CIO Survey: Mainframe More Secure Than Other Systems But 78% Say Insider Threats Are A Blind Spot

CIO Survey: Mainframe More Secure Than Other Systems But 78% Say Insider Threats Are A Blind Spot
06.06.2017 11:00 am

CIO Survey: Mainframe More Secure Than Other Systems But 78% Say Insider Threats Are A Blind Spot


Compuware Corporation, the world’s leading mainframe-dedicated software company, today released a survey of financial services CIOs showing that while most (86%) say their mainframe is more secure than other systems, the majority (78%) say they are still exposed to a significant risk of insider threats due to blind-spots in internal data access and controls.

The survey was conducted by independent research company Vanson Bourne, and administered in April to 400 CIOs at large companies (including 66 respondents from the financial services sector) covering a cross-section of vertical markets in France, Germany, Italy, Spain, the UK and the U.S. Key findings include: 

  • 59% of organizations in financial services use the mainframe as a core repository of their most sensitive data, storing either more or equal amounts of customers’ Personally Identifiable Information (PII) there as they do on other systems.
  • 86% of financial services organizations said their mainframe is more secure than other systems, with a further 14% saying it was equally as secure, underscoring why their most sensitive data is stored on the mainframe.
  • 78% of organizations in financial services said they have a “blind spot” concerning what mainframe data is being accessed and how it’s being used.
  • 84% also find it difficult to track who has accessed data stored on the mainframe, exposing them to an increased risk of insider threats.

“The mainframe has always been the most securable platform in the enterprise; which is why organizations continue to entrust their most sensitive data to it,” said John Crossno, product manager, Compuware. “However, businesses still face the risk that privileged employees, or those who have acquired access illegally, will misuse mainframe data. Organizations must take steps to gain more visibility over who is accessing data and how they are using it.”

The research further revealed that the most common measures being used to overcome insider security risks include:

  • Saving security log files for future reference (79%)
  • Regularly scanning security logs for inconsistencies (68%) 
  • Using a SIEM system to perform security analytics using mainframe data (80%)
  • Using a SIEM system to combine mainframe data with security data from other systems (45%)

However, just 2% of financial services organizations monitor user and database activity to tackle insider threats on the mainframe.

“Most enterprises rely solely on disparate logs and SMF data from security products such as RACF to piece together user behaviour,” added Crossno. “Even those who are integrating that data into their SIEM aren’t getting the level of insight needed to identify a malicious insider. Organizations need deep insight into what data was viewed, by whom and which applications were used to access it. This can only be achieved by directly capturing complete, start-to- finish user session activity data in real time, and integrating it into a SIEM platform such as Splunk for deep analysis.”

To help organizations better meet todays’ security challenges, Compuware has published the white paper, “Mainframe Security in a Hybrid/Mobile World: New Best Practices for the New Threat Matrix.” The paper presents six straightforward, non-disruptive measures to help organisations address insider threats on the mainframe.

Related News

Coin Metrics Raises $6M

Coin Metrics, the leading provider of Cryptoasset Data and Infrastructure for institutional investorsannounced today that it completed a $6 million... Read more »

Alibaba Cloud and Multi-Lingual Support from the Global MediXchange of Combating Covid-19 (GMCC) programme

Over 440 medical institutions from 104 countries and regions have applied to learn and share experiences in battling COVID-19 through the ... Read more »

Spanish authorities approve offer from SIX

SIX Group AG (“SIX”), the Swiss financial markets infrastructure operator, today received authorisation from the CNMV for its all-cash voluntary tender offer for Bolsas y... Read more »

Refinitiv makes strategic investment in ModuleQ and its intelligent app

Refinitiv, one of the world’s largest providers of financial markets data and infrastructure, has invested in and entered a strategic partnership agreement with ModuleQ, a... Read more »

James Hambro & Partners selects InvestCloud for digital transformation

Leading independent wealth management group James Hambro & Partners (JH&P) has selected global FinTech firm ... Read more » partners with SFOX to expand liquidity and provide rapid OTC settlement

London-based institutional custody and prime brokerage firm,, today announces its partnership with the first U.S. prime dealer, SFOX.

The integration will... Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel