TechChannel: Why Mainframe Security Postures Vary So Widely

NetSPI’s Director of Mainframe Penetration Testing, Phil Young, spoke with TechChannel’s Andrew Wig about why mainframe security postures vary widely. He highlights common omissions, such as FTPS, MFA, output security, data access controls, stronger passwords, AES hashing, and TSO pre-prompt. In addition, he explains how disruption fears, silos, and legacy processes let risks persist, despite clear and often simple fixes.

Read the preview below or find the full story online here.

+++

As a penetration tester responsible for probing mainframe systems for vulnerabilities, Phil Young is a sandcastle’s worst nightmare.

“Sometimes I feel like I’m coming in and someone’s built a really beautiful castle, and I’m coming in and kicking it down and saying, you didn’t put up a fence. And now they have to really go back and build a fence and rethink their controls,” Young, director of mainframe penetration testing at NetSPI, tells TechChannel.

Some mainframes are locked down like a vault. Some are riddled with misconfigurations. But why do these security postures vary so widely? From his 20 years spent plumbing the depths of mainframe environments to identify security gaps, Young has some answers. Many of them lie in the nooks and crannies of vast, complex systems.

“So many potential gaps, thus so many potential security configurations,” says Young.

Read the full article here.