I'll repeat what I always say about this. If I was hacking a mainframe
I wouldn't start with the mainframe, I'd start with the sysprog or
security admin's PC or Mac or email or phone or whatever. In that case
it doesn't matter one bit how well the mainframe is protected internally.
And please stop with the political remarks. This seems to be the one
place on earth I can go without reading about politics. A place where I
can enjoy a 50+ post back-and-forth between Seymour and Gil, for
example, without hearing one word about US politics.
On 10/7/2021 3:21 PM, Bill Johnson wrote:
You’d have to be a poorly run shop to permit any of those to occur. Maybe
that’s why mainframe hacks have actually never happened.....Biden successfully
extracted 124,000 from Afghanistan in a few weeks. Amazing.
Sent from Yahoo Mail for iPhone
On Thursday, October 7, 2021, 2:12 PM, Charles Mills <charl...@mcn.org> wrote:
And assuming you never make a mistake. Never leave an APF data set unprotected. Never
give the wrong person console authority. Fully understand APF on UNIX. Never have a Rexx
PDS used by privileged users that is modifiable by others. Have no magic SVCs. Have no
flawed APF code, no APF "tools" available inappropriately.
Charles
-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
W dniu 05.10.2021 o 15:24, Tommy Tsui pisze:
Hi
Any shop implement mainframe ransomware solution can share? IBM seems has
cyber vault to handle this. Is there any other solution available ?
Thanks for sharing
<shameless mode>
Yes, we have such solution.
This is combination of the following products:
1. z/OS
2. RACF
3. Professional staff
</shameless mode>
Other means:
RACF
backup
Safeguarded copy and other vendors' solutions
audit
procedures
Note: all of the "solutions" marketed nowadays give you some cure *after
breach happened*. However that means some problems. It is unlikely to
restore with RPO=0. If you want RPO=0 then you should pay much more
attention at prevention, which means ...no, NOT ANOTHER PRODUCT.
Definitely first: professional staff, procedures, audit. And then maybe
some tools.
IBM Cyber Resiliency tools: Guardium, zSecure Suite, QRadar SIEM,
Safeguarded Copy...
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
