From processing card transactions to booking appointments, mainframes are the powerhouse within the IT infrastructure or an enterprise, keeping the core applications running.

In an industry defined by constant innovation, mainframes remain unmatched when it comes to processing large amounts of data within a scalable and reliable system. They hold and protect complex transactional and operational rules and policies, they can run multiple operating systems, handle high volume input and output, and add or hot swap system capacity, all without disrupting the day-to-day operations of the business. 

Mainframes are usually thought of as one of the most robust and secure parts of the IT infrastructure, but also one of the most mission critical. In fact, a recent survey found that over half (51 percent) of IT leaders rely on mainframe systems to handle all, or nearly all, core business applications.

By contrast, only 28 percent of organisations reported to feel ‘extremely confident’ in their proactive response to mainframe vulnerabilities, shedding light on an overlooked security risk many corporations face.  

A new vulnerability: open source code integrations

As new technologies emerge and get introduced, relying on the assumption that the mainframe is secure by its very nature is no longer sufficient. Open source code integrations have become a pivotal element of mainframe application development, sparking innovation and expanding capabilities.

However, this progress comes with its own set of challenges: while open source codes are crucial to innovation and extended capabilities, they come saddled with vulnerabilities around their integrity and security. Their integration into the mainframe system carries inherent risks that mean security teams must stay vigilant.

Introducing a piece of open source code developed by a third party is a calculated risk that needs to be factored into the overarching cybersecurity strategy. Ensuring that the updates and fixes of those open source codes are applied and updates never fall by the wayside is crucial to upholding security best practices. On the tactical level, this also means adopting continuous monitoring in application development to ensure any vulnerabilities are spotted and addressed before a malicious actor can take advantage. 

Security as a shared responsibility: integrating with DevOps

As security challenges evolve, organisations need to be able to look at the bigger picture when it comes to building their cyber resilience. As the DevOps ecosystem of today is becoming increasingly complex and mainframe development teams are facing the challenge of modernising their toolchains, one of their primary concerns is security. 

Despite the awareness of these concerns, organisations are still coming up against barriers that prevent the security teams from efficiently integrating with DevOps. Some of the biggest reasons behind this are limited automation and integration capabilities, as well as incompatibility between legacy mainframe security tools and the more up to date tool chains DevOps favour. This is part of why any IT modernisation strategy should be underpinned by a concerted effort to modernise the mainframe as well. 

Cyber resilience from the ground up: IT modernisation

The fact is, once hackers gain access to the mainframe, the damage can be catastrophic, even after their presence is detected. If they have the time to create backdoors into the mainframe, they can further compromise it even after the weakness has been eliminated, and the data and mission critical applications stored there remain at imminent risk.. 

The aim of modernisation is to take what is already working and make it better, unlocking new capabilities and achieving new business outcomes. Successful mainframe modernisation leverages and increases the value of core system investments that are stored on the mainframe.

Organisations with legacy systems who are at the beginning of their IT modernisation journey must prioritise security alongside improved efficiency and innovation, so they can keep their valuable digital assets safe. This requires careful planning, as the process must not disrupt day-to-day business operations.  

In this age of rapid technological change, businesses cannot afford to lag behind when it comes to updating their IT infrastructure. As data moves through a multitude of environments, mainframes need to be able to extend and keep that data safe even within those new environments.

To achieve and maintain true cyber resilience, improving defence mechanisms cannot remain an isolated strategy meant only for the security teams. Instead, it needs to be an integral part of the overarching approach. 

Cynthia Overby Director of Security, Customer Solutions Engineering Rocket Software