COMPREHENSIVE MAINFRAME SECURITY Mainframe Security Needs Are Changing—the Security Model Surrounding Them Must as Well BY HARI CANDADAI M 6 | ainframes are just as important and viable as they have ever been. Why do many businesses treat them like a separate entity when it comes time to secure the enterprise? Part of the answer lies in how well mainframes have worked over the years. The technology is so reliable and eminently stable that it is easy to overlook its security needs. Or, more accurately, companies fail to recognize the mainframe in the same way they would other points of infrastructure in the larger security discussion. This long-standing technology has also evolved over the years, migrating from the very core of most businesses’ operations to a specialized bit of hardware that can connect to all sorts of on-and off-network apps that work alongside it. But this natural course of evolution opens the door to its own risk. Enterprise Executive | 2023: Issue 5 Mainframes are connected to external networks these days and therefore vulnerable to an increased likelihood of a threat actor being able to attack. Following arbitrary best practices and leaving it at that can no longer be an option. There is simply too much at stake, and the right third-party partner can help overcome it. The Business and Technical Realities of Smart Security Most top-level security discussions are at least partially defined by friction between business goals and IT needs, particularly when it comes to regulatory compliance. The business-side tendency to fix things after they break and only prevent the same thing from happening again is dangerous when applied to cybersecurity. So is the drive to reduce software costs by cutting down on preventative practices.