The state of mainframe security: Five trends to watch

Mainframes aren’t obsolete — and there’s no reason mainframe security should be either.

Think about it: The mainframe has powered business computing for the past half-century. Even with the recent widespread adoption of cloud platforms and applications, many companies still rely on mainframe technologies to handle their most mission-critical work. In fact, mainframes manage more than 70% of IT workloads worldwide — and business leaders continue to  increase their mainframe usage alongside other cloud-based applications.

However, mainframe security is in need of a major upgrade. Despite the mainframe’s well-deserved reputation for security and reliability, emerging security threats are changing the security infrastructure that organizations need to have in place, from the mainframe to the end user. While cloud computing and AI certainly drive greater business value, efficiency and innovation, these technologies also open up more innovative hacking opportunities in which bad actors can expose and exploit new vulnerabilities, including within the mainframe.

In today’s challenging digital landscape, don’t risk putting off crucial security monitoring, maintenance and improvements. Your mainframe has to be ready for anything — and it starts with your mainframe security strategy.

Five trends shaping mainframe security standards in 2023

Organizations have historically viewed the mainframe as a secure platform less vulnerable to cyberattacks. However, data breaches have reached record levels in recent years, and more than half of large companies are failing to stop attacks, reduce the impact of breaches and quickly mitigate threats. The mainframe is by no means immune from these risks.

A lax attitude toward mainframe security offers a false sense of security in the short term, but it’s also causing organizations to overlook important mainframe upgrades and enhancements in favor of other security investments. As the impacts of data breaches grow more disruptive, damaging and costly, organizations must now reprioritize the mainframe and improve its security posture.

Here are five key trends impacting mainframe security today:

1. Renewed focus on monitoring: New industry rules and regulations — such as SOC 2 requirements, financial regulations and government mandates — have led organizations to step up their security monitoring and vulnerability management processes to ensure they’re meeting standards and other best practices. Routine vulnerability scanning, compliance audits and penetration testing (or pen testing) each play an important role in assessing, correcting and strengthening an organization’s security configuration — enabling them to identify and patch vulnerabilities before attackers can strike. Vulnerability scanning, specific types of audits and pen testing are among the steps organizations must take to manage their security configuration and prioritize ongoing mainframe monitoring.
2. Increased need for mainframe modernization: Many organizations continue to rely on legacy systems to run critical business applications and workloads. However, many of these systems were not designed with modern security needs in mind and lack the capabilities to protect against current threats. Organizations that prioritize the modernization of their mainframe systems not only strengthen their security measures but also fuel innovation, reducing vulnerabilities while enabling business growth. This includes upgrading hardware and software, implementing security patches and updates, and adopting modern security tools that integrate with mainframes and the larger hybrid cloud environment. Likewise, AI security tools can learn from patterns in user behaviors and instantaneously identify abnormalities, which reduces the need for  individuals to manually administer security checks.
3. Shifting security to the left: Developers and security teams typically assess security risks and vulnerabilities only after they’ve developed and deployed a product. But incorporating security testing and assessments earlier in the development cycle allows organizations to identify and fix potential vulnerabilities long before they become larger security risks. This strategy — known as shifting security to the left — is a vital part of DevSecOps, which aims to integrate security into the software development lifecycle from design to deployment. Implementing more security measures at the earliest stages of the development process reduces risk, keeps costs down and allows developers to focus on more critical issues and impactful development opportunities.
4. Adoption of Zero-Trust principles: Traditional approaches to security have focused on implementing firewalls, browser isolation systems and other perimeter-based defenses around an on-premise system. However, this method is outdated in the hybrid cloud environment, where organizations can’t enforce hard boundaries. Instead, more organizations are taking a holistic approach and adopting zero-trust principles, which require continuous verification of user identity and behavior, and strict controls to limit the level of access granted to individual users and applications. By assuming all users, devices and applications are potential security threats until proven otherwise, Zero Trust requires organizations to implement strong authentication protocols, role-based access controls and encryption for data in transit and at rest — protecting the mainframe environment from both internal and external threats.
5. Expertise of security architects: The mainframe security architect is responsible for managing an organization’s entire security framework, not just the mainframe, and can identify weak points and necessary improvements across the enterprise. This is especially important as organizations shift toward hybrid cloud environments, which require multiple security models and identity and access management schemes. Organizations are increasingly hiring a security architect who provides subject matter expertise and consultation to integrate existing mainframe environments within a broader hybrid cloud story, which is crucial to ensuring an organization’s new security standards are achievable in a cost-effective and long-term manner.

The mainframe remains a critical component of the IT infrastructure. But as hybrid cloud environments rapidly evolve — along with the threats aiming to exploit new vulnerabilities — companies must revisit existing security measures so their mainframes keep up.

Upgrading security measures empowers organizations to keep their mainframe secure while opening the door for the level of growth and innovation necessary for modern business success. By focusing on monitoring, modernization, shifting security to the left, zero-trust principles and working with a dedicated security architect, organizations can take proactive steps to protect the mainframe and its assets.

Learn more about how KRI can strengthen your organization’s mainframe security, and explore our vulnerability scanning, pen testing and compliance risk assessment solutions and services.