IBM Z Mainframe Brings Encryption Super Powers

CERT-LatestNews ThreatsCybercrime ThreatsEconomic ThreatsStrategic Uncategorized

Aimed at enterprise customers facing increasing threats of data breaches, the new IBM Z mainframe features “breakthrough” encryption capabilities that can secure information in any cloud application or database at all times, the company said today.

The IBM Z (pictured above), which can handle more than 12 billion encrypted transactions every day, was designed following more than three years of input from information security executives, data security experts, and more than 150 company clients around the world. IBM said the mainframe brings “significant advances” in encryption capabilities for banks, healthcare providers, government agencies, and other users with critical data security needs.

IBM said its new mainframe is also aimed at helping organizations better meet new regulatory requirements such as New York state’s cybersecurity guidelines for financial services companies or Europe’s General Data Protection Regulation, which goes into effect next year.

Easier, Faster Data Protection

The average cost of an enterprise data breach comes to more than $3.6 million, according to the 2017 Cost of Data Breach Study produced by IBM Security and the Ponemon Institute. That’s down 10 percent from the $4 million noted in last year’s study, in part because of the current strength of the U.S. dollar. However, the risk of a material data breach continues to grow, with organizations facing a 27.7 percent likelihood of such an event over the next two years, the new study found.

The IBM Z offers pervasive encryption so users can quickly and easily encrypt bulk data at the cloud scale, IBM said. That’s a switch from the previous approach to enterprise encryption, in which only a small amount of the total data handled is encrypted because of the complexity, cost and performance issues involved.

IBM cited research that shows only around 2 percent of corporate data today is encrypted, compared to more than 80 percent of mobile device data.

“The vast majority of stolen or leaked data today is in the open and easy to use because encryption has been very difficult and expensive to do at scale,” IBM Z general manager Ross Mauri said today in a statement. “We created a data protection engine for the cloud era to have a significant and immediate impact on global data security.”

‘Encryption at the Click of a Button’

One of the encryption improvements provided by IBM Z is greater protection for encryption keys. The mainframe offers “tamper responding” hardware that invalidates encryption keys as soon as a sign of intrusion is detected, and can then restore them safely.

The IBM Z also allows enterprises to encrypt application programming interfaces (APIs) nearly three times faster than other systems do. APIs are used by developers to connect applications or data to cloud services.

“Banks and others in the financial services industry process thousands of transactions per second to keep the global economy running,” Mauri wrote in an IBM blog post. “To help these organizations more effectively compete in the cloud era, enormous amounts of sensitive data produced by transactions can now have better protection against fraud and cybercrime, and be analyzed and monetized using IBM Z — without causing disruption of day-to-day operations. For banks, this means encryption at the click of a button — even while applications are running — and the ability to migrate data from unencrypted to encrypted without impacting service level agreements.”

In addition, the new mainframe can help provide the cryptographic capabilities needed to support blockchain applications that are being increasingly used for secure transactions and record tracking by financial services companies and other organizations. IBM said its six new blockchain service centers in Dallas, London, Frankfurt, Sao Paolo, Tokyo, and Toronto are already using the mainframe’s cryptographic technology.

Image credit: IBM.

Gunny M. Reynolds, CISSP:

Posted: 2017-07-18 @ 3:59am PT

Coupled with Blockchain Protocol, this is the next best Internet of Things (IoT) to serve as a force multiplier for all industries in the public and private sector.