Bruce Bading

Bruce Bading is a senior security consultant with more than forty years of information security experience and 25 years of corporate c-suite experience. He is an expert on IBM i security and has helped some of IBM's largest clients meet their security and compliance requirements in today's complex technology and business environments. Bruce has exceptional communications skills, has worked with diverse audiences at all business levels to provide training and education and has led dozens of large enterprise risk management projects for the world’s largest organizations. He is a member of the Information Systems Audit and Control Association, a CIS benchmark author, and professional threat hunter.

Guru: IBM i Privileged Account Management, And What’s So Special About Special Authorities

August 1, 2022 Bruce Bading

Privileged Account Management (PAM) is a keystone of cybersecurity. Everywhere we look PAM is a hot topic. How and why should we worry about it? IBM, Ponemon, Verizon, etc., tell you that it is vitally important to protect your endpoints from cyberattacks and insider threats. While the Verizon DBIR states that external threats account for 80 percent of security incidents, it points out their findings that show otherwise for incidents resulting in data compromise where the insider threat exceeded that of an outsider by more than 10 to one. Simply put by Verizon, “This supports the principle that …
Read more
Reader Feedback On Guru: The Finer Points of Exit Points

July 12, 2022 Bruce Bading

Hey, Alex:

Hope you are doing well. I was reading this article about exit points and found some technical inaccuracies.

The Socket Exit can be used to cover the following: You can use exits block all unwanted ports blocked. I will be happy to talk with author of this article to explain how this works.
- Not all services have exit points available.
- User defined ports do not have exit points associated.
Best regards,

— Tony Perera, Trinity Guard, a division of Fresche Solutions

Hey, one and all:

As the article states, exit points are an enhancement to cybersecurity on the …
Read more
Guru: The Finer Points of Exit Points

June 27, 2022 Bruce Bading

Many years ago, we received a call from an IBM i customer stating that all exit points were gone and the QAUDJRN and receivers were missing. Then the question, “Do you think we’ve been hacked?” Truth was, the exit points weren’t gone; the associated programs had been de-registered. Conclusion, they had most likely been compromised.

The IBM i platform is a very securable system that can be secured (Secure vs Secured – What’s the difference?, WikiDiff), if you take steps to secure it.

On the IBM i, a limited number of functions provide an exit so that your …
Read more
Guru: IBM i *USRPRF Security

May 23, 2022 Bruce Bading

IBM i has long enjoyed a reputation of being one of the most securable application servers in the industry. IBM i object encapsulation or object-oriented architecture achieves a level of technology integrity not found in file-based systems such as Unix, Linux, and Windows – as long as QSECUTY is set to 40 or 50.

This advanced technology however does not exclude the IBM i from security risks if your development teams are not practicing (DevSecOps | CSRC (nist.gov)) and (Zero Trust Architecture | NIST).

Let me remind what one of the lead signatories on the Agile …
Read more
Guru: IBM i Unauthenticated Access

April 25, 2022 Bruce Bading

One of the greatest threats to any network, host, or server is unauthenticated access where an attacker can gain local or remote access with no credentials that can lead to a Critical rating with the following descriptions (CVSS v3.1 User Guide (first.org).

Confidentiality Impact Complete (There is total information disclosure, resulting in all system files being revealed.)

Integrity Impact Complete (There is a total compromise of system integrity, and a complete loss of system protection resulting in the entire system being compromised.)

Availability Impact Complete (There is a total shutdown of the affected resource. The attacker can render …
Read more
Guru: SIEM Is Only Part Of IBM i Cybersecurity

March 28, 2022 Bruce Bading

Many times, we hear from IBM i business owners that their SIEM – that’s short for Security Information and Event Management – is their cybersecurity solution for the IBM i. But that can’t be true, and I want to explain why it is part of the security shield but certainly not all of it.

Let’s start with SIEMs and how they fit into cybersecurity frameworks. SIEM is mentioned in the PCI appendix, but not once in the core of the 250+ PCI DSS requirements, likewise, the NIST Cybersecurity Framework lists event monitoring as one of the 100s (1/100s) of NIST …
Read more
Guru: Would You Rather See a Fire Marshal or a Fire Fighter?

February 28, 2022 Bruce Bading

While there are similarities between the two, a fire marshal has a preventive role and focus on preventing fire, whereas a fire fighter has a reactive role and focuses on the putting out the smoldering ruins.

When it comes to your firm’s cybersecurity practices, would you consider yourselves to be proactive or reactive (Fire Marshal or Fire Fighter)? The biggest difference between the two is your level of vulnerability when an attack does happen.

There are ongoing practices that you can do to reduce your risk. One thing that we recommend is included in every proactive cybersecurity strategy is a …
Read more

Bruce Bading

Content archive

Recent Posts

Subscribe

Pages

Search

Bruce Bading

Guru: IBM i Privileged Account Management, And What’s So Special About Special Authorities

Reader Feedback On Guru: The Finer Points of Exit Points

Guru: The Finer Points of Exit Points

Guru: IBM i *USRPRF Security

Guru: IBM i Unauthenticated Access

Guru: SIEM Is Only Part Of IBM i Cybersecurity

Guru: Would You Rather See a Fire Marshal or a Fire Fighter?

Content archive

Recent Posts

Subscribe

Pages

Search