We Know Security Is A Concern, But What Is Actually Going On?
March 6, 2023
Timothy Prickett Morgan
It is an uncomfortable truth that security is a very high concern among IBM i shops – and consistently has polled as the most important concern for the past several years – but that concern does not always translate into dedicating more resources to security tools or the expertise of others with managed services who can help.
It is one thing to know that security is top of mind, but it is another thing entirely to have a sense of the relative prevalence of different kinds of attacks and the actions of hackers in the wake of a successful attack.
To help sort it out, and give its customers some insight on what is going on and what they need to defend against, Big Blue has just released its Security X-Force Threat Intelligence Index 2023 report, which you can download here and which we strongly suggest you – or whoever is responsible for securing you IBM i and other platforms in your IT shop – do.
First, let’s take a look at where the attacks are happening:
This is very interesting. In 2022, data from which is used to come up with the 2023 threat intelligence index, manufacturing companies accounted for 24.8 percent of attacks, but interestingly only represented 10.7 percent of the gross domestic product in the United States from 2021. (We don’t have final GDP figures for 2022 as yet.) Manufacturers tend to have a lot of older systems running their facilities and their back offices, and this may be a measure of opportunity.
This stands to reason some. You have to figure that the IT security at financial services companies – those engaging in banking, insurance, and real estate – that comprised 21 percent of US GDP in 2022 would have a lower share of attacks given the stauncher security requirements at such companies. But financial firms accounted for 21 percent of GDP in 2021 and 18.9 percent of attacks in 2022, figures that are within spitting distance of each other. You would have figured that many attackers would be leery of attacking financial services firms, but clearly, it works based on the data compiled by IBM’s Security X-Force division. The share of attacks (14.6) and the relative size of professional services in terms of GDP (13 percent) are close. The share of retail and wholesale GDP (6 percent) is smaller than the attacks in these industries (8.7 percent), which tells us there is something about these industries that seems to make them easier to target but not the most frequently targeted industries.
The ransomware epidemic is rising because the attacks are successful, although IBM pointed out that 67 percent of the backdoor cases were failed ransomware attacks and the companies were able to find it and shut it down before the extortion or damage from the attackers was done.
People have been worried about having their data stolen and their systems compromised for decades in the IBM i market, but it seems far more likely these days that attackers will try to extort money. And companies that have insurance against hackers and malware have to be careful to be able to demonstrate that they are doing their due diligence and either having or renting the expertise to keep their systems locked down against threats.
Theft of data is a close second to extortion, as you can see, and hackers are also interested in harvesting credentials of employees and partners and in getting their hands on data or soiled the reputation of the companies they hack.
We have said this before and we will say it again. We think that at most IBM i shops, the applications and extending them with new functionality and supporting them (sometimes at scale) is the key responsibility of the IBM i part of the IT organization. This is the core competency of the organization, and it probably has been that way for decades. But locking down systems against threats is not a core competency for most companies, and it is not only the easiest thing to offload to a managed services provider but it is also the one that should be offloaded first. The best insurance policy is not one underwritten by a big insurance company, but in acquiring the expertise to lock down the IBM i systems and its applications and databases. Security should be the first thing – and maybe the only thing – that IBM i shops should offload to a well-respected, knowledgeable third party.
RELATED STORIES
Security Still Top Concern, IBM i Marketplace Study Says
Trinity Guard Brings Security Suite Up to Speed with IBM i 7.5
Kisco Makes Moves In the IBM i Security Business
Two Weeks Of Webinars On IBM i Security
Thoroughly Modern: Good Security Is Just As Important As Good Code
COMMON Launches IBM i Security Conference
Top Five Failures In State of IBM i Security For 2022
How Fresche Fills Security Gap with Trinity Guard
Fresche Takes On IBM i Security With Trinity Guard Acquisition
Ransomware Epidemic Hits Epic Proportions, And IBM i Shops Take Notice