Why Mainframes in Finance Demand Equal Cyber Controls

Rocket Software's Tim Hill on Securing Mainframes With MFA and Scanning Tools Michael Novinson (MichaelNovinson) • November 19, 2025

More than 90% of financial services firms rely heavily on mainframes for their core operations, and over 90% of credit card transactions involve a mainframe. As mainframes integrate with modern digital ecosystems, they face growing exposure to threats. But many organizations continue to view them as inherently secure, said Tim Hill, vice president of software engineering at Rocket Software.

See Also: Thwarting Cyberthreats in the Power Sector

New York State Department of Financial Services Part 500 requires firms to deploy multifactor authentication and vulnerability scanning equally across mainframes and distributed systems. The regulation targets integrity vulnerabilities - code flaws that let attackers bypass security controls regardless of perimeter strength. Hill said these vulnerabilities enter systems whenever vendors deliver patches or updates, making regular scanning during deployment essential.

"If you have a vault ...