The Guide Share
Europe (#gseconf22 and #gseuk) conference took place in Whittlebury Manor
between 1 and 3 November. And it was brilliant. It was the first in-person
conference since 2019 due to Covid and lockdowns etc. And it was great to catch
up with old friends and colleagues, and, of course, meet lots of new
interesting people who have their own views and opinions on all things to do
with mainframes. I also came away with some new T-shirts, pens, and other
goodies given away by the various exhibitors there.
In many ways, the most important thing about the GSE conference is that you get to hear the latest thinking in mainframe environments. The number of sessions, including keynotes and lunch & learns must have been in the high hundreds – I estimated 180, but there could well have been more. These were usually divided into streams. Because I am starting the Virtual Db2 user group, I did spend some time in that stream. And because I was speaking in the security stream, I spent some time there. I also look after the Virtual IMS and Virtual CICS user groups, so that was two more streams I needed to visit. And there were some other sessions that caught my attention. I wonder whether the sessions should be recorded so you can catch the sessions you’re forced to miss because of timetable clashes?
The other noticeable thing about the GSE conference is just how friendly everyone is. There are plenty of older mainframers there, as you would expect, but also there were a decent number of younger people there – students, trainees, apprentices, and younger staff. The more experienced mainframers didn’t seem to be planning their retirements yet. However, it can only be a matter of time. Those youngsters will soon be taking on some quite serious responsibilities – and the salaries that go with that responsibility. It’s certainly a better career choice for them than trying to get promoted as a programmer at a games company!
Because of a road traffic accident in Oxford, I was delayed for a long time getting to Whittelbury Manor, so I missed the opening and first keynote. However, I was there in time to see Haakon Roberts talking about "Db2 Version 13 for z/OS: Technical Overview". It was an interesting presentation talking about the number of updates available as PTFs for Version 12 that were now included in V13, plus more. He also looked at what was needed to migrate to V13. A thorough and nicely presented session.
After that, I went to the security stream to see Mark Wilson discuss “Cyber Resiliency - What Does it Actually Mean and How Can I Obtain It?”. Mark has many years of experience working with security, and is GSE UK Region Manager. In an entertaining and interesting talk, Mark managed to engage with most of the audience, who he seemed to be on first name terms with. There were lots of things to think about after the session. Mark had stepped in to give a presentation because the speaker originally timetabled was ill.
After lunch, I was speaking to the security stream about “Ransomware, gaps in SMF records, and detection options”. There were around 30 people in the room, who additionally got to eat the food left by the lunch & learn group that had been using the room at lunch time! I highlighted that SMF wasn’t quite as good as most people imagined. I pointed out the importance of catching a breach in the early stages – long before databases became corrupted – saying that the first thing hackers do is change your infrastructure (parmlib members, system files, even application files). So, if you don’t stop them then (as they install backdoors and time bombs), your restore process has to go back to before the attack started, otherwise the bad actors can let you restore and just attack again! I stressed the need for the software to know which were good backups and to be able to create jobs to restore for you. And how integrity monitoring (IM) software can help.
After a short break, I attended “Finding your way around IMS”, which was presented by Anders Ohrnberg, a user from SEB in Sweden. This was intended as training for people new to IMS and looked at the importance of naming conventions and how it can be done.
After that, I went to see MainTegrity’s Al Saurette present to the Application Development group. His talk was called “DevSecOps – Preventing Supply Chain Attacks while securing your DevOps process”. He used the well-known Solar Winds hack as an example of what could happen, and focused on the best ways to ensure that what was tested and approved, actually got deployed correctly and that it remains in its trusted state.
I was in a meeting, so missed the evening keynotes. Dinner that followed was a buffet, but was again an opportunity to talk to new people and get a better insight into how IT was being used and what problems mainframers were putting at the top of their priority list.
The second part of this article will be published next week.
No comments:
Post a Comment