Even the news channels don’t make a big deal about cyberattacks these days. It’s happening all the time.
It’s incredible how many people don’t recognize that there is a war going on right now between hackers and organizations with any kind of IT hardware.
And when I say hackers, I don’t mean teenagers working late into the night on their laptops. I’m talking about organized criminal hacking groups; I’m talking about nation-states attacking other nation-states; I’m talking about individuals who can access Ransomware as a Service (RaaS) modules to attack the company of their choice.
It’s also quite easy for hackers who have accessed the computing platform of one company to access the servers of any organizations that supply that first company or buy from that first company if it has that kind of integration in place. These are mildly referred to as ‘supply chain breaches.’
Even the news channels don’t make a big deal about cyberattacks these days. It’s happening all the time.
Vulnerable Points
The other issue is that it’s not just an IT problem. Yes, of course, it is a major issue for IT departments. Unfortunately for them, these days, they don’t know all the applications used by their organization’s employees.
With the growth in cloud software and people working from home, organizations are seeing an increase in shadow IT—small apps that people use to make their jobs easier that are unknown to the IT team and are, therefore, not as secure as the software the IT team knows about.
There’s also an issue with Internet of Things (IoT) devices used in organizations. They are notoriously insecure, with many devices still using their default password. Hackers can access those devices, the corporate network, and the mainframe.
All staff need to be trained on the issue of ransomware and data breaches. After all, the staff will be impacted when the IT infrastructure goes down, and they can’t do their job until the business continuity plan can be put into operation. It’s ordinary employees who will click on phishing emails without thinking, open attachments containing malware, or click on links that take them to websites that automatically cause them to download some kind of malware. And so the attack on your mainframe begins.
A Heavy Mantle
Importantly, the Chief Financial Officer (CFO) will be responsible for releasing the funds to pay the ransom and will be called to account by the senior staff when customers whose personal data has been stolen need compensation.
The CFO will be responsible for paying fines because their organization wasn’t compliant with the regulations that apply to their industry. The CFO will also have to explain how much company money has been spent on lawyers trying to defend a raft of litigation that can follow a data breach.
CFOs must play a significant role in ensuring that their organization is compliant and that all possible defences are in place.
Behind the Curtain
So, how bad is a data breach? How much do bad actors demand in ransom? How much will an organization lose in terms of customers? And how long does it take to discover that your organization is under attack?
The IBM Cost of a Data Breach Report 2024 can give us some answers.
Breach Costs
Many people think that the cost of a data breach isn’t much. Yet the report reveals staggering numbers:
- The global average cost of a data breach in 2024 was US$4.88m, a 10% increase over the previous year.
- The USA had the highest average cost, at US$9.36m.
- Healthcare is still the costliest in terms of a data breach at US$9.77m.
- The financial sector is the second most costly at US$6.08m.
- The Industrial averages a cost of US$5.56m per attack.
In addition to quantifiable financial losses, costs from lost business and post-breach response rose nearly 11% over the previous year, contributing to the significant rise in overall breach costs.
Lost business costs include revenue loss due to system downtime, lost customers, and reputation damage. Post-breach costs can include the expense of setting up call centres and credit monitoring services for impacted customers and paying regulatory fines.
Identify and Contain Breaches
You might think that if you’re being hacked, you’ll know about it immediately, or indeed, early the following morning at least. Is that true?
The average time to identify and contain a breach was 258 days.
The report found that the average time to identify and contain a breach was 258 days. The average mean time to identify (MTTI) an attack was 194 days, and the mean time to contain (MTTC) an attack was 64 days.
However, breaches involving stolen or compromised credentials took the longest to identify and contain any attack vector: 292 days. Similar attacks that involved taking advantage of employees and employee access also took a long time to resolve. For example, phishing attacks lasted an average of 261 days, while social engineering attacks took 257 days.
Some suggest that mainframes are exempt from hacking and are cavalier about gaining access. However, how-to videos and guides indicate that a person with skills can hack a mainframe in five to thirty minutes. Your company wouldn’t even know for almost a year.
Take Action
The report should act as a wake-up call to all organizations and all sites that are not absolutely up to date with their defences. An immediate, responsible response should include every division of each organization, confirming 100% compliance with all the regulations that affect their industry.
Businesses also need to follow the recommendations of organizations such as NIST, the US-based National Institute of Standards and Technology. Consider sending employees to mainframe penetration testing classes and preparing a breach response team. The US Federal Trade Commission also offers businesses a data breach response guide.
Everyone in an organization, starting with the C-suite, must recognize and stay alert to data breaches and ransomware as serious, expensive, and long-lasting problems.
Regular Planet Mainframe Blog Contributor
A popular speaker, blogger, and writer, Trevor is CEO of iTech-Ed Ltd. He has an extensive 40-year background in mainframes and IT, and has been recognized as an IBM Champion from 2009–2024 for his leadership and contributions to the Information Management community.
What Does a Global Blackout Mean for Mainframe Companies?
Picture this: a global blackout plunges the world into darkness, and with it, down go financial institutions, healthcare systems, government services, and transportation. Chaos reigns. The heart of the modern economy—those powerful, “outdated” mainframes—comes to a standstill. The result? Absolute devastation. Yet, while everyone points fingers at the power grid, the real issue lies deeper: a lack of knowledge. Despite the fact that mainframes have quietly run the world’s critical infrastructure for decades, the collective ignorance about their importance is staggering.
We talk about digital transformation and cloud-first strategies, but how many companies can survive if their mainframe fails during a global blackout? Probably none. It’s time to face a harsh truth: if the tech industry doesn’t wake up and educate people about the real backbone of our economy, the next global outage could mean more than just flickering lights—it could mean economic collapse.
The Ironic Impact of a Global Blackout
Mainframes, the supposed dinosaurs of tech, power most critical sectors like banking, healthcare, and government services. Imagine the irony of these “outdated” systems being taken down by a blackout that they could’ve easily survived had anyone cared to invest in their upkeep. We’ve spent years migrating to the shiny cloud, only to find out, too late, that when the real storm hits, the cloud is just as vulnerable as any other infrastructure.
The cost? Not just lost revenue. Imagine halted financial transactions, hospitals without patient data, and governments unable to respond to crises. It’s the perfect storm—and the global economy is its victim. So, while everyone scrambles to bring their systems back online, the mainframes that were ignored for so long will be sitting there, smug in their reliability—if only anyone knew how to turn them back on.
Lack of Training: A Comedy of Errors
The best part? We’re not even prepared for this. The very people who should be running and maintaining these systems are disappearing because no one thought it necessary to teach mainframes in schools or invest in training programs for IT managers and executives.
Brilliant.
Freshers: Misinformed from Day One
Students are being led to believe that if they know how to build an app, they’re set for life. Never mind the fact that the systems actually keeping society functioning are written in COBOL, CICS, JCL, and other “ancient” languages. Freshers are told mainframes are a thing of the past, so they flock to the latest trendy technologies—completely unaware that the real money, the real jobs, and the real stability lie in mainframe expertise.
By the time they realize it, they’re in too deep. Too bad, right? And when the global blackout hits, they’ll be the first to ask, “Wait, what’s a mainframe again?”
Mid-Level IT Managers: The Blind Leading the Blind
The irony only gets richer. Mid-level IT managers, who are supposed to be the guardians of these systems, are woefully undertrained. Sure, they know how to manage cloud platforms and run a Kubernetes cluster, but ask them to troubleshoot a mainframe in crisis? Forget it. These managers are the ones who will be staring at green screens during a global blackout, wondering why the ‘Ctrl+Alt+Del’ trick isn’t working.
Mainframes? They’re robust and reliable—if someone knows how to maintain them. Otherwise, we’re all just waiting for the inevitable meltdown.
CXOs: Clueless at the Top
And let’s not forget the CXOs—those esteemed CTOs, CFOs, and CEOs making billion-dollar decisions without the slightest understanding of what mainframes even do. It’s almost comical: the very systems keeping their companies afloat are a complete mystery to them. They’re too busy being dazzled by cloud vendors to realize the ticking time bomb under their desks.
When the global blackout comes, they’ll be at a loss. “Why is our banking system down?” they’ll ask, oblivious to the fact that their mainframes have been ignored for years. Perhaps then, in a flash of irony, they’ll finally realize that their ‘modernization efforts’ didn’t modernize much at all.
Cloud Vendors: Selling Dreams While the Mainframe Burns
Speaking of modernization, cloud vendors must be laughing all the way to the bank. They’ve convinced entire industries to ditch their mainframes in favor of ‘cutting-edge’ cloud platforms that promise to solve all their problems—until the power goes out, that is.
Here’s the punchline: mainframes were doing cloud-like computing long before Amazon ever dreamed up AWS. IBM even offers Mainframe as a Service (MaaS)—a solution that’s as scalable and flexible as any cloud platform, but without the hidden costs and vendor lock-in. It’s almost as if mainframes have been quietly doing exactly what the cloud promises, but no one was paying attention. Classic.
A Global Blackout: The Perfect Storm of Ignorance
So, what happens when a global blackout hits? Downtime, vulnerabilities, and wasted resources on an unimaginable scale. Integration failures, retraining costs, and catastrophic losses will pile up—all because too many companies bought into the false narrative that mainframes are relics of the past.
It’s not just about downtime. The real cost comes later, when companies realize that migrating to the cloud wasn’t the magic bullet they thought it was. Hidden fees, endless upgrades, and a lack of skilled professionals will make them yearn for the days when their mainframes ran smoothly, 24/7, without the need for constant babysitting.
The Real Missed Opportunity
Here’s the kicker: IBM and other mainframe companies are partly to blame for this mess. If they had made mainframe training more accessible and affordable, we might not be in this position. Instead, by allowing mainframes to be viewed as ‘legacy systems,’ they’ve let cloud vendors take center stage, selling their services as the future—when in fact, they’re often just as fragile as the infrastructure they claim to replace.
The Bitter Reality: Mainframes Are Still Our Future
In the end, the truth is as ironic as it is sobering: mainframes are still the future, but we’re doing everything we can to ignore them. If we continue to neglect training programs and fail to prepare the next generation of IT professionals, a global blackout could be the least of our worries. We’ll be dealing with an entire generation of tech workers who don’t know how to keep the lights on.
Mainframes have always been reliable, but they can only do so much without skilled hands at the helm. The next time you hear about the wonders of the cloud, just remember: when the power goes out, you’ll wish you had a team that knew how to handle a mainframe.
________________________________________
UDAY PRASAD
ZEDINFOTECH