Stream: Virtual Room A
Time: 13:45 - 14:30
The global economy runs on IBM z/OS, yet the industry standard for threat detection - MITRE ATT&CK, has a critical blind spot: the Mainframe. While we meticulously map Tactics, Tools and Procedures (TTPs) for Windows, Linux and Cloud, the platform processing $8 trillion in daily card payments remains a 'Security Black Hole.' In this session, I will unveil a new TTP matrix specifically for z/OS bringing together the known attacks and adding my own research, and how it can be used. I'll move beyond obscurity, mapping real-world mainframe attacks to actionable mitigations, and demonstrating why ignoring these TTPs is a direct threat to economic stability especially in light of the Nation Cyber Security Centres 2026 warning of Nation States pivoting to financial services as part of their attacks on National Critical Infrastructure.
Threat Intelligence Manager, Security Instructor, mainframe enthusiast, and author using my 30+ years of experience to pass on my knowledge as best I can! I've worked in financial services for 20 years and consultancy for the other 10, mostly in Offensive Cyber Security and Technical Risk Management. I started working with mainframes just over three years ago and I find them fascinating as well as vital. I'm currently writing on a book for No Starch Press, I'm also director of Neuro Training Ltd and lead instructor on the Mainframe Offensive Security Tester course - the only publicly available course on mainframe pen testing.
Click here to give some Feedback so we can make it even better next year!