From 2015 to 2025: a decade of z/OS Safety Assessments
Ten years in the past, most safety assessments primarily uncovered points rooted in legacy configurations as a result of our trade was hindered by a false sense of safety. In 2015, many organizations had change into complacent and overconfident, naïvely believing that mainframes have been “unhackable” on account of their remoted nature.
This blasé angle was quashed a number of occasions over as a number of high-profile breaches occurred in fast succession—Anthem and the U.S. Workplace of Personnel Administration (OPM) have been each hacked in 2015, adopted by Equifax being hacked in 2017.
Such a stark reminder of the efficient mortality of the mainframe and the general fallibility of any expertise triggered a change within the cultural zeitgeist of mainframe fans. Not did individuals confer with the mainframe as “probably the most safe platform”, as an alternative, they amended such references to “probably the most securin a position platform”, acknowledging the inherent limitations that have to be addressed by diligent safety engineers.
Following this cultural change, organisations have change into extra cautious of exploits as they’re now anticipated to check their system extra and to be compliant with larger rules. Thus, the necessity for complete safety assessments has solely grown over the last decade.
