GSE UK Conference 2023 – from my point of view

The Guide Share Europe (GSE) UK Annual Conference ran from lunch time Monday 30 October until late afternoon on Thursday 2 November. It was held at Whittlebury Hall, Whittlebury, Near Towcester, Northamptonshire NN12 8QH, UK. This year’s strapline was “Where Technology and Talent meet Tomorrow”. And it was brilliant.

There were over 610 delegates, which must have been a record. And there were 278 sessions across 18 streams including the new Artificial Intelligence (AI) stream, as well as: 101 New to Mainframe, 102 New’ish to Mainframe, AppDev Application Development, CICS Transaction Processing, Db2 Relational Database, IMS, WIT Women in IT, Large Systems z/OS, z/VM, Linux on z, Mainframe Skills & Learning, MQ Messaging, Networks Communications, New Technologies, Security Securing Mainframes, Storage Management Disks, Tapes, Systems Management Tools for managing systems, zP&C zSystems Performance & Capacity Management, Systems Management Tools for managing systems, Code-a-Thon Event.

I arrived slightly later than planned due to an accident and later roadworks on the A34 into Oxford. And, just before registering, I spoke to Mark Wilson, who is the GSE UK Region Manager, and also Technical Director at Vertali. After that, I just had time to look round some of the exhibitors before dashing off to the first session I was attending. A quick break was followed by another session.

Lunch was nice, and gave more time to chat to exhibitors. I spoke to IBM Champion Matt Nation, Managing Director at Verhoef Training Ltd, which turned into a putting-the-world-to-rights session. I moved on to Fitz Software’s stand. Michael FitzGerald, MD at Fitz Software, quite rightly, wouldn’t let me start the whiskey tasting session because I was still eating. I agreed to come back later. I also stopped by the Action Software stand for a chat with Hugo Prittie, the CEO.

After lunch I went to a Security stream presentation. And, after that, I had a meeting – yes it was in the bar – with MainTegrity. That was followed by another session in the AI stream.

There were a number of exhibitors giving away T-shirts, and some giving away, socks, or caps. Interestingly, the PopUp Mainframe stand was giving away pants! It was there that I bumped into the always wonderful Resli Costabell, the award-winning international speaker, trainer, and coach. She was leading the Women in IT stream. It’s always a pleasure to chat to her.

At dinner, there were a few people in Halloween costumes. One person who came over to chat wearing their costume and face paint was Atul Bhovan, DevOps Solution Adviser with BMC Software. We agreed to meet the following day. I had dinner with IBM’s Anna Dawson, who chairs the system management streams. Tracey Dean, IBM Offering Manager: IMS and z/VM Management Software, came to join us for a chat. Tracey has spoken at a Virtual IMS user group meeting.

Wednesday started with me giving a presentation about the brain and what psychologists think intelligence is to the AI stream. It was well-received, and a number of people came up and said so afterwards. I was also asked to present it again at lunchtime to some people who couldn’t attend.

I then watched the next AI presentation before lunch. I bumped into IBM’s Joe Winchester on the stairs and chatted briefly. I also bumped into him in the bar – again a brief chat. Unfortunately, we never got to have a proper conversation about Zowe, open-source software, and anything else. Next time!

At lunchtime, I made sure to catch up with Andy McCandless, Presales Consultant with Beta Systems and am IBM Champion. He does a great mainframe-based newsletter, which is available on LinkedIn.

After lunch, I had a meeting with the Planet Mainframe people. There were lots of ideas bounced around by Andrew Armstrong and Amanda Hendley (whom people will know from the Virtual IMS, CICS, and Db2 user group meetings).

Then it was back to the AI stream for a game of Jeopardy led by IBM Champion Henri Kuiper.

Here’s photo of me enjoying the session.

I missed the final keynote and joined everyone for pre-dinner drinks. There I chatted to Herb Daly, Senior Lecturer in Computer Science at University of Wolverhampton and IBM Champion. He brought a number of students along to the conference. I also caught up with Tony Amies, Software Technical Director at Vertali. I’d missed his lunch-and-learn session.

I chatted to Darren Surch, CEO at Interskill Learning and a Lifetime IBM Champion. This is his photo. He said, “Honoured to spend time with the industry legend Trevor Eddolls. Priceless!”

It was a pleasure to meet Shari Chiara, Program Manager, IBM Champions and Community Advocacy – IBM Z and LinuxONE. All the IBM Champions that were around at that time had their photograph taken by a racing car.

Champions in the photo with Shari are: Mark Wilson, Henri Kuiper, Darren Surch, Trevor Eddolls, Matt Nation, Max Stern Dahl, Steven Perva, Larry Strickland, Andy McCandless, Tom Crocker, Wolfram Greis, Leendert Blondeel, Colin Knight, Philip Nelson, and Neale Ferguson.

My apologies to all the other people chatted to that I haven’t mentioned. And my thanks to all the people who took these photos that I have shamelessly stolen from LinkedIn and used.

IBM brought their Lego model of a mainframe. Here’s my photo with that.

And here I am standing by the real thing. 

 

 

Ideas from philosophy and good AI

One of the ancient questions in philosophy is, “what do you have to do to be a good man, or to live a good life?”. At the moment, there are a number of meetings going on all over the world trying to decide about the ‘goodness’ of artificial intelligence (AI), and, much like the parents of a slightly wayward teenager, how AI can be kept on the straight and narrow until their teenager grows up.

The question we should really be asking is, “what makes something good?” But the answer to that is much more complex than it at first seems. To a child, a good parent is someone who lets them eat sweets, lets them stay up late, and lets them watch TV or play computer games all day. A ‘bad’ parent is someone who places limits on those activities and makes them learn their spellings, recite their tables, and read books. However, the adult version of that child may clearly disagree with the view of their younger self because they have failed to achieve all that they were capable of, and they are unhappy with how their life has turned out.

Another question to ask is whether the same decision or activity is always the right one in order to be a good person or to achieve a good outcome? You can add to that whether the same right or wrong decisions apply to all cultures at all times? Here’s an example. A man walks into a crowded room and starts firing a gun at the other people in the room. Is that a good thing to do? Hopefully, most people feel the answer is ‘no’, but want to know more information. How about if the room is full of people who are about to destroy the world – including you. Does that make the murders acceptable? In how many films or TV shows has murder been made acceptable because a ‘bad’ person has been stopped from doing harm. If I were writing an algorithm about when my AI could kill people, it would have to be quite a complicated one. The point I’m trying to make is that the rules we live by are quite complex and often unstated.

Let’s go back to the fourth century BCE. Socrates said that a good man does not concern himself with petty personal wants but only whether his actions are good and just. Although, of course, that hasn’t told us what is meant by good or just. However, it gives us a starting point for our AI.

Aristotle in the third century BCE suggested that a good man is the man who acts and lives virtuously and derives happiness from that virtue. He introduced the idea of virtue. I’ve not yet heard anyone talk about virtue in association with an AI.

Plato, who came between Socrates and Aristotle suggested four virtues, which were: prudence, fortitude, temperance, and justice. Aristotle muddied the waters a little by suggesting that a virtue can be defined as a point between a deficiency and an excess of a trait. The point of greatest virtue lies not in the exact middle, but at a golden mean sometimes closer to one extreme than the other. I say “muddied the waters” because that gets harder to code an algorithm or train an AI (or human) on.

Marcus Aurelius, the Stoic philosopher in the first century CE said, “Waste no more time arguing what a good man should be. Be one.” What he’s suggesting is that we’re all wasting our time discussing being good, we should lead by example and live a good life. I like the idea of just getting on and doing it. However, having done stuff all day, how can I know at the end of it whether I have been doing good or not?

Thomas Babington Macaulay in the 19^th century came up with a quote that seems to apply to much AI research across the world, “The measure of a man's character is what he would do if he knew he would never be found out.” Or maybe I’m just a little cynical about people who are training Ais to hack mainframes? Perhaps people working on Ai are like the parents of teenagers and helping them to understand the need for kindness, honesty, courage, generosity, and integrity. These virtues can help to make the AI ‘good’. By cultivating virtues within the AI, we could, hopefully, shape its decisions.

Bertrand Russell, who died in 1970, said that the good life is one inspired by love and guided by knowledge. Clearly Ais are being fed lots of information – and, again hopefully, not too many alternative facts, but I have not sat through an AI presentation where someone mentioned the word ‘love’. It’s suggested that someone following Russell’s ideas will lead a good life with a deep sense of fulfilment. Ais don’t do feelings – unless you know better? No-one expects an AI to feel happy at the end of a day’s work.

Those working on Ais might do well to remember the words of Ralph Waldo Emerson in the 18^th century. He said: “The purpose of life is not to be happy. It is to be useful, to be honourable, to be compassionate, to have it make some difference that you have lived and lived well.” Again, I don’t know whether the word ‘honourable’ is in the mind of people training Ais, but hopefully the AI is making some difference, in a positive way.

My thinking at the moment is that AI is neither good nor bad, it is only the use that people put it to that will make it seem either one or the other. Like every other invention, it will lead to change, but it will also lead to new jobs being created. I am sure that there will be an arms race as bad actors use Ai to attack mainframes and the good guys us AI to protect them. I am also uncertain whether legislation is going to be the most successful way to control AI. Large western governments will try this route because it’s the way they try to control everything else, but offshore development will continue whatever. What I am suggesting is that AI developers should look back at over 2000 years of philosophical thinking to decide what the right thing is to do when training the AI they are working on.

 

The 2024 Arcati Mainframe Yearbook

The 2024 Arcati Mainframe Yearbook is underway! This publication has been the de facto reference work for IT professionals working with z/OS (and its forerunner) systems since 2005. The Yearbook’s highlights include a comprehensive annual user survey and an up-to-date directory of vendors, consultants, and service providers. It serves as a guide to useful sources of mainframe-related information with its mainframe strategy section containing papers on mainframe trends and directions; its glossary of terminology; and its mainframe evolution section. The 2024 release is in partnership with Planet Mainframe who will be creating a new digital experience with the Yearbook and promoting its release.

The Mainframe User Survey is the real deal. With an unbiased focus on all mainframe technologies and software, the annual mainframe users’ survey delivers a strategic advantage. For example, the 2023 survey explored what percentage of the total IT budget is absorbed by mainframe-related costs and cloud computing. 67 percent of sites say that the bulk of their IT budget is spent on cloud (up from 56% in 2022), leaving 33 percent of sites where most of their expenditure is on the mainframe side. It will be interesting to see how that figure changes since last year.

Respondents were also asked what makes them consider a change of vendor for their mainframe tools and utilities. The results showed clearly that cost is by far the biggest driver, (70 percent of respondents) even though cheaper tools often provide less functionality – it may be the case that some customers feel the higher-priced software is filled with bloatware that they have to pay for but will never use. ISVs may be pleased to know that 20 percent of sites said they rarely if ever change their software. 

More than 20,000 mainframe professionals downloaded the Yearbook this year and that number is expected to grow to over 30,000 in 2024 thanks to a new partnership with Planet Mainframe. 

How can you stay in the loop?

Take the annual user survey

As in previous years, all mainframe professionals are invited to complete the 10-minute survey. You can find the survey here. All respondents completing the anonymous survey before Friday 27 November will receive early access to the survey results.  

Get in the Vendor Directory

Vendors, consultants, and service providers can apply for a FREE entry in the vendor directory section by completing this form.

Purchase an Ad, publish a Paper, or become a Sponsor

Also, as in previous years, there is an opportunity for organizations to sponsor the Yearbook, take out a full-page or half-page advert, or contribute an article. Click here for more information. You can also reach out to Amanda Hendley to sign up. You also get your logo and link on the website landing page, Yearbook cover, and in the vendor directory. New this year is the opportunity for sponsors to provide an embedded video (mp4) of up to 2 minutes in length of a company representative talking about your included paper or your solution/services.

Don’t be left out

More than 20,000 mainframe professionals downloaded the Yearbook this year and that number is expected to grow to over 30,000 in 2024 thanks to a new partnership with Planet Mainframe.

 

GSE UK Conference 30 October to 2 November

For people who work on mainframes and are based in the UK or Europe, this year’s Guide Share Europe (GSE) UK Annual Conference starts on Monday 30 October until Thursday 2 November. It really is not to be missed. If you’ve not been before, it’s held at Whittlebury Hall, Whittlebury, Near Towcester, Northamptonshire NN12 8QH, UK. This year’s strapline is “Where Technology and Talent meet Tomorrow”.

Because it’s an in-person meeting, it not only provides excellent education for attendees, but also gives them the opportunity to speak to the exhibitors about where they are focusing their attention, and to catch up – and argue – with other mainframers during the day and in the bar in the evening!

Because the conference starts at the end of the month, there’s not a lot of time left to register to attend. So, I would recommend that people do so straight away. My experience is that the conferences have always been great value for money, full of the latest greatest information, and as I just said, great for connecting with new and old friends.

This year, the Diamond sponsor is Broadcom. The Platinum Sponsors are BMC, Vanguard Rocket Software, and IBM. The Gold Sponsors are Opentext, and Vertali. The Silver Sponsors are MainTegrity, Ensono, DataKinetics, Beta Systems, Veracode, SEA Software Engineering of America, and SCC.

This year’s exhibitors are Enterprise Performance Strategies, Velocity Software, Trident Services, Macro4, Planet Mainframe, Fitz Software, TSG, </mooody cow>, Interskill, Red Hat, Dell Technologies, Action Software, Verhoef Training, Real Time Defrag (RTD), PopUp Mainframe, Precisely Software, Altair, IntelliMagic, and IBA Group.

There are two keynote presentations on Monday.

IBM’s Mark Nelson is talking about “Risk Assessment: We’re Only Human” at 5:15pm. Vertali’s Mark Wilson is then discussing the “Journey into Mainframes & Cybersecurity” at 6:15pm.

On Tuesday Mark Wilson is opening the conference proper at 9am followed by Rocket Software’s Phil Buckellew looking at “Modernization. Without Disruption” at 9:15. At 6pm, Vanguard’s Brian Marshall discusses “Cyber resilience: an organization’s DNA”. On Wednesday at 8am there’s “The Mark & Steve Show” with Steven Dickens from Futurum Group and Mark Wilson. At 9am, there’s Greg Lotko, SVP and General Manager for Broadcom’s Mainframe Software Division speaking about “Racing Towards Resiliency”. At 5:45 in the evening, IBM Fellow, Elpida Tzortzatos, will discuss “Why AI for business”. On Thursday, at 9am, BMC’s April Hickel starts the day with a session entitled “Mainframe Strong: Dancing into the Future”.

There are some lunch-and learn sessions too. On Tuesday at 1pm, IBM’s Michael Zagorski leads “Lunch & Learn IBM”. On Tuesday at 1pm, Broadcom’s Earl Dixon leads “New Mainframers Talk Candidly (continued)”. On Wednesday at 1pm its BMC Software’s Tim Ceradsky discussing “Redefining Data Storage: Unearth the Urgent Imperatives Driving Cloud Object Storage Adoption!”. Also on Wednesday at 12:45pm, Vertali’s Tony Amies talks about “Discover, Detect, Protect: Vertali zTrust for Networks”.

With up to 18 streams on some days, the streams include: 101 New to Mainframe, 102 New'ish to Mainframe, AI Artificial Intelligence, AppDev Application Development, CICS Transaction Processing, Db2 Relational Database, IMS, WIT Women in IT, Large Systems z/OS, z/VM, Linux on z, Mainframe Skills & Learning, MQ Messaging, Networks Communications, New Technologies, Security Securing Mainframes, Storage Management Disks, Tapes,, Systems Management Tools for managing systems, zP&C zSystems Performance & Capacity Management, Systems Management Tools for managing systems, Code-a-Thon Event

You can find out more details about the conference at https://conferences.gse.org.uk/2023/. And, if you’re on social media, the hashtags are #gseconf2023 and #gseukc.

It’s also worth adding that there’s usually 500 or more people there. It would be a shame for you to miss it.

As a final incentive, you may be interested in a session at 10:15 am on the Wednesday. It’s called “A look at human intelligence and how the human brain works”, it’s in the AI stream, and it will be presented by me in the Wellington A room.

I’ll see you there.

Mainframes and disruptive technology

We all know what a mainframe is, but what do people mean when they describe something as a disruptive technology? Well, basically, a disruptive technology is something that changes the way we do things and changes people’s behaviour. An example might be the mobile phone – or, more particularly, the arrival of the smart phone. If you look at films or TV programmes made before 2010, people are just walking around looking where they are going and talking to their companions. If you look at current films and TV programmes, everyone seems to be looking at their phone. They are sending text messages or using apps to check their bank accounts or get discounts at supermarkets, or they are keeping up with social media, and, very rarely, they are making phone calls. There’s an obvious difference in their behaviour.

A disruptive technology typically comes with new tools or devices that change people’s lives. And, importantly, it creates new jobs and new markets, and new ways of doing things. Again, if you look at older films and TV programmes, we see the boss with his (and it usually is a man’s) secretary working in the outer office. She takes dictation from her boss and types up letters and memos. With the introduction of the laptop, the boss – and now it could be a man or woman – will write their own emails. There’s no need for that outer office or that job role.

In many ways, you might think of Zoom and Teams as being disruptive technologies because they have enabled so many people to work from home and still maintain contact with their colleagues and customers from wherever they are. I’ve known people go into their company office in recent times and been disappointed at how few staff are actually there. Completely gone is the buzz that there used to be when everyone was in work and sharing their views and experiences.

Although disruptive technologies may be based on better ways of doing something that can be already done some other way, and although they may have been around for a while, it’s their emergence into popular culture that seems to suddenly happen. One minute no-one knows anything about them, the next minute even your gran is talking about it! Sometimes it’s a bit like bands, who become overnight successes – although they may have been working under the radar for a number of years. Mainframers may remember how Linux suddenly became a thing on mainframes everywhere, even though it had been around for a while.

The other characteristics of disruptive technologies is that they need to be affordable, they need to be easily accessible, and they need to be fairly simple to use. If they are clunky, although some people will have bought them, they will end up on a shelf unused. People may remember the Sinclair C5, a small one-person battery electric vehicle that was launched in 1985. It was basically an electrically-assisted tricycle. It was a great idea – electric cars are everywhere nearly 40 years later. However, it was launched in the UK in January, when the weather is never great. It had no roof to keep the rain off, and battery technology in 1985 was not as good as it is today. This attempt at disruptive technology failed, but many people still have fond memories of the concept.

Not all attempts at disruptive technology actually turn out to be disruptive. There are plenty of research and development teams who have worked on ideas that have never reached their intended market or have disappeared without trace shortly afterwards. Usually, disruptive technologies will co-exist with the older technologies before they catch on and eventually replace them. It takes a while for die-hard conservatives to make a change to new ways of working or living.

Organizations that are early adopters of new technologies that work for them often find that they are able to save money, which means they can offer products or services at a cheaper rate than more traditional businesses. And that means they can make more money. It also gives those companies the ability to respond more quickly to changing market places or enter new market places.

So, what disruptive technologies are mainframe-using organizations facing? There are probably two big ones at the moment. They are cloud computing and Artificial Intelligence (AI). IBM and other companies are using AI to help organizations to do more, faster. I talked about watsonx, for example, here. Perhaps one of the biggest challenges facing mainframers is the use of AI by hackers looking for easy ways to steal corporate data and encrypt that data in order to send a ransom demand for money in exchange for the key to decrypt the data.

Cloud computing has been around for a while, and, clearly, some applications work brilliantly using the cloud. I’m thinking of analysing big data here. However, there are other applications that clearly work best if they are kept on the mainframe. This might be because the data they use can be kept encrypted or because the data can be accessed more speedily than in the cloud. So, some kind of hybrid working is probably the best way forward with this technology.

Other technologies that might have been transformative, but have sort of been absorbed into the mainstream include blockchain and NFTs, as well as IoT devices. But, you never know what disruptive technologies might be coming next that will make working on a mainframe different and better. And it’s important to keep in mind that new technologies come with new job opportunities.

 

 

Beginner’s guide to using ChatGPT

There’s lots of talk about AI and how it can be used – and that includes politicians and Bob down the pub! It’s definitely no longer restricted to academia and IT conferences. Earlier this year, it seemed like everyone was using ChatGPT to see what it can do, and, of course, there have been worries that students would use it to write essays, and studios would use it to write scripts for TV shows. Having said that, more recently, I have found quite a few people who have been keeping up with the conversation, but haven’t actually had a go yet. So, for them, I thought I’d put together this beginner’s guide to using ChatGPT.

ChatGPT is an advanced natural language processing model developed by OpenAI. It is designed to generate human-like responses to prompts or questions. Whether you’re a beginner or an experienced user, this guide will help you navigate the ChatGPT interface and make the most out of your conversational interactions. Here’s a step-by-step approach to get you started.

Step 1: Accessing ChatGPT

To access ChatGPT, visit the OpenAI website (https://www.openai.com) and locate the “GPT-3 Playground”. Once you’re on the playground, you’ll see a text box where you can interact with the model.

Step 2: Prompt generation

Begin by entering a prompt in the text box to start a conversation. The system will generate a response based on the context and information provided. The prompt can be a question, a sentence, or a statement that guides the conversation.

For example, you can start with a simple prompt like: “Tell me a joke”. ChatGPT will then generate a response with a joke. You can build on this conversation by asking further questions or statements related to the generated response.

Step 3: Iterative conversation

One key feature of ChatGPT is its ability to maintain continuity across multiple messages. To achieve this, precede your input with a user or system name followed by a colon (“:”). For example, “User: What’s your favourite colour?” or “Assistant: How tall are you?”

By maintaining the user and assistant distinction, the model can better understand and respond to the conversation’s context. Iterative conversation allows you to engage in extended interactions and improves the model’s understanding of the intended conversation flow.

Step 4: System-level instructions

To guide the model’s behaviour, you can provide high-level instructions. These instructions help shape the response based on the desired outcome. For example, you can specify, “Assistant: Answer the question as if you’re a Shakespearean character”.

By giving system instructions, you can explore creative responses from the model. Experiment with these instructions to see how they impact the flavour or style of the generated text.

Step 5: Managing response length

You can control the length of the generated response using the ‘Max tokens’ setting. The more tokens you allow, the longer and more detailed the response will be. However, increasing the token limit also affects the model’s response time. Adjust this setting based on your preference and the desired level of detail.

Step 6: Learning from examples

Training the model to generate precise responses requires providing it with clear instructions. If a response is not satisfactory, you can use examples to illustrate how you want it to be improved.

For instance, you can mention previous correct or desired responses during conversation. This helps ChatGPT understand the desired output, leading to better performance and more accurate replies.

Step 7: Experimentation and refinement

Using ChatGPT is an iterative process. Experimentation and refining the prompts or instructions will improve the quality of generated responses. You can try different prompts, lengths, system instructions, or even restructuring your conversation to achieve better outcomes.

Remember, refining prompts and iterating through conversations will help you discover the best approaches to obtain the desired results.

Step 8: Ethical use and monitoring

While ChatGPT offers exciting possibilities, it is crucial to use it responsibly. OpenAI encourages users to follow their usage guidelines to ensure ethical and appropriate use of the model. Stay vigilant and monitor the system-generated content to prevent any misuse or biased outcomes.

Conclusion

ChatGPT is a powerful tool for generating human-like responses to prompts and holding natural conversations. By following this beginner’s guide, you can get started with ease and explore the capabilities of this remarkable language model. Remember to experiment, iterate, and use it ethically as you delve into the world of conversational AI.

You’ll not be surprised to learn that I asked ChatGPT to write the article. In the past, I have asked it to write a sonnet about mainframes, which I posted on LinkedIn, and which PJ (Pasquale) Catalano, IBM Z & LinuxONE Test Architect, recorded and also posted on LinkedIn.

What would I have added? I may have stressed that prompts really need to be specific to get a good response. You can ask ChatGPT to act in a particular role (eg customer support or HR manager), and you can ask it to perform a task (eg writing a job description of responding to a complaint). You can specify the format (eg bullet points or a flow chart), and you can get it to use a particular tone (eg engaging or serious). Also, you need to specify the objective.

ChatGPT integrates with business tools, it’s useful for data analysis and computations, and it can handle large numbers of queries at the same time, making it scalable. If you haven’t used it yet, then definitely take a look and see what all the hype has been about.

It’s worth noting that OpenAI recently launched ChatGPT Enterprise, which is meant to be a more secure version because it can be compliant with corporate privacy regulation, ie it supports features like SSO and usage insights.

 

Is my mainframe under attack at the moment?

Cardinal Richelieu became a cardinal in 1622 and chief minister to King Louis XIII of France in 1624. And, as we know from Alexandre Dumas' book, The Three Musketeers, used a network of spies to ensure that he knew exactly what was going on in France and its neighbouring countries. Many mainframe sites could take a leaf out of Richelieu’s book (but, perhaps not too many!) to ensure that they know exactly what is going on inside their mainframe.

There are a number of people telling us that just because we haven’t spotted an attack on our mainframe yet, that doesn’t mean there hasn’t been one. And the reason they give for their message is simply that mainframes don’t have an early warning system to alert the security team that the early stages of an attack are taking place. All too often, it is only the arrival of a ransom demand that alerts anyone that a breach has taken place.

The latest Cost of a Data Breach Report from IBM Security found that the length of time it takes to identify a breach is, on average, 204 days, and the length of time to recover is, on average, a further 73 days. For the IT team, that must be a big concern. For the CFO, the big worry must be that the average cost of a breach is US$4.45 million.

Another cause for concern is that the report found that only 1 in 3 sites that experienced a breach had the breach identified by their own security teams or tools. The remaining 67% of breaches were reported by a benign third party or by the attackers themselves!

The big question that mainframe sites should be asking themselves is whether there is any way they could get some kind of early warning that the bad actors are already inside their mainframe. Well, is there?

The good news is that there is.

In a recent upgrade, MainTegrity’s FIM+ product not only provides an early warning of tampering at the various stages of an attack, but it can now stop the encryption stage as soon as it starts.

Just picking up on that point first, typically, mainframers realize that they are under attack when normal work on the mainframe stops. And it stops because the attackers have encrypted pretty much all the files. The ransom demand arrives shortly after, and they offer the key to unencrypt your files for a large quantity of bitcoins.

Obviously, encryption is going on all the time, you don’t want alerts being sent all the time because people would simply ignore them. FIM+ uses a whitelist for all the encryption activities it can ignore. It also doesn’t send a message to a human because we know how many files could be encrypted in the time it takes to read a message, put down your coffee cup and actually press a button. The software will suspend the job or TSO user immediately. That way, checks can be made at human speed in the certain knowledge that no more hostile encryption is taking place. If it really is OK to encrypt those files by that job or person, then everything can carry on from the point it was suspended. Otherwise, the job can be cancelled, and steps taken to recover the very few files affected.

That is a fantastic piece of software for saving your bacon at the last minute. It’s like those old cowboy movies where the 7^th cavalry appears over the hills. But wouldn’t it be even better if you could be alerted to the fact that bad actors where inside your mainframe doing their nefarious worse earlier on?

Again, FIM+ can help. In the early stages of an attack, hackers are looking around your files to see what you’ve got and where the ‘good’ stuff is stored. FIM+ can identify unusual activity on configuration datasets (PARMLIBs, PROCLIBs, VTAMLST, TCPPARMS, etc) during this reconnaissance phase, and alert staff.

The software can also identify unusual number of read operations. If the number exceeds a customer-determined threshold, the early warning system can raise an alert.

Hackers may decide to bulk delete your files as a way of crippling your operations. Again, FIM+ can send alerts, or, if the number exceeds a predetermined threshold, it can suspend the job or TSO user.

Similarly, rather than delete a file, hackers may overwrite them with zeros, which can be difficult to detect. Again, if more than a preset number of files are being updated, FIM+ can send alerts or the job can be suspended.

Put these together, and you now have an early warning system installed on your mainframe to let you know that your mainframe is under attack. No need to wait 204 days before you become aware of what’s going on. Hacking gangs are no longer disgruntled teens waiting to say, “I’m in”, like they do in all the movies and TV shows. Now there is a mixture of criminal gangs, nation-states, and unhappy employees and ex-employees out there.

They don’t even need to know very much about hacking, they can buy so much as-a-Service (aaS). There’s Ransomware-as-a-Service (RaaS), Crypter-as-a-Service (CaaS), and Malware-as-a-Service (MaaS). You can buy access to a network using initial access brokers (IABs). There’s a whole industry out there making hacking your mainframe as easy as it can possibly be.

Doesn’t it make sense to have an early warning system in place already so you really know what’s going on?