Mainframes still process 87% of credit card transactions (IBM 2018) yet get scant attention from PCI Audits. The new scourge of the internet, ransomware, can be perpetrated as easily on mainframes as any other platform. This presentation discusses catastrophic exposures that exist on nearly every mainframe system and how by enforcement of existing PCI requirements substantial risk reduction can be accomplished.