Sunday, 29 October 2023

The 2024 Arcati Mainframe Yearbook

The 2024 Arcati Mainframe Yearbook is underway! This publication has been the de facto reference work for IT professionals working with z/OS (and its forerunner) systems since 2005. The Yearbook’s highlights include a comprehensive annual user survey and an up-to-date directory of vendors, consultants, and service providers. It serves as a guide to useful sources of mainframe-related information with its mainframe strategy section containing papers on mainframe trends and directions; its glossary of terminology; and its mainframe evolution section. The 2024 release is in partnership with Planet Mainframe who will be creating a new digital experience with the Yearbook and promoting its release.

The Mainframe User Survey is the real deal. With an unbiased focus on all mainframe technologies and software, the annual mainframe users’ survey delivers a strategic advantage. For example, the 2023 survey explored what percentage of the total IT budget is absorbed by mainframe-related costs and cloud computing. 67 percent of sites say that the bulk of their IT budget is spent on cloud (up from 56% in 2022), leaving 33 percent of sites where most of their expenditure is on the mainframe side. It will be interesting to see how that figure changes since last year.

Respondents were also asked what makes them consider a change of vendor for their mainframe tools and utilities. The results showed clearly that cost is by far the biggest driver, (70 percent of respondents) even though cheaper tools often provide less functionality – it may be the case that some customers feel the higher-priced software is filled with bloatware that they have to pay for but will never use. ISVs may be pleased to know that 20 percent of sites said they rarely if ever change their software. 

More than 20,000 mainframe professionals downloaded the Yearbook this year and that number is expected to grow to over 30,000 in 2024 thanks to a new partnership with Planet Mainframe. 

How can you stay in the loop?

Take the annual user survey

As in previous years, all mainframe professionals are invited to complete the 10-minute survey. You can find the survey here. All respondents completing the anonymous survey before Friday 27 November will receive early access to the survey results.  

Get in the Vendor Directory

Vendors, consultants, and service providers can apply for a FREE entry in the vendor directory section by completing this form.

Purchase an Ad, publish a Paper, or become a Sponsor

Also, as in previous years, there is an opportunity for organizations to sponsor the Yearbook, take out a full-page or half-page advert, or contribute an article. Click here for more information. You can also reach out to Amanda Hendley to sign up. You also get your logo and link on the website landing page, Yearbook cover, and in the vendor directory. New this year is the opportunity for sponsors to provide an embedded video (mp4) of up to 2 minutes in length of a company representative talking about your included paper or your solution/services.

Don’t be left out

More than 20,000 mainframe professionals downloaded the Yearbook this year and that number is expected to grow to over 30,000 in 2024 thanks to a new partnership with Planet Mainframe.

 

Sunday, 22 October 2023

GSE UK Conference 30 October to 2 November


For people who work on mainframes and are based in the UK or Europe, this year’s Guide Share Europe (GSE) UK Annual Conference starts on Monday 30 October until Thursday 2 November. It really is not to be missed. If you’ve not been before, it’s held at Whittlebury Hall, Whittlebury, Near Towcester, Northamptonshire NN12 8QH, UK. This year’s strapline is “Where Technology and Talent meet Tomorrow”.

Because it’s an in-person meeting, it not only provides excellent education for attendees, but also gives them the opportunity to speak to the exhibitors about where they are focusing their attention, and to catch up – and argue – with other mainframers during the day and in the bar in the evening!

Because the conference starts at the end of the month, there’s not a lot of time left to register to attend. So, I would recommend that people do so straight away. My experience is that the conferences have always been great value for money, full of the latest greatest information, and as I just said, great for connecting with new and old friends.

This year, the Diamond sponsor is Broadcom. The Platinum Sponsors are BMC, Vanguard Rocket Software, and IBM. The Gold Sponsors are Opentext, and Vertali. The Silver Sponsors are MainTegrity, Ensono, DataKinetics, Beta Systems, Veracode, SEA Software Engineering of America, and SCC.

This year’s exhibitors are Enterprise Performance Strategies, Velocity Software, Trident Services, Macro4, Planet Mainframe, Fitz Software, TSG, </mooody cow>, Interskill, Red Hat, Dell Technologies, Action Software, Verhoef Training, Real Time Defrag (RTD), PopUp Mainframe, Precisely Software, Altair, IntelliMagic, and IBA Group.

There are two keynote presentations on Monday.

IBM’s Mark Nelson is talking about “Risk Assessment: We’re Only Human” at 5:15pm. Vertali’s Mark Wilson is then discussing the “Journey into Mainframes & Cybersecurity” at 6:15pm.

On Tuesday Mark Wilson is opening the conference proper at 9am followed by Rocket Software’s Phil Buckellew looking at “Modernization. Without Disruption” at 9:15. At 6pm, Vanguard’s Brian Marshall discusses “Cyber resilience: an organization’s DNA”. On Wednesday at 8am there’s “The Mark & Steve Show” with Steven Dickens from Futurum Group and Mark Wilson. At 9am, there’s Greg Lotko, SVP and General Manager for Broadcom’s Mainframe Software Division speaking about “Racing Towards Resiliency”. At 5:45 in the evening, IBM Fellow, Elpida Tzortzatos, will discuss “Why AI for business”. On Thursday, at 9am, BMC’s April Hickel starts the day with a session entitled “Mainframe Strong: Dancing into the Future”.

There are some lunch-and learn sessions too. On Tuesday at 1pm, IBM’s Michael Zagorski leads “Lunch & Learn IBM”. On Tuesday at 1pm, Broadcom’s Earl Dixon leads “New Mainframers Talk Candidly (continued)”. On Wednesday at 1pm its BMC Software’s Tim Ceradsky discussing “Redefining Data Storage: Unearth the Urgent Imperatives Driving Cloud Object Storage Adoption!”. Also on Wednesday at 12:45pm, Vertali’s Tony Amies talks about “Discover, Detect, Protect: Vertali zTrust for Networks”.

With up to 18 streams on some days, the streams include: 101 New to Mainframe, 102 New'ish to Mainframe, AI Artificial Intelligence, AppDev Application Development, CICS Transaction Processing, Db2 Relational Database, IMS, WIT Women in IT, Large Systems z/OS, z/VM, Linux on z, Mainframe Skills & Learning, MQ Messaging, Networks Communications, New Technologies, Security Securing Mainframes, Storage Management Disks, Tapes,, Systems Management Tools for managing systems, zP&C zSystems Performance & Capacity Management, Systems Management Tools for managing systems, Code-a-Thon Event

You can find out more details about the conference at https://conferences.gse.org.uk/2023/. And, if you’re on social media, the hashtags are #gseconf2023 and #gseukc.

It’s also worth adding that there’s usually 500 or more people there. It would be a shame for you to miss it.

As a final incentive, you may be interested in a session at 10:15 am on the Wednesday. It’s called “A look at human intelligence and how the human brain works”, it’s in the AI stream, and it will be presented by me in the Wellington A room.

I’ll see you there.


Sunday, 15 October 2023

Mainframes and disruptive technology

We all know what a mainframe is, but what do people mean when they describe something as a disruptive technology? Well, basically, a disruptive technology is something that changes the way we do things and changes people’s behaviour. An example might be the mobile phone – or, more particularly, the arrival of the smart phone. If you look at films or TV programmes made before 2010, people are just walking around looking where they are going and talking to their companions. If you look at current films and TV programmes, everyone seems to be looking at their phone. They are sending text messages or using apps to check their bank accounts or get discounts at supermarkets, or they are keeping up with social media, and, very rarely, they are making phone calls. There’s an obvious difference in their behaviour.

A disruptive technology typically comes with new tools or devices that change people’s lives. And, importantly, it creates new jobs and new markets, and new ways of doing things. Again, if you look at older films and TV programmes, we see the boss with his (and it usually is a man’s) secretary working in the outer office. She takes dictation from her boss and types up letters and memos. With the introduction of the laptop, the boss – and now it could be a man or woman – will write their own emails. There’s no need for that outer office or that job role.

In many ways, you might think of Zoom and Teams as being disruptive technologies because they have enabled so many people to work from home and still maintain contact with their colleagues and customers from wherever they are. I’ve known people go into their company office in recent times and been disappointed at how few staff are actually there. Completely gone is the buzz that there used to be when everyone was in work and sharing their views and experiences.

Although disruptive technologies may be based on better ways of doing something that can be already done some other way, and although they may have been around for a while, it’s their emergence into popular culture that seems to suddenly happen. One minute no-one knows anything about them, the next minute even your gran is talking about it! Sometimes it’s a bit like bands, who become overnight successes – although they may have been working under the radar for a number of years. Mainframers may remember how Linux suddenly became a thing on mainframes everywhere, even though it had been around for a while.

The other characteristics of disruptive technologies is that they need to be affordable, they need to be easily accessible, and they need to be fairly simple to use. If they are clunky, although some people will have bought them, they will end up on a shelf unused. People may remember the Sinclair C5, a small one-person battery electric vehicle that was launched in 1985. It was basically an electrically-assisted tricycle. It was a great idea – electric cars are everywhere nearly 40 years later. However, it was launched in the UK in January, when the weather is never great. It had no roof to keep the rain off, and battery technology in 1985 was not as good as it is today. This attempt at disruptive technology failed, but many people still have fond memories of the concept.

Not all attempts at disruptive technology actually turn out to be disruptive. There are plenty of research and development teams who have worked on ideas that have never reached their intended market or have disappeared without trace shortly afterwards. Usually, disruptive technologies will co-exist with the older technologies before they catch on and eventually replace them. It takes a while for die-hard conservatives to make a change to new ways of working or living.

Organizations that are early adopters of new technologies that work for them often find that they are able to save money, which means they can offer products or services at a cheaper rate than more traditional businesses. And that means they can make more money. It also gives those companies the ability to respond more quickly to changing market places or enter new market places.

So, what disruptive technologies are mainframe-using organizations facing? There are probably two big ones at the moment. They are cloud computing and Artificial Intelligence (AI). IBM and other companies are using AI to help organizations to do more, faster. I talked about watsonx, for example, here. Perhaps one of the biggest challenges facing mainframers is the use of AI by hackers looking for easy ways to steal corporate data and encrypt that data in order to send a ransom demand for money in exchange for the key to decrypt the data.

Cloud computing has been around for a while, and, clearly, some applications work brilliantly using the cloud. I’m thinking of analysing big data here. However, there are other applications that clearly work best if they are kept on the mainframe. This might be because the data they use can be kept encrypted or because the data can be accessed more speedily than in the cloud. So, some kind of hybrid working is probably the best way forward with this technology.

Other technologies that might have been transformative, but have sort of been absorbed into the mainstream include blockchain and NFTs, as well as IoT devices. But, you never know what disruptive technologies might be coming next that will make working on a mainframe different and better. And it’s important to keep in mind that new technologies come with new job opportunities.

 

 

Sunday, 8 October 2023

Beginner’s guide to using ChatGPT

There’s lots of talk about AI and how it can be used – and that includes politicians and Bob down the pub! It’s definitely no longer restricted to academia and IT conferences. Earlier this year, it seemed like everyone was using ChatGPT to see what it can do, and, of course, there have been worries that students would use it to write essays, and studios would use it to write scripts for TV shows. Having said that, more recently, I have found quite a few people who have been keeping up with the conversation, but haven’t actually had a go yet. So, for them, I thought I’d put together this beginner’s guide to using ChatGPT.

ChatGPT is an advanced natural language processing model developed by OpenAI. It is designed to generate human-like responses to prompts or questions. Whether you’re a beginner or an experienced user, this guide will help you navigate the ChatGPT interface and make the most out of your conversational interactions. Here’s a step-by-step approach to get you started.

Step 1: Accessing ChatGPT

To access ChatGPT, visit the OpenAI website (https://www.openai.com) and locate the “GPT-3 Playground”. Once you’re on the playground, you’ll see a text box where you can interact with the model.

Step 2: Prompt generation

Begin by entering a prompt in the text box to start a conversation. The system will generate a response based on the context and information provided. The prompt can be a question, a sentence, or a statement that guides the conversation.

For example, you can start with a simple prompt like: “Tell me a joke”. ChatGPT will then generate a response with a joke. You can build on this conversation by asking further questions or statements related to the generated response.

Step 3: Iterative conversation

One key feature of ChatGPT is its ability to maintain continuity across multiple messages. To achieve this, precede your input with a user or system name followed by a colon (“:”). For example, “User: What’s your favourite colour?” or “Assistant: How tall are you?”

By maintaining the user and assistant distinction, the model can better understand and respond to the conversation’s context. Iterative conversation allows you to engage in extended interactions and improves the model’s understanding of the intended conversation flow.

Step 4: System-level instructions

To guide the model’s behaviour, you can provide high-level instructions. These instructions help shape the response based on the desired outcome. For example, you can specify, “Assistant: Answer the question as if you’re a Shakespearean character”.

By giving system instructions, you can explore creative responses from the model. Experiment with these instructions to see how they impact the flavour or style of the generated text.

Step 5: Managing response length

You can control the length of the generated response using the ‘Max tokens’ setting. The more tokens you allow, the longer and more detailed the response will be. However, increasing the token limit also affects the model’s response time. Adjust this setting based on your preference and the desired level of detail.

Step 6: Learning from examples

Training the model to generate precise responses requires providing it with clear instructions. If a response is not satisfactory, you can use examples to illustrate how you want it to be improved.

For instance, you can mention previous correct or desired responses during conversation. This helps ChatGPT understand the desired output, leading to better performance and more accurate replies.

Step 7: Experimentation and refinement

Using ChatGPT is an iterative process. Experimentation and refining the prompts or instructions will improve the quality of generated responses. You can try different prompts, lengths, system instructions, or even restructuring your conversation to achieve better outcomes.

Remember, refining prompts and iterating through conversations will help you discover the best approaches to obtain the desired results.

Step 8: Ethical use and monitoring

While ChatGPT offers exciting possibilities, it is crucial to use it responsibly. OpenAI encourages users to follow their usage guidelines to ensure ethical and appropriate use of the model. Stay vigilant and monitor the system-generated content to prevent any misuse or biased outcomes.

Conclusion

ChatGPT is a powerful tool for generating human-like responses to prompts and holding natural conversations. By following this beginner’s guide, you can get started with ease and explore the capabilities of this remarkable language model. Remember to experiment, iterate, and use it ethically as you delve into the world of conversational AI.

You’ll not be surprised to learn that I asked ChatGPT to write the article. In the past, I have asked it to write a sonnet about mainframes, which I posted on LinkedIn, and which PJ (Pasquale) Catalano, IBM Z & LinuxONE Test Architect, recorded and also posted on LinkedIn.

What would I have added? I may have stressed that prompts really need to be specific to get a good response. You can ask ChatGPT to act in a particular role (eg customer support or HR manager), and you can ask it to perform a task (eg writing a job description of responding to a complaint). You can specify the format (eg bullet points or a flow chart), and you can get it to use a particular tone (eg engaging or serious). Also, you need to specify the objective.

ChatGPT integrates with business tools, it’s useful for data analysis and computations, and it can handle large numbers of queries at the same time, making it scalable. If you haven’t used it yet, then definitely take a look and see what all the hype has been about.

It’s worth noting that OpenAI recently launched ChatGPT Enterprise, which is meant to be a more secure version because it can be compliant with corporate privacy regulation, ie it supports features like SSO and usage insights.

 

Sunday, 1 October 2023

Is my mainframe under attack at the moment?

Cardinal Richelieu became a cardinal in 1622 and chief minister to King Louis XIII of France in 1624. And, as we know from Alexandre Dumas' book, The Three Musketeers, used a network of spies to ensure that he knew exactly what was going on in France and its neighbouring countries. Many mainframe sites could take a leaf out of Richelieu’s book (but, perhaps not too many!) to ensure that they know exactly what is going on inside their mainframe.

There are a number of people telling us that just because we haven’t spotted an attack on our mainframe yet, that doesn’t mean there hasn’t been one. And the reason they give for their message is simply that mainframes don’t have an early warning system to alert the security team that the early stages of an attack are taking place. All too often, it is only the arrival of a ransom demand that alerts anyone that a breach has taken place.

The latest Cost of a Data Breach Report from IBM Security found that the length of time it takes to identify a breach is, on average, 204 days, and the length of time to recover is, on average, a further 73 days. For the IT team, that must be a big concern. For the CFO, the big worry must be that the average cost of a breach is US$4.45 million.

Another cause for concern is that the report found that only 1 in 3 sites that experienced a breach had the breach identified by their own security teams or tools. The remaining 67% of breaches were reported by a benign third party or by the attackers themselves!

The big question that mainframe sites should be asking themselves is whether there is any way they could get some kind of early warning that the bad actors are already inside their mainframe. Well, is there?

The good news is that there is.

In a recent upgrade, MainTegrity’s FIM+ product not only provides an early warning of tampering at the various stages of an attack, but it can now stop the encryption stage as soon as it starts.

Just picking up on that point first, typically, mainframers realize that they are under attack when normal work on the mainframe stops. And it stops because the attackers have encrypted pretty much all the files. The ransom demand arrives shortly after, and they offer the key to unencrypt your files for a large quantity of bitcoins.

Obviously, encryption is going on all the time, you don’t want alerts being sent all the time because people would simply ignore them. FIM+ uses a whitelist for all the encryption activities it can ignore. It also doesn’t send a message to a human because we know how many files could be encrypted in the time it takes to read a message, put down your coffee cup and actually press a button. The software will suspend the job or TSO user immediately. That way, checks can be made at human speed in the certain knowledge that no more hostile encryption is taking place. If it really is OK to encrypt those files by that job or person, then everything can carry on from the point it was suspended. Otherwise, the job can be cancelled, and steps taken to recover the very few files affected.

That is a fantastic piece of software for saving your bacon at the last minute. It’s like those old cowboy movies where the 7th cavalry appears over the hills. But wouldn’t it be even better if you could be alerted to the fact that bad actors where inside your mainframe doing their nefarious worse earlier on?

Again, FIM+ can help. In the early stages of an attack, hackers are looking around your files to see what you’ve got and where the ‘good’ stuff is stored. FIM+ can identify unusual activity on configuration datasets (PARMLIBs, PROCLIBs, VTAMLST, TCPPARMS, etc) during this reconnaissance phase, and alert staff.

The software can also identify unusual number of read operations. If the number exceeds a customer-determined threshold, the early warning system can raise an alert.

Hackers may decide to bulk delete your files as a way of crippling your operations. Again, FIM+ can send alerts, or, if the number exceeds a predetermined threshold, it can suspend the job or TSO user.

Similarly, rather than delete a file, hackers may overwrite them with zeros, which can be difficult to detect. Again, if more than a preset number of files are being updated, FIM+ can send alerts or the job can be suspended.

Put these together, and you now have an early warning system installed on your mainframe to let you know that your mainframe is under attack. No need to wait 204 days before you become aware of what’s going on. Hacking gangs are no longer disgruntled teens waiting to say, “I’m in”, like they do in all the movies and TV shows. Now there is a mixture of criminal gangs, nation-states, and unhappy employees and ex-employees out there.

They don’t even need to know very much about hacking, they can buy so much as-a-Service (aaS). There’s Ransomware-as-a-Service (RaaS), Crypter-as-a-Service (CaaS), and Malware-as-a-Service (MaaS). You can buy access to a network using initial access brokers (IABs). There’s a whole industry out there making hacking your mainframe as easy as it can possibly be.

Doesn’t it make sense to have an early warning system in place already so you really know what’s going on?