secure the enterprise with confidence using a mainframe infrastructure
TRANSCRIPT
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 1/16
A Forrester Consulting Thought Leadership Paper Commissioned By IBM
Secure The Enterprise With Confidence Using AMainframe Infrastructure
Firms Looking For A Secure Infrastructure And Application Platform Need To Consider The Mainframe
March 2013
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 2/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 1
Table Of Contents
Executive Summary ............................................................................................................................................................................................ 2 Executive Insomnia: Threats Of An Information Security Breach ...................................................................................................... 3 Technical Trends Threaten Information Security ..................................................................................................................................... 5 Complexity Out — Integration In ................................................................................................................................................................. 7 The Modern Mainframe Shines As A Secure Application Platform ................................................................................................... 9 Key Recommendations .................................................................................................................................................................................. 12 Appendix A: Methodology ............................................................................................................................................................................ 13 Appendix B: Demographics/Data ............................................................................................................................................................... 13 Appendix C: Endnotes ................................................................................................................................................................................... 14
© 2013 Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources.
Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, RoleView, TechRadar, and Total
Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. For additional
information, go to www.forrester.com. [1-KRNWBZ]
About Forrester Consulting
Forrester Consulting provides independent and objective research-based consulting to help leaders succeed in their organizations. Ranging in
scope from a short strategy session to custom projects, Forrester’s Consulting services connect you directly with research analysts who apply
expert insight to your specific business challenges. For more information, visit www.forrester.com/consulting.
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 3/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 2
Ninety-seven percent of executives surveyed saidthat information securityis highly critical to their
company’s ability tocompete in their market
or industry.
Eighty-seven percent of research participants
recognized the mainframeas their most available,
scalable, and secureplatform.
Executive Summary
The explosive increase in cyberthreats poses an increasingly daunting challenge to
the confidentiality, integrity, and availability of intellectual property and other
sensitive information. Conflicting opinions about operational risk, myriad point
solutions for security technology, and dissimilar computing infrastructures create a
puzzling landscape for security and risk professionals. To assess the market,
Forrester Consulting interviewed 225 IT security leaders across North America and
Western Europe about their firm’s information security investments. Roughly 60% of respondents reported revenues
greater than $5 billion per year; 18% of respondents were in banking, 14% in government, 22% in insurance, 20% in
healthcare, 13% in financial services, and 13% in retail (see Appendix B).
Key FindingsSecurity executives need secure, proven solutions across a variety of workloads,
including traditional transaction processing, mobile, social media, and big data,
and they need the security engineered in rather than cobbled together or bolted on.
Security is quickly moving from an afterthought to a business and technology
imperative for all new and existing IT solutions, but there are challenges as
companies struggle to meet complicated security requirements across the
enterprise. Forrester’s study uncovered three key findings:
• Where security, scalability, and availability needs are high, mainframe technology shines. Modern
mainframes are highly secure extensible IT engines capable of running all types of workloads and powering
modern corporations with outstanding availability, scalability, and auditability while maintaining information
integrity and confidentiality. Because it can integrate state-of-the-art hardware and software, effectively protect
mission-critical production systems, and consolidate workloads while reducing costs, the mainframe is the
security platform of choice for cloud, big data, and analytics applications as well as traditional transaction and
batch applications.
• Complexity is a top security management challenge. Complexity introduces unanticipated security
vulnerabilities but also increases the risks and costs associated with implementing new secure solutions. Of all the
challenges that security professionals face, complexity management is No. 1. Today’s security environment is just
too complex — and the situation worsens as new technology is applied to basic compliance, data protection,
access control, system auditing, and secure virtualization. Sixty-five percent of executives surveyed agreed that
they have too many point solutions. Some security departments, for example, have more than 150 different
security tools to address the security needs of their organization.1 This number of technologies is difficult, if not
impossible, to adequately maintain and deploy.
• Pre-engineered integrated security is the preferred option for security managers. Security decision-makers
would prefer an integrated technology stack and platform. More than 90% of those surveyed and interviewed for
this research felt that using a platform that has security natively designed into its architecture made the most
sense.
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 4/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 3
Ninety-one percent of research participants feltthat information security
was an imperative andthat IT must secure
critical information andsupport their company’s
compliance needs.
Executive Insomnia: Threats Of An Information Security Breach
The industrial espionage and economic cyberterrorism epidemic is a huge concern
for business leaders around the world. The costs of a publicized security breach in
financial impact and damage to corporate reputation and brand increasingly make
prevention the best investment any business leader can make.2
The stakes could not be higher. Over the past five years, cyberinsurers paid $3.7
million per cyberbreach claim, with a majority of those funds going to cover legal
defense and settlement costs.3 The costs of lost intellectual property and market and brand dilution have not been
specifically calculated, but estimates put this in the billions of dollars.4 As a result, executives want to be more involved
in information security than ever before. In the course of this research we found that:
• Information security is the new imperative. Ninety-one percent of research participants felt that information
security was an imperative and that IT must secure critical information and support their company’s compliance
needs. As the number of publicized cyberattacks grows, executive awareness grows.
• Information security is core to new products and services. Ninety-one percent of research participants felt that
the mismanagement of information security would severely damage their firm’s brand. Sixty-one percent of
respondents felt that information security was core to their product and services offerings, and 67% percent felt
information security was highly critical to the company’s ability to compete, and (see Figure 1). 5
• Social media and mobile applications change the information security landscape. Social and mobile
technologies enable mobile workforces to more effectively understand customer wants and needs and deliver
products and services more flexibly and efficiently. Yesterday’s methods of protecting information assets behindan electronic perimeter based on first-generation firewalls are no longer effective.6 More than 90% of the security
leaders surveyed felt that social media and mobile devices increase the risk of an information security breach (see
Figure 2).
• Regulatory compliance requirements are growing in number and complexity. Eighty-eight percent of
respondents felt that regulatory authorities are increasing the information security requirements for these
companies’ applications and infrastructure and that stiff penalties would result if these companies failed to meet
necessary requirements (see Figure 3).
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 5/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 4
Figure 1
Information Security Is Core To New Products And Services
Base: 225 global enterprise security professionals
(percentages will not add up to 100% because answers for “Strongly disagree,” “Disagree,” and “Neutral” have been removed)
Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2013
Figure 2
New Solution Types Such As Social Media And Mobile Devices Have A High Impact On Information Security
Base: 225 global enterprise security professionals
(percentages will not add up to 100% because answers for “Don’t know,” “Not important,” and “Somewhat important” have been removed)
Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2013
27%
34%
30%
64%
60%
67%
We run the risk of damaging our brand if we insecurely handleclient and partner data
Information security is core to our offerings; we need to ensurethat information is kept confidential, available, with integrity intact,
meeting all necessary privacy and compliance rules
Information security is highly critical to our ability to compete in our market/industry
Agree Strongly agree
“How important are the following services and support functions for the
success of your IT management solution?”
15%
12%
29%
34%
48%
45%
The use of social media greatly increases the riskof information security breaches
Mobile devices greatly increase the risk of theloss of valuable information
Important Very important Essential
“Please answer each statement as it best describes the security requirements for applications and infrastructure confidentiality.”
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 6/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 5
Social media, cloud,and compliance
present big informationsecurity challenges.
Keeping up with thesechanges requires a
secure platform as afoundation for new
technology solutions.
Figure 3
Complex Audit Requirements Drive Need For Improved Security Controls
Base: 225 global enterprise security professionals
(percentages will not add up to 100% because answers for “Strongly disagree,” “Disagree,” and “Neutral” have been removed)
Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2013
Technical Trends Threaten Information Security
New technology trends and business models are changing the methods by which
employees access information — this makes confidentiality, availability, and
integrity much more important. To mount a credible response requires the use of
proven technologies that have security engineered into their DNA. Security
professionals have to move beyond simple network operations and look at their IT
infrastructure as a secure and integrated ecosystem. All of these platform
capabilities need to be strong and robust. The shift drives complex technical
requirements for security. For example, respondents articulated the following
necessary requirements for secure application and infrastructure solutions (see Figure 4):
• Access control (93%). Poorly implemented access control to sensitive information is one of the leading causes of
breach. Secure solutions need to authenticate and control the access of system users and then assist in the
identification, classification, and protection of system resources. Access control should allow users to use specific
system resources and log unauthorized system access attempts.
• Auditing and compliance (84%). The ability for a system to provide a detailed audit trail for threat detection and
compliance reporting is critical. Log management and archival of system events is an essential capability for
organizations needing to address compliance requirements such as PCI and HIPAA. Log management is also an
important method for detecting breach activity. Systems that have this as a capability engineered in are better
positioned to deal with these different types of security challenges and are easier to audit and provide security
assurance to regulators and auditors.
36% 52%
Regulatory authorities are increasing the informationsecurity requirements for our applications and
infrastructure, with stiff penalties if we don’t meetnecessary information security requirements
Agree Strongly agree
“Please evaluate the following statements about the importance of
information security to your organization.”
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 7/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 6
• Data protection (95%). A company’s lifeblood is the information it manages about its products and services.
Secure platforms should use techniques such as end-to-end encryption from endpoint to server to make sureinformation is kept safe and away from unauthorized use. Data access should be controlled by and linked to
policy management.
• Network security (94%). The use of encryption and other techniques to protect data in motion is necessary for
secure workloads. The network, as opposed to the endpoint or host platform, has become an important
battleground for dealing with security threats, especially as more workers use mobile technology and more
workloads move to the cloud.
• Secure virtualization (86%). Secure virtualization is an essential security need in the virtualized data centers
deployed today. Secure virtualization allows a system to run, Microsoft Windows® or Linux, as virtual machines
in their own secure environments or containers on an application service platform. The value to security is thateach virtual machine can run in its own secure container, isolating different workloads from one another.
• System memory protection (87%). Memory protection, although a very technical issue, is important for secure
applications since it’s possible for hackers to use system memory as an attack vector. Systems that have strong
memory protection engineered into their architectures are resistant to these types of attacks.
• Workload isolation (74%). Workload isolation, another technical issue, is an important security requirement.
This capability is especially important in multitenant applications such as those used in private and public clouds.
Workload isolation protects applications running alongside each other from hacking and other types of data and
process corruption.
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 8/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 7
Multiple point solutionsare costly, technicallydifficult to integrate,
offer less control oversecurity features andfunctions, and don’t
stand up to a changingthreat landscape andregulatory compliance
regime.
Figure 4
Critical Requirements For Secure Applications And Infrastructure
Base: 225 global enterprise security professionals
(percentages will not add up to 100% because answers for “Not important” and “Somewhat important” have been removed)
Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2013
Complexity Out — Integration In
Should your firm integrate point solutions to provide a security applications
infrastructure or use a pre-integrated application platform that has information
security engineered into its underlying architecture? The issue has been complex
because there has been an incorrect assumption that mainframe technology is more
expensive to implement and operate than other types of point solutions. In this
study, executives were asked how they have met information security requirements
in the past and how they plan to address these requirements in the future. Consider
the following information (see Figure 5):
• Multiple point solutions are more complex. A clear majority of our survey respondents (65%) felt that
integrating point solutions increases complexity, making the infrastructure more difficult to manage.
• Multiple point solutions are more difficult to implement. Sixty-one percent noted that point solutions are
more difficult to implement, increasing complexity and risk. Technical implementation challenges increase the
41%
39%
40%
36%
43%
38%
30%
31%
39%
33%
45%
46%
51%
46%
54%
63%
63%
56%
Workload isolation
Auditing and Compliance
Secure Virtualization
System memory protection
Secure Interoperability with other Applications
Storage security
Access Control (Identity & Access ManagementIntegration)
Network Security
Data Protection and Encryption of Data
Very Important Essential
“When considering the security requirements for new applications and
infrastructure, how important are the following aspects of security?”
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 9/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 8
risk of implementing a secure system. Integrating point solution systems and data is not only technically
challenging but it lengthens the time solutions can be put into production to meet real business needs.
• Multiple point solutions are more expensive. Complexity drives cost — 57% of survey respondents felt that
implementing a series of point solutions was more expensive that using a comparable mainframe or similarly
integrated platform.
• Integrating point solutions is technically difficult and often leads to gaps and interoperability issues. As
noted, many organizations have many security tools, network, platform, and application technologies.
Engineering security into these solutions is technically difficult. Also, because security is a constantly changing
discipline with new attacks and compliance requirements, keeping up with this change is a real challenge.
• Multiple point solutions offer less control over features and functions. Complex solutions require finer-
grained controls, yet 52% of respondents indicated that integrating point solutions provided less control over the
features and functions.
Figure 5
Implementing Secure Solutions Is Risky
Base: 225 global enterprise security professionals
(percentages will not add up to 100% because answers for “Don’t know”, “Strongly disagree”, “Disagree”, “Neutral” have been removed)
Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2013
41%
44%
40%
43%
41%
24%
17%
17%
13%
11%
Too many point solutions increases the complexity of our IT infrastructure and makes it hard to manage
Integrating point solutions increases complexity and risk
Implementing a secure solution on a distributed platformusing multiple point solutions is more expensive than
using a mainframe or similarly integrated platform
Integrating point solutions is technically difficult andoften leads to gaps and interoperability issues
Integrating point solutions allows less control over features and functionality
Agree Strongly agree
“Please evaluate each statement about your experiences with implementing
secure applications and infrastructure.”
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 10/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 9
The Modern Mainframe Shines As A Secure Application Platform
The rumors of the death of the mainframe have been greatly exaggerated — and chiefly by its competitors. 7 Participants
in this research painted a very robust picture. For example, one systems manager viewed the mainframe as his most
secure platform and would deploy new solutions on the platform “without hesitation.” Another felt that because the
platform was so difficult to hack it was “the only platform that made sense” to use for the most sensitive high-volume
workloads. Why do modern mainframe architectures shine and outperform other platforms for security applications?
• Security is engineered into the platform, not cobbled together or bolted on. Seventy-six percent of
organizations surveyed designate mainframe technology as a valid/preferred platform to deploy secure
applications and infrastructures. Why? Perhaps because the modern mainframe supports all of the features
needed for secure applications. Encryption with key management for example, is one of the most, if not most,
effective means for securing data in motion and data at rest. Mainframe technology really excels in this area. Themodern mainframe has the necessary security controls engineered into its foundation for secure applications,
including: network security, access control, data protection and encryption with key management, storage
protection, memory protection, secure virtualization, secure interoperability, auditing and compliance, and
workload isolation (see Figure 6).
• Mainframes provide extensive security logs and audit reporting to address industry standards and
regulations. Mainframe logging provides the in-depth security controls and audit information required for
industry compliance and regulations. Eighty-four percent of organizations surveyed ranked auditing and
compliance as a very important or essential security requirement for new applications and infrastructure.
• Mainframes are the secure, high-availability, multi-workload platform of choice for big data. Survey
respondents note that mainframe applications are the most secure for processing big data (78%), have a lower
total cost of ownership for some applications (76%), and are the most available, scalable, and secure platform
(87%). At the same time, many organizations have additional mainframe capacity available to run new workloads
(77%) (see Figure 7). Mainframes provide secure workload isolation, with data protection and privacy making
them the ideal platform for system consolidations, big data analytics, and private cloud implementations.
• The number of hacked mainframes is very low.8 In fact, most attacks on these platforms come from
compromised system administrators. Tooling in mainframe technology helps prevent erroneous or problematic
security commands from entering the system. Mainframe technology now even addresses this scenario by
providing administrative security features. For example, if for any reason logging is terminated, modern
mainframe technology will not allow processing to continue. Mainframe technology is hardened by design and
may be the best choice for a security platform.
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 11/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 10
Figure 6
Mainframe Standard Security Features
Base: 225 global enterprise security professionals
(percentages will not add up to 100% because answers for “Not important” and “Somewhat important” have been removed)
Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2013
6%
7%
4%
6%
9%
12%
10%
16%
18%
31%
30%
39%
38%
36%
40%
43%
39%
41%
63%
63%
56%
54%
51%
46%
46%
45%
33%
Network security
Access control (identity and access managementintegration)
Data protection and encryption of data
Storage security
System memory protection
Secure virtualization
Secure in teroperability with other applications
Auditing and compliance
Workload isolation
Importan t Very importan t Essential
“When considering the security requirements for new applications and infrastructure,
how important are the following aspects of security?”
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 12/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 11
Figure 7
Mainframe Technology — A Secure And Capable Platform
Base: 160 global enterprise security professionals
(percentages will not add up to 100% because answers for “Don’t know,” “Strongly disagree,” “Disagree,” and “Neutral” have been removed)
Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2013
38%
43%
34%
39%
29%
44%
48%
44%
44%
38%
38%
33%
It houses most of our important data
It is our most available, scalable, and secure platform
Provides the most secure platforms for processing big
data and analytical applicationsProvides a lower total cost of ownership for some types
of analytic workloads
Our mainframe skills are much better than on other platforms
We have available/underutilized mainframe storage andprocessor capacity
Agree Strongly agree
“How strongly do you agree with the following statements about your mainframe(s)?”
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 13/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 12
KEY RECOMMENDATIONS
The survey data shows that business and security leaders are very concerned about information security. They see
cybercrime as a major threat to their businesses, with security breaches strongly affecting their company’s brand,
competitiveness, and long-term viability. They want their IT departments to deploy solutions that confidently protect the
company and at the same time support new technology such as social media and big data. Effectiveness is the real issue for
business leaders, and anything that is too complex or doesn’t have the ability to secure valuable data won’t cut it today.
Therefore, as IT security leaders, you should:
• Consider all of your platform options. Mainframe technology presents a very capable and robust platform that is
tough to hack and has security engineered into its foundation. These systems have nearly 50 years of security
hardening engineered into their designs. They have great availability, ability to support encrypted workloads
natively, superb memory and process protection, and some of the most advanced audit and reporting features of
any platform operating.
• Choose a proven platform. It’s just not about data in motion but also about data at rest. The mainframe as the
repository of some of the most s ensitive data in your organization offers performance, confidentiality, availability,
and integrity that other platforms may struggle to deliver. Secure applications not only require transaction security
but also storage security. Big data, for example, represents some of the biggest security risks for companies today,
and the mainframe and associated storage technology is more than up to the task of running these applications
and securing this information. Mainframe technology, quite simply, is one of the best options for these secure
workloads.
• Consider all the costs associated with the security requirements for your applications and infrastructure.
Mainframes have a reputation for being expensive. That’s only when companies don’t consider all the costs and
risks of using and integrating point solutions. Using a series of point solutions implemented on less integrated
platforms could actually make your organization less secure. As you think about platform selection, the mainframe
is one very viable choice for applications with strong security requirements. Remember, the cleanup of a serious
breach is always more expensive than engineering a solution that will actually protect against the breach.
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 14/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 13
Appendix A: Methodology
In this study, Forrester conducted an online survey of 225 organizations in Brazil, Germany, the US, and the UK to test
their attitudes, perceptions, needs, and plans for investing in security applications and infrastructure. Survey
participants included business and security decision-makers. Questions provided to the participants included “How
critical is information security to your ability to compete in your market or industry?” “Are you an advocate for
information security as it relates to IT applications and infrastructure” and “What are your perceptions about the
mainframe as a secure application platform?” The study began in November 2012 and completed in January 2013.
Appendix B: Demographics/Data
Figure 8
Survey Demographics: Geography And Industry
Base: 225 global enterprise security professionals
Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2013
Brazil27%
Germany26%
US23%
UK24%
“In what country are you based?”
Banking18%
Government14%
Healthcare20%
Insurance22%
Financialservices
13%
Retail13%
“Which of the following best describes your industry?”
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 15/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 14
Figure 9
Company Profiles
Base: 225 global enterprise data analytics professionals
Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2013
Appendix C: Endnotes
1 Forrester does an ongoing survey of its clients’ use of tools through a continuous interview process. Forrester obtained
this information during a recent interview conducted concurrently with this research. Source: Forrsights Security
Survey, Q2 2012, Forrester Research, Inc.
2 Source: “Determine The Business Value Of An Effective Security Program — Information Security Economics 101,”
Forrester Research, October 2, 2012.
3 Cyberinsurance premiums and claim payments are just one indicator of the costs of cyberbreach. The data cited here
comes from NetDiligence’s 2012 Cyber Risk and Privacy Liability Forum in Philadelphia. Source: Gresinger, Marc;
Parisi, Robert. “NetDiligence Cyber Breach Claims Filing.” In NetDiligence® 2012 Cyber Risk & Privacy Liability
Forum. Philadelphia, Pennsylvania, USA: HB Litigation Conferences, 2012.
4 By 2015 the impact of digital piracy alone will reach $240 billion to the world economy. Source: “Estimating the global
economic and social impacts of counterfeiting and piracy: An executive summary commissioned by business action to
stop counterfeiting and piracy (BASCAP),” Frontier Economics. February
2011(http://www.conimit.de/fileadmin/files/Fakten_und_Statistiken/Studien/Global_Impacts_-
_Executive_Summary.pdf).
7%
34%
59%
$500 million to $999 million
$1 billion to $4.99 billion
$5 billion or more
“Which of the following most closely describes
your company’s total annual revenue?”
63%
71%
77%
80%
Midrange
Mainframe
Unix/Linux
VMware with Windows or Linux
“Does your firm employ these platforms when
implementing applications?”(Select all that apply)
7/28/2019 Secure The Enterprise With Confidence Using A Mainframe Infrastructure
http://slidepdf.com/reader/full/secure-the-enterprise-with-confidence-using-a-mainframe-infrastructure 16/16
Forrester Consulting
Secure The Enterprise With Confidence Using A Mainframe Infrastructure
Page 15
5 Forrester’s yearly Forrsights information security survey validates this information — it showed that 63% of
respondents “raised executive awareness and increased attention on the security of our intellectual property and
corporate secrets.” Source: Forrsights Security Survey, Q2 2012, Forrester Research, Inc.
6 Source: “Build Security Into Your Network’s DNA: The Zero Trust Network Architecture,” Forrester Research,
November 15, 2012.
7 Paraphrased from a quote attributed to Mark Twain “The rumors of my death are greatly exaggerated.”
8 Mainframe hacking is a lost art if it ever really existed. These systems designed with military grade security are a
hacker’s nightmare.
ZSL03233-USEN-00