Internet.
• The
typical
actors
of
cyber
crime
ac<vi<es:
– Hackers
– Organised
Criminal
Gangs
– Hack<vists
– Terrorists
– Na<on-‐States
– Internal
Threats
7. 2015
Cost
of
Cyber
Crime
Study
• Ponemon
Ins<tute
report
sponsored
by
HP
Enterprise
published
in
October
2015:
– “2015
Cost
of
Cyber
Crime
Study:
Global”
• Global
study
at
a
glance:
– 252
companies
in
7
countries:
• United
States,
UK,
Germany,
Australia,
Japan,
Russia
and
Brazil
– 2,128
interviews
with
company
personnel
– 1,928
total
aPacks
used
to
measure
total
cost
– $7.7
million
USD
is
the
average
annualised
cost
– 1.9%
net
increase
over
the
past
year
8. Average
Cost
of
Cyber
Crime
2015
**
Cost
in
millions
of
US
Dollars
Although
we
see
a
cost
decrease
in
some
of
the
countries,
this
is
due
to
exchange
rate
differences
over
the
past
year
resul<ng
from
a
strong
USD.
Adjus<ng
for
exchange
rate
differences
we
actually
see
a
net
increase
in
all
countries.
9. Average
Cost
by
Industry
2015
*
Cost
in
millions
of
US
dollars
12. Report
Summary
Highlights
• Cyber
crime
con<nues
to
be
on
the
rise
for
organisa<ons:
– Cost
ranges
$310
K
-‐
$65
million
with
an
average
of
$7.7
million
• The
most
costly
cyber
crimes
are
those
caused
by
malicious
insiders,
denial
of
services
(DoS)
and
web-‐based
aPacks.
• Cyber
aPacks
can
get
costly
if
not
resolved
quickly
– The
mean
number
of
days
to
resolve
is
46
with
an
average
cost
of
$21,155
per
day
– Total
cost
of
$973,130
over
the
46
day
remedia<on
period
13. Report
Summary
Highlights
• Business
disrup<on
represents
39%
of
total
external
costs,
followed
by
the
costs
associated
with
informa<on
loss.
• Deployment
of
security
intelligence
systems
(SIEM)
represents
an
average
cost
savings
of
$1.9
million
17.
“If
you
give
an
hacker
a
new
toy,
the
first
thing
he'll
do
is
take
it
apart
to
figure
out
how
it
works.”
Jamie
Zawinski
18. How
Secure
is
the
Mainframe?
• “The
mainframe
is
the
most
secured
plaorm
there
is!”
• “No
one
Hacks
the
mainframe!”
• “Only
mainframers
know
how
a
mainframe
works!”
• “You
would
need
to
work
for
the
company
to
be
able
to
do
some
harm
to
the
mainframe,
and
no
one
does
it.”
• “Hackers
are
not
interested
in
the
mainframe!”
19. How
Secure
is
the
Mainframe?
• “The
mainframe
is
the
most
secured
plaorm
there
is!”
– It’s
definitely
highly
securable
but
that
requires
work
and
focus
• “No
one
Hacks
the
mainframe!”
– There
are
several
documented
cases
of
mainframes
being
hacked
• “Only
mainframers
know
how
a
mainframe
works!”
– Mainframe
documenta>on
is
available
for
free
on
the
internet?!
• “You
would
need
to
work
for
the
company
to
be
able
to
do
some
harm
to
the
mainframe,
and
no
one
does
it.”
– Given
the
opportunity
any
employee
may
take
advantage
(and
they
have!)
• “Hackers
are
not
interested
in
the
mainframe!”
– Oh
boy,
you
are
coming
for
a
surprise!!
20. “There
are
regular
ac>ons
that
an
aAacker
takes
because
they
are
aAackers.
They
don’t
know
your
network
the
way
you
do.
They
don’t
know
which
accounts
have
greater
access.
They
don’t
know
which
file
servers
contain
more
data.
They
have
to
discover
it
all.”
ScoP
Kennedy,
Cloudshield
blog
21. A
Typical
Company
Mainframe
“Shared”
Servers
Servers
Service
Providers
Customers
Company
Servers
Unaccounted
Servers
Decommissioned
Servers
22. “Shared”
Servers
–
Candy
Shops
• Technical
documenta<on
• Processes
&
Procedures
• Instruc<ons
• Training
material
• Contacts
• Departments/teams
structure
• Confiden<al
documenta<on
• Team
backups
• Personal
backups…
23. Personal
Backups…
• Technical
notes
• Technical
documents
• Confiden<al
informa<on
• Personal
informa<on
• Contacts
• Passwords
• Email
account
backups
• Pics
of
girls
in
bikini!!
24.
“The
hacker
is
going
to
look
for
the
crack
in
the
wall…”
Kevin
Mitnick
in
“The
Art
of
Intrusion”
26. How
to
Prevent?
• Security
must
be
seen
as
a
whole
• Company
needs
to
work
as
One
• Review
en<re
technological
estate
• Review
processes
/
procedures
• Educate
employees
and
externals
• Get
external
expert
help
and
support
• Keep
updated
and
up-‐to-‐date
• Repeat
all
these
steps
on
a
regular
basis
• OR
You
can
get
Chuck
and
his
seal
of
approval
36. Session feedback – Do it online at conferences.gse.org.uk/2015/feedback/nn
Session feedback
• Please submit your feedback at
http://conferences.gse.org.uk/2015/feedback/FC
• Session is <FC>
This is the last
slide in the deck
36