Cyber Threat Reports, Pragmatic Modernization, and 60 Years of Mainframe

IBM Cyber Threat Index Report: Stolen Credentials Top Risk, Threat of AI Attacks Continue to Loom

Every year, IBM X-Force (IBM Consulting’s offensive and defensive security services arm) releases a report that surveys the cyber threat landscape and reports on emerging patterns they’re seeing. 

Among several noteworthy insights in the X-Force® Threat Intelligence Index 2024—gained from the analysis of 150 billion security events per day in more than 130 countries—IBM is highlighting three major trends for security professionals to heed:

• Attacks on critical infrastructure reveal industry “faux pas.” In nearly 85% of attacks on critical sectors, compromise could have been mitigated with patching, multi-factor authentication, or least-privilege principals – indicating that what the security industry historically described as “basic security” may be harder to achieve than portrayed.
• Ransomware groups pivot to leaner business model. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure. With this growing pushback likely to impact adversaries’ revenue expectations from encryption-based extortion, groups that previously specialized in ransomware were observed pivoting to infostealers.
• ROI from attacks on generative AI not there – yet. X-Force analysis projects that when a single generative AI technology approaches 50% market share or when the market consolidates to three or less technologies, it could trigger at-scale attacks against these platforms.

Other findings include Europe’s status as the preferred target for cyberattacks, with the region also bearing the brunt of global ransomware attacks (26%). And, while X-Force found that phishing attacks decreased in volume by 44% since 2022, there’s concern that AI will greatly increase that number. 

They also observed a 100% increase in “kerberoasting” attacks, wherein attackers attempt to impersonate users to escalate privileges by abusing Microsoft Active Directory tickets.

According to Charles Henderson, Global Managing Partner, IBM Consulting, and Head of IBM X-Force, “While ‘security fundamentals’ doesn’t get as many head turns as ‘AI-engineered attacks,’ it remains that enterprises’ biggest security problem boils down to the basic and known – not the novel and unknown. Identity is being used against enterprises time and time again, a problem that will worsen as adversaries invest in AI to optimize the tactic.”

Source: IBM

Fourth Annual Advanced Report Finds 92% of Organizations Embrace Pragmatic Modernization

Advanced has just released its Fourth Annual Mainframe Modernization Business Barometer Report, and the results show that predictions of mainframe extinction are not based on current business realities. 

Advanced is an international provider of application modernization services, and its most recent survey results show that 92% of organizations are considering mainframe modernization, and only 6% of respondents believe the mainframe will be replaced by alternative technologies in the near future. 

The report, based on a survey of 400 executives conducted by Coleman Parkes in August and September 2023 across a variety of industries, included insights from leaders who serve a variety of roles — enterprise architects, CIOs, application managers, program and project managers, and CTOs. According to the report, the majority of respondents were in the U.S. (74%), with 10% located in the United Kingdom, and the remaining 16% spread out across 10 countries in Europe and Asia.  

Some key insights from the report include: 

• Turbocharging with AI: The promises of AI on huge productivity and problem-solving gains has enticed more than 81% of organizations to act on its potential. Specifically, 52% are accelerating migration to access AI/ML capabilities more readily and 29% are pursuing integration directly on mainframes.
  
• Breaking mainframe silos through DevOps: Modernization drives a 96% increase in DevOps adoption, fostering collaboration over cumbersome processes. However, challenges persist around the integration of tools, processes, and culture, especially in government (76%) and manufacturing (62%).
  
• Efficiency and sustainability improvements: Modernization positively impacts sustainability goals for 89% of respondents, marking a 17-point increase since 2021. IT priorities include contributing to green initiatives (42%), enhancing reputation (38%), and improving energy efficiency (37%) through consolidation, scalable cloud solutions, clean energy mix, and mainframe optimization.
  
• External expertise boosts outcomes: Despite 46% planning modernization solely internally, only 22% of past projects succeeded this way. Partners provide specialized skills and proven methodologies to smooth initiatives.

“The pressure to migrate all data to the cloud has faded,” said Tim Jones, Managing Director of Application Modernization at Advanced. “With half of respondents’ critical information still on mainframes, but only 8% of their IT budget allocated there, retaining mainframes as part of hybrid strategies makes the most sense for innovation, efficiency, resilience and sustainability.”

Source: BusinessWire

Mainframe Turns 60: Share Your Mainframe Story 

Calling all mainframers! The Futurum Group’s webcast, The Main Scoop™, is covering the 60th anniversary of the mainframe, coming up on April 7th. 

The special edition of the webcast will feature Futurum Research’s Daniel Newman and Broadcom Mainframe Software’s Greg Lotko—but for this special edition, they are hoping to include the stories and experiences of people who work with mainframes. If you’d like to participate, leave a short video voicemail today, telling what the mainframe has meant to you: https://vocalvideo.com/c/broadcom-mainframe-software-ik0vg2w6

The Main Scoop™ is a monthly series covering news, announcements, trends, and new insights across the biz-tech landscape and the intersection of the mainframe. Each episode brings industry-leading thinkers and doers together to discuss ideas, opportunities, and strategies that shape business and IT strategy.