Strategic Direction Session: Enhancing Data Privacy with Data-Centric Security for Mainframe

Strategic Direction Session: Enhancing Data
Privacy With Data-Centric Security for Mainframe
Vikas Sinha
MFT13S
MAINFRAME
SVP Business Unit Executive
CA Technologies
VP Product Management
CA Technologies
Stuart McIrvine
Sr. Information Security Architect
Zions Bank
Peter Garza

2 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
For Informational Purposes Only
Terms of this Presentation
© 2017 CA. All rights reserved. All trademarks referenced herein belong to their respective companies. The presentation provided at
CA World 2017 is intended for information purposes only and does not form any type of warranty. Some of the specific slides with
customer references relate to customer's specific use and experience of CA products and solutions so actual results may vary.
Certain information in this presentation may outline CA’s general product direction. This presentation shall not serve to (i) affect the
rights and/or obligations of CA or its licensees under any existing or future license agreement or services agreement relating to any
CA software product; or (ii) amend any product documentation or specifications for any CA software product. This presentation is
based on current information and resource allocations as of November 1, 2017, and is subject to change or withdrawal by CA at any
time without notice. The development, release and timing of any features or functionality described in this presentation remain at
CA’s sole discretion.
Notwithstanding anything in this presentation to the contrary, upon the general availability of any future CA product release
referenced in this presentation, CA may make such release available to new licensees in the form of a regularly scheduled major
product release. Such release may be made available to licensees of the product who are active subscribers to CA maintenance and
support, on a when and if-available basis. The information in this presentation is not deemed to be incorporated into any contract.

Abstract
With great power comes great responsibility. Mainframes have both: the power of data
and transactions that run the application economy, and the responsibility to keep that
data protected. Join this roadmap session to learn from CA data privacy leaders and see
the future of the data-centric security strategy, covering key products such as CA Data
Content Discovery for z/OS, CA Compliance Event Manager and more. Learn how to
enhance your data privacy and simplify regulatory compliance, plus get a view into the
roadmap of what's to come in the mainframe security and compliance portfolio.
Vikas Sinha
CA Technologies
SVP Business Unit
Executive
Stuart McIrvine
CA Technologies
VP Product Management
Peter Garza
Zions Bank
Sr. Information Security
Architect

Agenda
DIGITAL TRUST DRIVES THE DIGITAL ECONOMY
THE MAINFRAME IS JUST LIKE ANY OTHER PLATFORM
CA MAINFRAME SECURITY HELPS YOU DELIVER TRUST
DATA-CENTRIC SECURITY AND COMPLIANCE
JOINING FORCES FOR ENHANCED SECURITY WITH Z14
ENSURE COMPLIANCE FOR USER ACCESS
1
2
3
4
5
6

GDPR Compliance
takes effect May 2018
Average cost per stolen
record is $1412
47% of breaches involve a
malicious or criminal attack2
Data-Centric Security and Compliance
Data Breaches
Insider Threats
Regulations
Ransomware
77% of data breaches derive
from internal sources1
Source: Verizon Data Breach Report1; Ponemon Institute Reputation Risk Study, 2017

$6.8B
in financial losses annual due to account takeover1
$3T
in business growth could be slowed due to cyber attacks2
Sources:
1. Forrester Research, RBA Wave Report 2017
2. McKinsey and World Economic Forum Report, July 2014
…and data breaches are
causing a loss of trust and
limiting growth
Digital Trust Drives the Digital Economy

The Mainframe Is Just Like Any Other Platform
Increased Data Breaches
Sensitive and regulated
data at risk to threat
Social Engineering
Access credentials
are vulnerable
Insider Threats
Misuse of access from
internal employees

Mainframe Security and Compliance Overview
Ensuring Compliance With the Strictest Security Policies in the Data Center
Data Security &
Compliance
• Evolving mainframe
access control
compliance
• Data security controls for
mainframe
• User activity
Identity &
Access
Management
User
Activity
Monitoring
& Alerting
Auditing
Cleanup
PIV/CAC
RADIUS

How Do I Make Data-Centric Security and
Compliance A Competitive Advantage?
KEY CHALLENGES:
• Strict data protection requirements and heavy
penalties
• Expanded definitions of personal data
• Orphaned or unknown data location, especially as
data is taken off the mainframe for testing, pre-
production staging or analytics
SOLUTION:
Knowing what personal data you have, where it
resides, who has access, and how it’s protected.
Protection for data in
motion
PII, sensitive data and
custom pattern
scanning
User access and Log
management - historical
and predictive
Real-time alerting with
Security Incident and
Event Management

Increase Your Data Privacy and Simplify Compliance
FIND
Data that may be lost,
hidden or abandoned
CLASSIFY
Based on sensitivity level
for compliance
PROTECT
With more informed data
protection strategies
ALERT
In real-time of abnormal
access attempts
INSPECT
With advanced reporting
and forensics

The Solution: Enterprise Data Protection
of the world’s data transacts on the mainframe. Protect
it with CA Data Content Discovery.70%+
Find ProtectClassify
“The most valuable feature of CA Data Content Discovery is the ability to recognize, in
an intelligent and accessible way, which data sets on the mainframe contain
sensitive data that need to be protected from a governance and regulatory
perspective.” – Chief Strategist 1
Sources: 1 - IT Central Station, CA Data Content Discovery review, Dec 6, 2016

Joining Forces With IBM z14 for Enhanced
Enterprise Security
1
• Pervasive Encryption
• Real-Time Machine
Learning
• Connected Ecosystem
• Container Pricing
#trustIBMz
• Identify where sensitive data is and
show who has access to it
• Receive alerts in real-time for
abnormal access attempts
• Ensure more granular security for
sensitive data

Data-Centric Security to Simplify GDPR Compliance
Find, classify and understand who
has access to sensitive and
regulated data
Add additional controls such as
encryption, masking or
tokenization
Monitor data activity and receive
alerts when policies are violated

Large Regional Bank
Western US Bank offering a full suite of financial services needed a solution to quickly meet audit and
compliance requirements to ensure all sensitive financial information was located and secured
CHALLENGE:
Increased transaction volumes made it difficult to find, classify and
protect all regulated financial data on the mainframe
CA Data Content Discovery.
Initial scans
identified 5%
had unknown
sensitive data
Increased risk
assessment
through automated
efforts
Improved
business
agility by
automating
scans
The answer?
The Benefits of Enhancing Enterprise Data Privacy

How Do I Ensure Compliance for User Access?
KEY CHALLENGES:
• Systems must be auditable with granular logging
• Streamlining management of all privileged user IDs
• Ensuring consistent two-factor authentication
• Auditing and logging suspicious activity
• Lack of enterprise visibility and control
SOLUTION:
Tighter control and tracking of users with access to
the most sensitive corporate data.
Advanced authentication
for mainframe
Privileged access
management for
mainframe
Granular, role-based
security controls
Secure and frictionless
access for employees,
customers and partners

The Solution: Access Control
Advanced
Authentication
Event EnrichmentPrivileged Access
Management
Built on the foundation of CA ACF2TM and CA Top Secret®
CA Trusted Access
Manager for Z
CA Advanced
Authentication Mainframe
CA Compliance Event
Manager
• Reduce insider threats
• Increase business efficiency
• Elevate existing user IDs
• 100% on the mainframe
• PIV, CAC, Smart Card,
RADIUS
• Via RSA SecurID
• Support for IBM RACF
• Ensure compliance for user
access
• Event enrichment and
reporting

VERIFY
PEOPLE
PROTECT
DATA
ENSURE
SYSTEMS
Digital Trust Is the Currency of Digital Enterprise
1
Partner with your Line of Business to establish a digital trust
strategy at the core of your organization to capitalize on new
digital business opportunities faster than your competitors,
because it reduces risk and improves your agility to scale to
reach millions and billions of users and things

CA Mainframe Security Helps You Build Trust
Correlation and
Insight
Compliance
Management
Data Security
Identity and Access
Management
Event Filtering; SIEM;
Analytics
User Activity Monitoring; Data Compliance;
Reporting
Data Discovery - Static and In Motion; Data
Protection
Advanced Authentication - RSA, CAC/PIV, OTP;
Privileged Access Management

A Discussion With Zions Bank

What were some of the challenges
Zions Bank was facing prior to CA Data
Content Discovery?

How would you say CA Data Content
Discovery is used in your organization
today versus last year?

What are some of the interesting things
you’ve done with the solution recently?

What do you see in the future for and
data security market at large?

Recommended Sessions
SESSION # TITLE DATE/TIME
MFT46T Optimize Data-Centric Security on the Mainframe 11/15/2017 at 2:30 pm
MFT48T Defend Against Mainframe Privileged User Risks 11/16/2017 at 12:45 pm
MFT14S
Panel Discussion: Cybersecurity and Regulatory
Compliance, and the Latest Approaches to Improving
Your Data Privacy Posture
11/16/2017 at 2:30 pm

Must See Demos
CA Data
Content
Discovery
Mainframe Theatre
CA
Compliance
Event
Manager
CA Trusted
Access
Manager for
Z
Mainframe Theatre
CA
Advanced
Authentication
Mainframe
Mainframe TheatreMainframe Theatre

Questions?

Stay connected at communities.ca.com
Thank you.

www.mainframe.ai

Mainframe
For more information on Mainframe,
please visit: http://cainc.to/CAW17-Mainframe

Strategic Direction Session: Enhancing Data Privacy with Data-Centric Security for Mainframe

More Related Content

What's hot (19)

Similar to Strategic Direction Session: Enhancing Data Privacy with Data-Centric Security for Mainframe (20)

More from CA Technologies (17)

Recently uploaded (20)

Strategic Direction Session: Enhancing Data Privacy with Data-Centric Security for Mainframe