Are Indian CISOs interested in IBM z14 mainframe?
IBM’s new offering to fight cyber criminals enables 100 percent encryption. But, whether it will be of much interest to Indian security pros is open for speculation.
IBM recently launched its z14 mainframe system that promises 100 percent encryption at all levels of the enterprise, from applications to on-premise databases and cloud. The mainframe, according to IBM, is capable of running more than 12 billion encrypted transactions per day, along with multiple layers of encryption. In addition, it has built-in analytics features.
IBM has presented its pervasive encryption offering as a solution against the rising cyber-attacks continually disrupting business operations worldwide. "We have created a data protection engine for the cloud era to have a significant and immediate impact on global data security," said Ross Mauri, general manager, IBM Z in a media statement.
"If such a system provides pervasive encryption, banks will be interested as they are supposed to secure all sensitive financial data. 100 percent encryption will certainly be helpful in that regard. But, it will not be a one-stop solution for cyber threats.
CISO, Federal Bank
Even though encryption has been cited as an effective security strategy, of all the data records breached since 2013, only four percent were encrypted, according to IBM. A study by the Ponemon Institute also revealed that extensive use of encryption helps reduce the cost of a data breach by USD 16 per record.
Issues with encryption
The mainframe has always been a secure platform and IBM has persisted to invest in encryption technologies over the past decade. In spite of its effectiveness, encryption technology can degrade the performance of an organization’s IT systems and can be too complex and expensive to manage, report IT experts. Especially from the computational perspective, encryption is reported to be complex as applications do not work with encrypted data.
Security features of IBM z14 mainframe
Pervasive encryption technology
Multiple layers of encryption
"Today's security technologies have a limitation of actually decrypting files and later re-encrypting them. The problem with some of the technologies like even the intrusion prevention kit is that it can't read through the encrypted files and what happens is that the traffic is just passed through without looking into it. Nowadays, given the sophisticated ways the attackers are coming in, they actually can use malicious codes with the help of encryption itself," said Bhavani Shankar, director of Information Security, Capgemini India.
Security leaders respond
Features such as pervasive encryption, built-in analytics, and blockchain are a clear sign that IBM is trying to attract new customers to the mainframe with the z14. The new platform with end-to-end protection has obvious advantages for organizations in need of strong security and compliance. It is believed that implementing such a security strategy at an enterprise advances a move towards better regulatory compliance as it can help safeguard critical information. Indian security leaders say the solution is promising, but not entirely full-proof.
"For security, mainframes are good because as far as I know, there are no major attacks that have happened on them. But as long as there are bugs in applications, it is difficult to ensure complete security because eventually, some attacker will find a loophole. IBM mainframe may increase security but the ease of use also matters for organizations. I don't think there are many people who can work on mainframe due to lack of the right skill set,'' explained Bhavani Shankar.
"100 percent encryption doesn’t ensure 100 percent data security. Data breach or any leakage can still happen as there will still be multiple points of potential compromise. For the single purpose of security through encryption, I don’t think organizations will switch to this mainframe solution,” stated Rajeevan Kallumpuram, assistant vice president, Information Risk Management at Reliance Industries.
“100 percent encryption doesn't ensure 100 percent data security. Data breach or any leakage can still happen as there will be multiple points of potential compromise. For security purpose alone, I don't think organizations will switch to this mainframe solution.”
AVP, Information Risk Management, Reliance Industries
Agreeing to the same notion, Biju K, chief information security officer of Federal Bank said, "If such a system provides pervasive encryption, banks will be interested as they are supposed to secure all sensitive financial data. 100 percent encryption will certainly be helpful in that regard. But it will not be a one-stop solution for the cyber threats. Each organization will have to look into it according to their needs. For us right now, we are not looking for mainframe systems.”
The response to IBM’s newest mainframe technology may seem unclear in India. But global sales are certainly expected to grow with the implementation of data protection laws like EU’s upcoming General Data Protection Regulation (GDPR) and US Federal Financial Institutions Examination Council (FFIEC). The big question is whether the new encryption technology is enough to help the slow decline in IBM's mainframe products over the past few years, as cheaper systems utilizing Intel Xeon CPUs are rising in popularity. IT giants including Amazon, Microsoft and Google are deploying the Xeon systems.
Edited by: Benoy P. Jacob