Mainframes are said to hold 70% of the most critical enterprise data, and IBM says 100% of all credit card transactions pass through a mainframe. Contrary to conventional wisdom, there have been documented, external successful mainframe breaches. Yet many organizations are treating their mainframe as some isolated silo, both impregnable and “off the radar” to the excellent security operations center (SOC) tools that most organizations already possess.
All security information and event management (SIEM) systems present SOC data in real time, however mainframe data for these SIEM systems continues to come in the form of nightly reporting. Nightly printed reports were good enough 20 years ago, but today you need proactive, real-time reporting of the state of your entire enterprise, not just the distributed data SIEM systems monitor.
Come to this presentation and hear how you can get real-time alerts for mainframe security events, using the SIEM system that you already own. Learn how you can correlate mainframe security violations, TCP/IP logons, DB2 events and file integrity events – with attacks on your enterprise firewalls and non-mainframe servers – in real-time.
This presentation will show you how to avoid the IT maladies we see every day as major brands reluctantly divulge cyber-breach news headlines. After seeing this presentation, you will learn that it is better to call the doctor and take some preventive IT “medicine,” than to have to call the undertaker.