We Know Security Is A Concern, But What Is Actually Going On?

March 6, 2023 Timothy Prickett Morgan

It is an uncomfortable truth that security is a very high concern among IBM i shops – and consistently has polled as the most important concern for the past several years – but that concern does not always translate into dedicating more resources to security tools or the expertise of others with managed services who can help.

It is one thing to know that security is top of mind, but it is another thing entirely to have a sense of the relative prevalence of different kinds of attacks and the actions of hackers in the wake of a successful attack.

To help sort it out, and give its customers some insight on what is going on and what they need to defend against, Big Blue has just released its Security X-Force Threat Intelligence Index 2023 report, which you can download here and which we strongly suggest you – or whoever is responsible for securing you IBM i and other platforms in your IT shop – do.

First, let’s take a look at where the attacks are happening:

This is very interesting. In 2022, data from which is used to come up with the 2023 threat intelligence index, manufacturing companies accounted for 24.8 percent of attacks, but interestingly only represented 10.7 percent of the gross domestic product in the United States from 2021. (We don’t have final GDP figures for 2022 as yet.) Manufacturers tend to have a lot of older systems running their facilities and their back offices, and this may be a measure of opportunity.

This stands to reason some. You have to figure that the IT security at financial services companies – those engaging in banking, insurance, and real estate – that comprised 21 percent of US GDP in 2022 would have a lower share of attacks given the stauncher security requirements at such companies. But financial firms accounted for 21 percent of GDP in 2021 and 18.9 percent of attacks in 2022, figures that are within spitting distance of each other. You would have figured that many attackers would be leery of attacking financial services firms, but clearly, it works based on the data compiled by IBM’s Security X-Force division. The share of attacks (14.6) and the relative size of professional services in terms of GDP (13 percent) are close. The share of retail and wholesale GDP (6 percent) is smaller than the attacks in these industries (8.7 percent), which tells us there is something about these industries that seems to make them easier to target but not the most frequently targeted industries.

The ransomware epidemic is rising because the attacks are successful, although IBM pointed out that 67 percent of the backdoor cases were failed ransomware attacks and the companies were able to find it and shut it down before the extortion or damage from the attackers was done.

People have been worried about having their data stolen and their systems compromised for decades in the IBM i market, but it seems far more likely these days that attackers will try to extort money. And companies that have insurance against hackers and malware have to be careful to be able to demonstrate that they are doing their due diligence and either having or renting the expertise to keep their systems locked down against threats.

Theft of data is a close second to extortion, as you can see, and hackers are also interested in harvesting credentials of employees and partners and in getting their hands on data or soiled the reputation of the companies they hack.

We have said this before and we will say it again. We think that at most IBM i shops, the applications and extending them with new functionality and supporting them (sometimes at scale) is the key responsibility of the IBM i part of the IT organization. This is the core competency of the organization, and it probably has been that way for decades. But locking down systems against threats is not a core competency for most companies, and it is not only the easiest thing to offload to a managed services provider but it is also the one that should be offloaded first. The best insurance policy is not one underwritten by a big insurance company, but in acquiring the expertise to lock down the IBM i systems and its applications and databases. Security should be the first thing – and maybe the only thing – that IBM i shops should offload to a well-respected, knowledgeable third party.

One thought on “We Know Security Is A Concern, But What Is Actually Going On?”

ema tissani says:

March 6, 2023 at 9:05 am

regarding security I do think that IBMi is one of the most securable core platform.
It has things like adopted security and owner security that allows for a pretty strict policy around the database data and access to data (i.e. program mediated access to data, where the authority is in the program, not no the access profile).
Added to that is the possibility to hook custom external programs in many workflows (exit programs) to do auditing or pretty much any custom authorization.
yes – giving *ALLOBJ to all user, it is not the most secure thing to do : ) still I see many system with really open system and default accounts and open to the internet : ) and still running in place …. do that with a windows platform, the system will be hacked in 1 minute online : )

This Issue Sponsored By

Table of Contents

Content archive

Recent Posts

Subscribe

Pages

Search