VIEW FROM THE TOP BY Chris O'Malley, CEO
The world’s largest banks, insurance companies, telcos and retailers store their most critical and sensitive data on the mainframe, the most robust and securable system in the enterprise. Despite the incalculable value of this data, most organizations rely on inadequate security monitoring approaches to detect and thwart cybersecurity threats. It’s true the mainframe is highly secure, but it’s not immune to insiders who want to access sensitive data for their own nefarious purposes or malicious outsiders who’ve obtained the logins of privileged users through spear-phishing exercises. Security teams are blind to who has accessed what data and why, relying on audit reports compiled from mainframe log and System Management Facility (SMF) data, which don’t provide the level of granularity needed to identify malicious behavior.
Compuware recently introduced Application Audit, a cybersecurity and compliance solution that dramatically enhances the ability of enterprises to stop insider threats by fully capturing and analyzing start-to-finish mainframe application user behavior—including specific data browsed, successful logins, session keyboard commands and more. The data can be fed into popular SIEM engines like Splunk, IBM QRadar and HPE Security ArcSight ESM to answer such questions as, are users accessing specific data repeatedly, for how long and what are they doing with it?
With the average cost of a data breach coming in at around $4 million and looming GDPR mandates with which companies must comply or face hefty fines, Application Audit is an excellent tool to have in your arsenal.