Cyber security and the mainframe (v1.3)

Rui Miguel Feio
Rui Miguel FeioSenior Technical Lead at RSM Partners
Cyber  Security  and  the   Mainframe   Rui  Miguel  Feio   RSM  Partners     Date  of  presenta<on  (03/11/2015)   Session  <FC>  
Delivering  the  best  in  z  services,  soJware,  hardware  and  training.  Delivering  the  best  in  z  services,  soJware,  hardware  and  training.   World  Class,  Full  Spectrum,  z  Services   Cyber  Security  and  the  Mainframe   Rui  Miguel  Feio   Security  Lead  
Agenda     •  Introduc<on   •  Cyber  Crime   •  Recent  APacks   •  The  Mainframe   •  What  to  Do   •  World  Wide  Real-­‐Time  Cyber  APacks   •  References  and  Resources   •  Ques<ons?  
Introduc<on   Rui  Miguel  Feio  is…   –  Security  lead  at  RSM  Partners   –  Mainframe  technician  specialising  in  mainframe  security   –  Has  been  working  with  mainframes  for  the  past  16  years   –  Started  as  an  MVS  Systems  Programmer   –  Experience  in  other  plaorms  as  well  
Cyber  Crime  
Cyber  Crime  –  The  Actors   •  Cyber  Crime  is  any  criminal  act  dealing  with  electronic  devices  and   networks.  Cyber  crime  also  includes  tradi<onal  crimes  conducted   through  the  Internet.     •  The  typical  actors  of  cyber  crime  ac<vi<es:   –  Hackers   –  Organised  Criminal  Gangs   –  Hack<vists   –  Terrorists   –  Na<on-­‐States   –  Internal  Threats  
2015  Cost  of  Cyber  Crime  Study   •  Ponemon  Ins<tute  report  sponsored  by  HP  Enterprise  published  in   October  2015:   –  “2015  Cost  of  Cyber  Crime  Study:  Global”   •  Global  study  at  a  glance:   –  252  companies  in  7  countries:   •  United  States,  UK,  Germany,  Australia,  Japan,  Russia  and  Brazil   –  2,128  interviews  with  company  personnel   –  1,928  total  aPacks  used  to  measure  total  cost   –  $7.7  million  USD  is  the  average  annualised  cost   –  1.9%  net  increase  over  the  past  year  
Average  Cost  of  Cyber  Crime  2015   **  Cost  in  millions  of  US  Dollars   Although  we  see  a  cost  decrease   in  some  of  the  countries,  this  is   due  to  exchange  rate  differences   over  the  past  year  resul<ng  from   a  strong  USD.     Adjus<ng  for  exchange  rate   differences  we  actually  see  a  net   increase  in  all  countries.  
Average  Cost  by  Industry  2015   *  Cost  in  millions  of   US  dollars    
Types  of  Cyber  APacks  in  2015  
Cyber  Crime  Cost  by  APack  2015  
Report  Summary  Highlights   •  Cyber  crime  con<nues  to  be  on  the  rise  for  organisa<ons:   –  Cost  ranges  $310  K  -­‐  $65  million  with  an  average  of  $7.7  million   •  The  most  costly  cyber  crimes  are  those  caused  by  malicious   insiders,  denial  of  services  (DoS)  and  web-­‐based  aPacks.   •  Cyber  aPacks  can  get  costly  if  not  resolved  quickly   –  The  mean  number  of  days  to  resolve  is  46  with  an  average  cost  of  $21,155  per   day   –  Total  cost  of  $973,130  over  the  46  day  remedia<on  period  
Report  Summary  Highlights   •  Business  disrup<on  represents  39%  of  total  external  costs,  followed   by  the  costs  associated  with  informa<on  loss.   •  Deployment  of  security  intelligence  systems  (SIEM)  represents  an   average  cost  savings  of  $1.9  million  
Recent  APacks  
Recent  APacks   *  Informa>on  is  Beau>ful  (hAp://www.informa>onisbeau>ful.net/visualiza>ons/worlds-­‐biggest-­‐data-­‐breaches-­‐hacks/)  
The  Mainframe  
  “If  you  give  an  hacker  a  new  toy,   the  first  thing  he'll  do  is  take  it   apart  to  figure  out  how  it  works.”   Jamie  Zawinski  
How  Secure  is  the  Mainframe?   •  “The  mainframe  is  the  most  secured  plaorm  there  is!”   •  “No  one  Hacks  the  mainframe!”   •  “Only  mainframers  know  how  a  mainframe  works!”   •  “You  would  need  to  work  for  the  company  to  be  able  to  do  some   harm  to  the  mainframe,  and  no  one  does  it.”   •  “Hackers  are  not  interested  in  the  mainframe!”  
How  Secure  is  the  Mainframe?   •  “The  mainframe  is  the  most  secured  plaorm  there  is!”   –  It’s  definitely  highly  securable  but  that  requires  work  and  focus   •  “No  one  Hacks  the  mainframe!”   –  There  are  several  documented  cases  of  mainframes  being  hacked   •  “Only  mainframers  know  how  a  mainframe  works!”   –  Mainframe  documenta>on  is  available  for  free  on  the  internet?!   •  “You  would  need  to  work  for  the  company  to  be  able  to  do  some   harm  to  the  mainframe,  and  no  one  does  it.”   –  Given  the  opportunity  any  employee  may  take  advantage  (and  they  have!)   •  “Hackers  are  not  interested  in  the  mainframe!”   –  Oh  boy,  you  are  coming  for  a  surprise!!  
“There  are  regular  ac>ons  that  an  aAacker  takes   because  they  are  aAackers.  They  don’t  know  your   network  the  way  you  do.  They  don’t  know  which   accounts  have  greater  access.  They  don’t  know  which   file  servers  contain  more  data.  They  have  to  discover   it  all.”   ScoP  Kennedy,  Cloudshield  blog  
A  Typical  Company   Mainframe   “Shared”  Servers   Servers   Service  Providers   Customers   Company  Servers   Unaccounted     Servers   Decommissioned   Servers  
“Shared”  Servers  –  Candy  Shops   •  Technical  documenta<on   •  Processes  &  Procedures   •  Instruc<ons   •  Training  material   •  Contacts   •  Departments/teams  structure   •  Confiden<al  documenta<on   •  Team  backups   •  Personal  backups…  
Personal  Backups…   •  Technical  notes     •  Technical  documents   •  Confiden<al  informa<on   •  Personal  informa<on   •  Contacts   •  Passwords   •  Email  account  backups   •  Pics  of  girls  in  bikini!!  
  “The  hacker  is  going  to  look  for   the  crack  in  the  wall…”     Kevin  Mitnick  in  “The  Art  of  Intrusion”  
What  to  Do?  
How  to  Prevent?   •  Security  must  be  seen  as  a  whole   •  Company  needs  to  work  as  One   •  Review  en<re  technological  estate   •  Review  processes  /  procedures   •  Educate  employees  and  externals   •  Get  external  expert  help  and  support   •  Keep  updated  and  up-­‐to-­‐date   •  Repeat  all  these  steps  on  a  regular  basis   •  OR  You  can  get  Chuck  and  his  seal  of  approval  
For  those  of  you  who  are  going  senile…  
Contact  Chuck  via  Gmail  
World  Wide     Real-­‐Time  Cyber  APacks    
*  NORSE  IPViking  (hAp://map.ipviking.com/)   Cyber  APacks  –  Norse  IPViking  
Cyber  APacks  –  Blitzortung   *  Blitzortung  (hAp://www.blitzortung.org/Webpages/index.php?lang=en)  
References  &  Resources  
References  &  Resources   •  “2015  Cost  of  Cyber  Crime  Study:  Global”,  Ponemon  Ins<tute   •  “The  Art  of  Intrusion”,  Kevin  Mitnick  -­‐  John  Wiley  &  Sons  (2005)   •  “Future  Crimes”,  Marc  Goodman  -­‐  Bantam  Press  (2015)   •  “How  to  Think  Like  a  Cyber  APacker”,  ScoP  Kennedy  –  Cloudshield  blog   •  Ponemon  Ins<tute:  www.ponemon.org   •  Informa<on  is  Beau<ful:  www.informa<onisbeau<ful.net   •  NORSE  –  IPViking:  map.ipviking.com   •  Blitzortung:  www.blitzortung.org/Webpages/index.php?lang=en   •  Jamie  Zawinski:  en.wikipedia.org/wiki/Jamie_Zawinski   •  Kevin  Mitnick:  en.wikipedia.org/wiki/Kevin_Mitnick  
Ques<ons?     Ask  now  or  forever  be  quiet!!  
Rui  Miguel  Feio,  RSM  Partners     ruif@rsmpartners.com   mobile:  +44  (0)  7570  911459   linkedin:  www.linkedin.com/in/rfeio   www.rsmpartners.com   Contact  
Session feedback – Do it online at conferences.gse.org.uk/2015/feedback/nn Session feedback •  Please submit your feedback at http://conferences.gse.org.uk/2015/feedback/FC •  Session is <FC> This is the last slide in the deck 36
1 of 36

Cyber security and the mainframe (v1.3)

Download to read offline
Technology

In a digital age of cloud computing and mobile systems; where cyber security, cyber crime and cyber war are part of the day-to-day vocabulary, how secure is the mainframe? Is it safe to assume that the mainframe is secure by default? Can we ignore the fact that the mainframe is just another platform in the great scheme of things? How vital is the mainframe and the data that it stores for you and your company?

Rui Miguel Feio
Rui Miguel FeioSenior Technical Lead at RSM Partners

Recommended

Share 2015 - 5 Myths that can put your Mainframe at risk (v1.3) by
Share 2015 - 5 Myths that can put your Mainframe at risk (v1.3)Share 2015 - 5 Myths that can put your Mainframe at risk (v1.3)
Share 2015 - 5 Myths that can put your Mainframe at risk (v1.3)Rui Miguel Feio
634 views35 slides
How to Protect Your Mainframe from Hackers (v1.0) by
How to Protect Your Mainframe from Hackers (v1.0)How to Protect Your Mainframe from Hackers (v1.0)
How to Protect Your Mainframe from Hackers (v1.0)Rui Miguel Feio
1K views43 slides
Mainframe Security - It's not just about your ESM v2.2 by
Mainframe Security - It's not just about your ESM v2.2Mainframe Security - It's not just about your ESM v2.2
Mainframe Security - It's not just about your ESM v2.2Rui Miguel Feio
798 views46 slides
Security Audit on the Mainframe (v1.0 - 2016) by
Security Audit on the Mainframe (v1.0 - 2016)Security Audit on the Mainframe (v1.0 - 2016)
Security Audit on the Mainframe (v1.0 - 2016)Rui Miguel Feio
869 views36 slides
2017 - A New Look at Mainframe Hacking and Penetration Testing v2.2 by
2017 - A New Look at Mainframe Hacking and Penetration Testing v2.22017 - A New Look at Mainframe Hacking and Penetration Testing v2.2
2017 - A New Look at Mainframe Hacking and Penetration Testing v2.2Rui Miguel Feio
2K views48 slides
(2017) GDPR – What Does It Mean For The Mainframe v0.2 by
(2017) GDPR – What Does It Mean For The Mainframe v0.2(2017) GDPR – What Does It Mean For The Mainframe v0.2
(2017) GDPR – What Does It Mean For The Mainframe v0.2Rui Miguel Feio
748 views37 slides

More Related Content

What's hot

Network and Endpoint Security v1.0 (2017) by
Network and Endpoint Security v1.0 (2017)Network and Endpoint Security v1.0 (2017)
Network and Endpoint Security v1.0 (2017)Rui Miguel Feio
1.5K views32 slides
2017 - Data Privacy and GDPR (v1.1) by
2017 - Data Privacy and GDPR (v1.1)2017 - Data Privacy and GDPR (v1.1)
2017 - Data Privacy and GDPR (v1.1)Rui Miguel Feio
460 views31 slides
Keynote at the Cyber Security Summit Prague 2015 by
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Claus Cramon Houmann
752 views40 slides
How to Improve RACF Performance (v0.2 - 2016) by
How to Improve RACF Performance (v0.2 - 2016)How to Improve RACF Performance (v0.2 - 2016)
How to Improve RACF Performance (v0.2 - 2016)Rui Miguel Feio
1.3K views32 slides
Keynote Information Security days Luxembourg 2015 by
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Claus Cramon Houmann
666 views43 slides
Application Security Done Right by
Application Security Done RightApplication Security Done Right
Application Security Done Rightpvanwoud
1.1K views89 slides

What's hot(20)

Network and Endpoint Security v1.0 (2017) by Rui Miguel Feio
Network and Endpoint Security v1.0 (2017)Network and Endpoint Security v1.0 (2017)
Network and Endpoint Security v1.0 (2017)
Rui Miguel Feio1.5K views
2017 - Data Privacy and GDPR (v1.1) by Rui Miguel Feio
2017 - Data Privacy and GDPR (v1.1)2017 - Data Privacy and GDPR (v1.1)
2017 - Data Privacy and GDPR (v1.1)
Rui Miguel Feio460 views
Keynote at the Cyber Security Summit Prague 2015 by Claus Cramon Houmann
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015
Claus Cramon Houmann752 views
How to Improve RACF Performance (v0.2 - 2016) by Rui Miguel Feio
How to Improve RACF Performance (v0.2 - 2016)How to Improve RACF Performance (v0.2 - 2016)
How to Improve RACF Performance (v0.2 - 2016)
Rui Miguel Feio1.3K views
Keynote Information Security days Luxembourg 2015 by Claus Cramon Houmann
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015
Claus Cramon Houmann666 views
Application Security Done Right by pvanwoud
Application Security Done RightApplication Security Done Right
Application Security Done Right
pvanwoud1.1K views
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design by NCC Group
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
NCC Group543 views
Presentation infra and_datacentrre_dialogue_v2 by Claus Cramon Houmann
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2
Claus Cramon Houmann439 views
Common WebApp Vulnerabilities and What to Do About Them by Eoin Woods
Common WebApp Vulnerabilities and What to Do About ThemCommon WebApp Vulnerabilities and What to Do About Them
Common WebApp Vulnerabilities and What to Do About Them
Eoin Woods1.4K views
Data Security For SMB - Fly first class on a budget by Flaskdata.io
Data Security For SMB - Fly first class on a budgetData Security For SMB - Fly first class on a budget
Data Security For SMB - Fly first class on a budget
Flaskdata.io306 views
Qualys user group presentation - vulnerability management - November 2009 v1 3 by Tom King
Qualys user group presentation - vulnerability management - November 2009 v1 3Qualys user group presentation - vulnerability management - November 2009 v1 3
Qualys user group presentation - vulnerability management - November 2009 v1 3
Tom King686 views
12 Simple Cybersecurity Rules For Your Small Business by NSUGSCIS
12 Simple Cybersecurity Rules For Your Small Business 12 Simple Cybersecurity Rules For Your Small Business
12 Simple Cybersecurity Rules For Your Small Business
NSUGSCIS506 views
Defending Enterprise IT - beating assymetricality by Claus Cramon Houmann
Defending Enterprise IT - beating assymetricalityDefending Enterprise IT - beating assymetricality
Defending Enterprise IT - beating assymetricality
Claus Cramon Houmann930 views
Security challenges in 2017 by Etienne Liebetrau
Security challenges in 2017Security challenges in 2017
Security challenges in 2017
Etienne Liebetrau72 views
7 Habits of Highly Secure Organizations by HelpSystems
7 Habits of Highly Secure Organizations7 Habits of Highly Secure Organizations
7 Habits of Highly Secure Organizations
HelpSystems138 views
Even In 2014, Attackers are on steroid on Cloud, since the IT spending on Web... by Sreejesh Madonandy
Even In 2014, Attackers are on steroid on Cloud, since the IT spending on Web...Even In 2014, Attackers are on steroid on Cloud, since the IT spending on Web...
Even In 2014, Attackers are on steroid on Cloud, since the IT spending on Web...
Sreejesh Madonandy404 views
BITZ BOOTCAMP DC: Expo Showcase - U2Cloud by Localogy
BITZ BOOTCAMP DC: Expo Showcase - U2CloudBITZ BOOTCAMP DC: Expo Showcase - U2Cloud
BITZ BOOTCAMP DC: Expo Showcase - U2Cloud
Localogy107 views
The Cloud Security Landscape by Peter Wood
The Cloud Security LandscapeThe Cloud Security Landscape
The Cloud Security Landscape
Peter Wood885 views
2019 FRSecure CISSP Mentor Program: Class Ten by FRSecure
2019 FRSecure CISSP Mentor Program: Class Ten2019 FRSecure CISSP Mentor Program: Class Ten
2019 FRSecure CISSP Mentor Program: Class Ten
FRSecure791 views
Top 5 myths of it security in the light of current events tisa pro talk 4 2554 by TISA
Top 5 myths of it security in the light of current events tisa pro talk 4 2554Top 5 myths of it security in the light of current events tisa pro talk 4 2554
Top 5 myths of it security in the light of current events tisa pro talk 4 2554
TISA752 views

Similar to Cyber security and the mainframe (v1.3)

Current & Emerging Cyber Security Threats by
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsNCC Group
1.5K views19 slides
Fortify technology by
Fortify technologyFortify technology
Fortify technologyImad Nom de famille
1.1K views20 slides
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and... by
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...SaraPia5
32 views41 slides
Today's Cyber Challenges: Methodology to Secure Your Business by
Today's Cyber Challenges: Methodology to Secure Your BusinessToday's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your BusinessJoAnna Cheshire
158 views41 slides
Learnings from 7 Years of Integrating Mission-Critical IBM Z® and IBM i with ... by
Learnings from 7 Years of Integrating Mission-Critical IBM Z® and IBM i with ...Learnings from 7 Years of Integrating Mission-Critical IBM Z® and IBM i with ...
Learnings from 7 Years of Integrating Mission-Critical IBM Z® and IBM i with ...Precisely
89 views33 slides
Protecting Your IP: Data Security for Software Technology by
Protecting Your IP: Data Security for Software TechnologyProtecting Your IP: Data Security for Software Technology
Protecting Your IP: Data Security for Software TechnologyShawn Tuma
305 views16 slides

Similar to Cyber security and the mainframe (v1.3)(20)

Current & Emerging Cyber Security Threats by NCC Group
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security Threats
NCC Group1.5K views
Fortify technology by Imad Nom de famille
Fortify technologyFortify technology
Fortify technology
Imad Nom de famille1.1K views
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and... by SaraPia5
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
SaraPia532 views
Today's Cyber Challenges: Methodology to Secure Your Business by JoAnna Cheshire
Today's Cyber Challenges: Methodology to Secure Your BusinessToday's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your Business
JoAnna Cheshire158 views
Learnings from 7 Years of Integrating Mission-Critical IBM Z® and IBM i with ... by Precisely
Learnings from 7 Years of Integrating Mission-Critical IBM Z® and IBM i with ...Learnings from 7 Years of Integrating Mission-Critical IBM Z® and IBM i with ...
Learnings from 7 Years of Integrating Mission-Critical IBM Z® and IBM i with ...
Precisely89 views
Protecting Your IP: Data Security for Software Technology by Shawn Tuma
Protecting Your IP: Data Security for Software TechnologyProtecting Your IP: Data Security for Software Technology
Protecting Your IP: Data Security for Software Technology
Shawn Tuma305 views
Cloud security by Tushar Kayande
Cloud securityCloud security
Cloud security
Tushar Kayande881 views
Browser isolation (isc)2 may presentation v2 by Wen-Pai Lu
Browser isolation (isc)2 may presentation v2Browser isolation (isc)2 may presentation v2
Browser isolation (isc)2 may presentation v2
Wen-Pai Lu644 views
Security in an Interconnected and Complex World of Software by Michael Coates
Security in an Interconnected and Complex World of SoftwareSecurity in an Interconnected and Complex World of Software
Security in an Interconnected and Complex World of Software
Michael Coates7.3K views
Ransomware: The Impact is Real by NICSA
Ransomware: The Impact is RealRansomware: The Impact is Real
Ransomware: The Impact is Real
NICSA255 views
Testing Is How You Avoid Looking Stupid by Steve Branam
Testing Is How You Avoid Looking StupidTesting Is How You Avoid Looking Stupid
Testing Is How You Avoid Looking Stupid
Steve Branam298 views
Today's Breach Reality, The IR Imperative, And What You Can Do About It by Resilient Systems
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Resilient Systems661 views
Understanding Technology Stakeholders by John Gilligan
Understanding Technology StakeholdersUnderstanding Technology Stakeholders
Understanding Technology Stakeholders
John Gilligan2.8K views
Understanding Technology Stakeholders: Their Progress and Challenges by John Gilligan
Understanding Technology Stakeholders: Their Progress and ChallengesUnderstanding Technology Stakeholders: Their Progress and Challenges
Understanding Technology Stakeholders: Their Progress and Challenges
John Gilligan93 views
Cyber Security: Past and Future by John Gilligan
Cyber Security: Past and FutureCyber Security: Past and Future
Cyber Security: Past and Future
John Gilligan127 views
Mickey pacsec2016_final by PacSecJP
Mickey pacsec2016_finalMickey pacsec2016_final
Mickey pacsec2016_final
PacSecJP1.4K views
cyber forensics by Ambuj Kumar
cyber forensicscyber forensics
cyber forensics
Ambuj Kumar224 views
CRI Cyber Board Briefing by OCTF Industry Engagement
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing
OCTF Industry Engagement5.4K views
Cyber Security: Past and Future by John Gilligan
Cyber Security: Past and FutureCyber Security: Past and Future
Cyber Security: Past and Future
John Gilligan689 views
[Webinar] Building a Product Security Incident Response Team: Learnings from ... by bugcrowd
[Webinar] Building a Product Security Incident Response Team: Learnings from ...[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
bugcrowd929 views

More from Rui Miguel Feio

RACF - The Basics (v1.2) by
RACF - The Basics (v1.2)RACF - The Basics (v1.2)
RACF - The Basics (v1.2)Rui Miguel Feio
7.5K views53 slides
2017 - Ciberseguranca v1.0 (versao em Portugues) by
2017 - Ciberseguranca v1.0 (versao em Portugues)2017 - Ciberseguranca v1.0 (versao em Portugues)
2017 - Ciberseguranca v1.0 (versao em Portugues)Rui Miguel Feio
507 views48 slides
2017 - Cibersecurity v1.0 (English version) by
2017 - Cibersecurity v1.0 (English version)2017 - Cibersecurity v1.0 (English version)
2017 - Cibersecurity v1.0 (English version)Rui Miguel Feio
802 views47 slides
Tackling the cyber security threat (2016 - v1.0) by
Tackling the cyber security threat (2016 - v1.0)Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)Rui Miguel Feio
474 views11 slides
Cyber Crime - The New World Order (v1.0 - 2016) by
Cyber Crime - The New World Order (v1.0 - 2016)Cyber Crime - The New World Order (v1.0 - 2016)
Cyber Crime - The New World Order (v1.0 - 2016)Rui Miguel Feio
728 views43 slides
Cybercrime Inc. v2.2 by
Cybercrime Inc. v2.2Cybercrime Inc. v2.2
Cybercrime Inc. v2.2Rui Miguel Feio
358 views61 slides

More from Rui Miguel Feio(10)

RACF - The Basics (v1.2) by Rui Miguel Feio
RACF - The Basics (v1.2)RACF - The Basics (v1.2)
RACF - The Basics (v1.2)
Rui Miguel Feio7.5K views
2017 - Ciberseguranca v1.0 (versao em Portugues) by Rui Miguel Feio
2017 - Ciberseguranca v1.0 (versao em Portugues)2017 - Ciberseguranca v1.0 (versao em Portugues)
2017 - Ciberseguranca v1.0 (versao em Portugues)
Rui Miguel Feio507 views
2017 - Cibersecurity v1.0 (English version) by Rui Miguel Feio
2017 - Cibersecurity v1.0 (English version)2017 - Cibersecurity v1.0 (English version)
2017 - Cibersecurity v1.0 (English version)
Rui Miguel Feio802 views
Tackling the cyber security threat (2016 - v1.0) by Rui Miguel Feio
Tackling the cyber security threat (2016 - v1.0)Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)
Rui Miguel Feio474 views
Cyber Crime - The New World Order (v1.0 - 2016) by Rui Miguel Feio
Cyber Crime - The New World Order (v1.0 - 2016)Cyber Crime - The New World Order (v1.0 - 2016)
Cyber Crime - The New World Order (v1.0 - 2016)
Rui Miguel Feio728 views
Cybercrime Inc. v2.2 by Rui Miguel Feio
Cybercrime Inc. v2.2Cybercrime Inc. v2.2
Cybercrime Inc. v2.2
Rui Miguel Feio358 views
Challenges of Outsourcing the Mainframe (v1.2) by Rui Miguel Feio
Challenges of Outsourcing the Mainframe (v1.2)Challenges of Outsourcing the Mainframe (v1.2)
Challenges of Outsourcing the Mainframe (v1.2)
Rui Miguel Feio538 views
IOT & BYOD – The New Security Risks (v1.1) by Rui Miguel Feio
IOT & BYOD – The New Security Risks (v1.1)IOT & BYOD – The New Security Risks (v1.1)
IOT & BYOD – The New Security Risks (v1.1)
Rui Miguel Feio815 views
The Billion Dollar Product - Online Privacy (v2.2) by Rui Miguel Feio
The Billion Dollar Product - Online Privacy (v2.2)The Billion Dollar Product - Online Privacy (v2.2)
The Billion Dollar Product - Online Privacy (v2.2)
Rui Miguel Feio341 views
Implementation of RBAC and Data Classification onto a Mainframe system (v1.5) by Rui Miguel Feio
Implementation of RBAC and Data Classification onto a Mainframe system (v1.5)Implementation of RBAC and Data Classification onto a Mainframe system (v1.5)
Implementation of RBAC and Data Classification onto a Mainframe system (v1.5)
Rui Miguel Feio1.3K views

Recently uploaded

Tunable Laser (1).pptx by
Tunable Laser (1).pptxTunable Laser (1).pptx
Tunable Laser (1).pptxHajira Mahmood
23 views37 slides
Lilypad @ Labweek, Istanbul, 2023.pdf by
Lilypad @ Labweek, Istanbul, 2023.pdfLilypad @ Labweek, Istanbul, 2023.pdf
Lilypad @ Labweek, Istanbul, 2023.pdfAlly339821
9 views45 slides
handbook for web 3 adoption.pdf by
handbook for web 3 adoption.pdfhandbook for web 3 adoption.pdf
handbook for web 3 adoption.pdfLiveplex
19 views16 slides
1st parposal presentation.pptx by
1st parposal presentation.pptx1st parposal presentation.pptx
1st parposal presentation.pptxi238212
9 views3 slides
Uni Systems for Power Platform.pptx by
Uni Systems for Power Platform.pptxUni Systems for Power Platform.pptx
Uni Systems for Power Platform.pptxUni Systems S.M.S.A.
50 views21 slides
From chaos to control: Managing migrations and Microsoft 365 with ShareGate! by
From chaos to control: Managing migrations and Microsoft 365 with ShareGate!From chaos to control: Managing migrations and Microsoft 365 with ShareGate!
From chaos to control: Managing migrations and Microsoft 365 with ShareGate!sammart93
9 views39 slides

Recently uploaded(20)

Tunable Laser (1).pptx by Hajira Mahmood
Tunable Laser (1).pptxTunable Laser (1).pptx
Tunable Laser (1).pptx
Hajira Mahmood23 views
Lilypad @ Labweek, Istanbul, 2023.pdf by Ally339821
Lilypad @ Labweek, Istanbul, 2023.pdfLilypad @ Labweek, Istanbul, 2023.pdf
Lilypad @ Labweek, Istanbul, 2023.pdf
Ally3398219 views
handbook for web 3 adoption.pdf by Liveplex
handbook for web 3 adoption.pdfhandbook for web 3 adoption.pdf
handbook for web 3 adoption.pdf
Liveplex19 views
1st parposal presentation.pptx by i238212
1st parposal presentation.pptx1st parposal presentation.pptx
1st parposal presentation.pptx
i2382129 views
Uni Systems for Power Platform.pptx by Uni Systems S.M.S.A.
Uni Systems for Power Platform.pptxUni Systems for Power Platform.pptx
Uni Systems for Power Platform.pptx
Uni Systems S.M.S.A.50 views
From chaos to control: Managing migrations and Microsoft 365 with ShareGate! by sammart93
From chaos to control: Managing migrations and Microsoft 365 with ShareGate!From chaos to control: Managing migrations and Microsoft 365 with ShareGate!
From chaos to control: Managing migrations and Microsoft 365 with ShareGate!
sammart939 views
Five Things You SHOULD Know About Postman by Postman
Five Things You SHOULD Know About PostmanFive Things You SHOULD Know About Postman
Five Things You SHOULD Know About Postman
Postman27 views
Special_edition_innovator_2023.pdf by WillDavies22
Special_edition_innovator_2023.pdfSpecial_edition_innovator_2023.pdf
Special_edition_innovator_2023.pdf
WillDavies2216 views
Attacking IoT Devices from a Web Perspective - Linux Day by Simone Onofri
Attacking IoT Devices from a Web Perspective - Linux Day Attacking IoT Devices from a Web Perspective - Linux Day
Attacking IoT Devices from a Web Perspective - Linux Day
Simone Onofri15 views
Case Study Copenhagen Energy and Business Central.pdf by Aitana
Case Study Copenhagen Energy and Business Central.pdfCase Study Copenhagen Energy and Business Central.pdf
Case Study Copenhagen Energy and Business Central.pdf
Aitana12 views
Kyo - Functional Scala 2023.pdf by Flavio W. Brasil
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdf
Flavio W. Brasil165 views
Empathic Computing: Delivering the Potential of the Metaverse by Mark Billinghurst
Empathic Computing: Delivering the Potential of the MetaverseEmpathic Computing: Delivering the Potential of the Metaverse
Empathic Computing: Delivering the Potential of the Metaverse
Mark Billinghurst470 views
6g - REPORT.pdf by Liveplex
6g - REPORT.pdf6g - REPORT.pdf
6g - REPORT.pdf
Liveplex9 views
AMAZON PRODUCT RESEARCH.pdf by JerikkLaureta
AMAZON PRODUCT RESEARCH.pdfAMAZON PRODUCT RESEARCH.pdf
AMAZON PRODUCT RESEARCH.pdf
JerikkLaureta15 views
20231123_Camunda Meetup Vienna.pdf by Phactum Softwareentwicklung GmbH
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdf
Phactum Softwareentwicklung GmbH28 views
Melek BEN MAHMOUD.pdf by MelekBenMahmoud
Melek BEN MAHMOUD.pdfMelek BEN MAHMOUD.pdf
Melek BEN MAHMOUD.pdf
MelekBenMahmoud14 views
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive by Network Automation Forum
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLiveAutomating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Network Automation Forum21 views
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院 by IttrainingIttraining
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
IttrainingIttraining34 views
Spesifikasi Lengkap ASUS Vivobook Go 14 by Dot Semarang
Spesifikasi Lengkap ASUS Vivobook Go 14Spesifikasi Lengkap ASUS Vivobook Go 14
Spesifikasi Lengkap ASUS Vivobook Go 14
Dot Semarang35 views
Report 2030 Digital Decade by Massimo Talia
Report 2030 Digital DecadeReport 2030 Digital Decade
Report 2030 Digital Decade
Massimo Talia14 views

Cyber security and the mainframe (v1.3)

  • 1. Cyber  Security  and  the   Mainframe   Rui  Miguel  Feio   RSM  Partners     Date  of  presenta<on  (03/11/2015)   Session  <FC>  
  • 2. Delivering  the  best  in  z  services,  soJware,  hardware  and  training.  Delivering  the  best  in  z  services,  soJware,  hardware  and  training.   World  Class,  Full  Spectrum,  z  Services   Cyber  Security  and  the  Mainframe   Rui  Miguel  Feio   Security  Lead  
  • 3. Agenda     •  Introduc<on   •  Cyber  Crime   •  Recent  APacks   •  The  Mainframe   •  What  to  Do   •  World  Wide  Real-­‐Time  Cyber  APacks   •  References  and  Resources   •  Ques<ons?  
  • 4. Introduc<on   Rui  Miguel  Feio  is…   –  Security  lead  at  RSM  Partners   –  Mainframe  technician  specialising  in  mainframe  security   –  Has  been  working  with  mainframes  for  the  past  16  years   –  Started  as  an  MVS  Systems  Programmer   –  Experience  in  other  plaorms  as  well  
  • 6. Cyber  Crime  –  The  Actors   •  Cyber  Crime  is  any  criminal  act  dealing  with  electronic  devices  and   networks.  Cyber  crime  also  includes  tradi<onal  crimes  conducted   through  the  Internet.     •  The  typical  actors  of  cyber  crime  ac<vi<es:   –  Hackers   –  Organised  Criminal  Gangs   –  Hack<vists   –  Terrorists   –  Na<on-­‐States   –  Internal  Threats  
  • 7. 2015  Cost  of  Cyber  Crime  Study   •  Ponemon  Ins<tute  report  sponsored  by  HP  Enterprise  published  in   October  2015:   –  “2015  Cost  of  Cyber  Crime  Study:  Global”   •  Global  study  at  a  glance:   –  252  companies  in  7  countries:   •  United  States,  UK,  Germany,  Australia,  Japan,  Russia  and  Brazil   –  2,128  interviews  with  company  personnel   –  1,928  total  aPacks  used  to  measure  total  cost   –  $7.7  million  USD  is  the  average  annualised  cost   –  1.9%  net  increase  over  the  past  year  
  • 8. Average  Cost  of  Cyber  Crime  2015   **  Cost  in  millions  of  US  Dollars   Although  we  see  a  cost  decrease   in  some  of  the  countries,  this  is   due  to  exchange  rate  differences   over  the  past  year  resul<ng  from   a  strong  USD.     Adjus<ng  for  exchange  rate   differences  we  actually  see  a  net   increase  in  all  countries.  
  • 9. Average  Cost  by  Industry  2015   *  Cost  in  millions  of   US  dollars    
  • 10. Types  of  Cyber  APacks  in  2015  
  • 11. Cyber  Crime  Cost  by  APack  2015  
  • 12. Report  Summary  Highlights   •  Cyber  crime  con<nues  to  be  on  the  rise  for  organisa<ons:   –  Cost  ranges  $310  K  -­‐  $65  million  with  an  average  of  $7.7  million   •  The  most  costly  cyber  crimes  are  those  caused  by  malicious   insiders,  denial  of  services  (DoS)  and  web-­‐based  aPacks.   •  Cyber  aPacks  can  get  costly  if  not  resolved  quickly   –  The  mean  number  of  days  to  resolve  is  46  with  an  average  cost  of  $21,155  per   day   –  Total  cost  of  $973,130  over  the  46  day  remedia<on  period  
  • 13. Report  Summary  Highlights   •  Business  disrup<on  represents  39%  of  total  external  costs,  followed   by  the  costs  associated  with  informa<on  loss.   •  Deployment  of  security  intelligence  systems  (SIEM)  represents  an   average  cost  savings  of  $1.9  million  
  • 15. Recent  APacks   *  Informa>on  is  Beau>ful  (hAp://www.informa>onisbeau>ful.net/visualiza>ons/worlds-­‐biggest-­‐data-­‐breaches-­‐hacks/)  
  • 17.   “If  you  give  an  hacker  a  new  toy,   the  first  thing  he'll  do  is  take  it   apart  to  figure  out  how  it  works.”   Jamie  Zawinski  
  • 18. How  Secure  is  the  Mainframe?   •  “The  mainframe  is  the  most  secured  plaorm  there  is!”   •  “No  one  Hacks  the  mainframe!”   •  “Only  mainframers  know  how  a  mainframe  works!”   •  “You  would  need  to  work  for  the  company  to  be  able  to  do  some   harm  to  the  mainframe,  and  no  one  does  it.”   •  “Hackers  are  not  interested  in  the  mainframe!”  
  • 19. How  Secure  is  the  Mainframe?   •  “The  mainframe  is  the  most  secured  plaorm  there  is!”   –  It’s  definitely  highly  securable  but  that  requires  work  and  focus   •  “No  one  Hacks  the  mainframe!”   –  There  are  several  documented  cases  of  mainframes  being  hacked   •  “Only  mainframers  know  how  a  mainframe  works!”   –  Mainframe  documenta>on  is  available  for  free  on  the  internet?!   •  “You  would  need  to  work  for  the  company  to  be  able  to  do  some   harm  to  the  mainframe,  and  no  one  does  it.”   –  Given  the  opportunity  any  employee  may  take  advantage  (and  they  have!)   •  “Hackers  are  not  interested  in  the  mainframe!”   –  Oh  boy,  you  are  coming  for  a  surprise!!  
  • 20. “There  are  regular  ac>ons  that  an  aAacker  takes   because  they  are  aAackers.  They  don’t  know  your   network  the  way  you  do.  They  don’t  know  which   accounts  have  greater  access.  They  don’t  know  which   file  servers  contain  more  data.  They  have  to  discover   it  all.”   ScoP  Kennedy,  Cloudshield  blog  
  • 21. A  Typical  Company   Mainframe   “Shared”  Servers   Servers   Service  Providers   Customers   Company  Servers   Unaccounted     Servers   Decommissioned   Servers  
  • 22. “Shared”  Servers  –  Candy  Shops   •  Technical  documenta<on   •  Processes  &  Procedures   •  Instruc<ons   •  Training  material   •  Contacts   •  Departments/teams  structure   •  Confiden<al  documenta<on   •  Team  backups   •  Personal  backups…  
  • 23. Personal  Backups…   •  Technical  notes     •  Technical  documents   •  Confiden<al  informa<on   •  Personal  informa<on   •  Contacts   •  Passwords   •  Email  account  backups   •  Pics  of  girls  in  bikini!!  
  • 24.   “The  hacker  is  going  to  look  for   the  crack  in  the  wall…”     Kevin  Mitnick  in  “The  Art  of  Intrusion”  
  • 26. How  to  Prevent?   •  Security  must  be  seen  as  a  whole   •  Company  needs  to  work  as  One   •  Review  en<re  technological  estate   •  Review  processes  /  procedures   •  Educate  employees  and  externals   •  Get  external  expert  help  and  support   •  Keep  updated  and  up-­‐to-­‐date   •  Repeat  all  these  steps  on  a  regular  basis   •  OR  You  can  get  Chuck  and  his  seal  of  approval  
  • 27. For  those  of  you  who  are  going  senile…  
  • 28. Contact  Chuck  via  Gmail  
  • 29. World  Wide     Real-­‐Time  Cyber  APacks    
  • 30. *  NORSE  IPViking  (hAp://map.ipviking.com/)   Cyber  APacks  –  Norse  IPViking  
  • 31. Cyber  APacks  –  Blitzortung   *  Blitzortung  (hAp://www.blitzortung.org/Webpages/index.php?lang=en)  
  • 33. References  &  Resources   •  “2015  Cost  of  Cyber  Crime  Study:  Global”,  Ponemon  Ins<tute   •  “The  Art  of  Intrusion”,  Kevin  Mitnick  -­‐  John  Wiley  &  Sons  (2005)   •  “Future  Crimes”,  Marc  Goodman  -­‐  Bantam  Press  (2015)   •  “How  to  Think  Like  a  Cyber  APacker”,  ScoP  Kennedy  –  Cloudshield  blog   •  Ponemon  Ins<tute:  www.ponemon.org   •  Informa<on  is  Beau<ful:  www.informa<onisbeau<ful.net   •  NORSE  –  IPViking:  map.ipviking.com   •  Blitzortung:  www.blitzortung.org/Webpages/index.php?lang=en   •  Jamie  Zawinski:  en.wikipedia.org/wiki/Jamie_Zawinski   •  Kevin  Mitnick:  en.wikipedia.org/wiki/Kevin_Mitnick  
  • 34. Ques<ons?     Ask  now  or  forever  be  quiet!!  
  • 35. Rui  Miguel  Feio,  RSM  Partners     ruif@rsmpartners.com   mobile:  +44  (0)  7570  911459   linkedin:  www.linkedin.com/in/rfeio   www.rsmpartners.com   Contact  
  • 36. Session feedback – Do it online at conferences.gse.org.uk/2015/feedback/nn Session feedback •  Please submit your feedback at http://conferences.gse.org.uk/2015/feedback/FC •  Session is <FC> This is the last slide in the deck 36