For decades, the mainframe has been viewed as one of the most secure computing platforms on Earth. With tightly controlled access, centralized data management, and unmatched reliability, it earned its reputation as the “fortress” of enterprise IT.
But, as evidenced in our 2025 Arcati Mainframe Survey, the security conversation around the mainframe is shifting from a box to check to continuous vigilance. Security Improvement ranked second among the top 3 priorities for next year related to IT and Mainframe, following only talent and training.
Evolving Threats Meet Enduring Systems
The 2025 Arcati Mainframe User Survey shows that 53% of organizations now express concern about mainframe security with only 5% report being apprehensive. That’s a subtle but important distinction: confidence remains, but awareness is growing. The survey findings make one point clear: even the most secure platforms require continuous attention.
The top five risk areas identified by mainframe users mirror those seen in the wider enterprise landscape:
- Data breaches
- Unplanned downtime
- Ransomware attacks
- Compromised credentials
- Insider threats
The connection between security and availability is clear. Over half of respondents worry that a successful cyberattack could cause extended downtime. Mainframes may be stable, but the surrounding ecosystem, including cloud connectors, APIs, and cross-platform integrations, creates new attack surfaces every year
The Growing Gap: Monitoring and Modernization
Despite widespread trust in IBM Z’s architecture, 21% of organizations admit to insufficient cybersecurity monitoring. That gap becomes critical as hybrid IT environments expand. Integrations with cloud or distributed systems often bypass the traditional controls that kept the mainframe isolated and secure.
Compounding this risk, the adoption of quantum-safe cryptography remains just 7%, signaling that most enterprises have yet to prepare for next-generation encryption challenges. The 2024 Mainframe Market Pulse study also found that heavily regulated sectors like government and financial services report 4.7 times more vulnerabilities when external technologies are integrated with the mainframe. Compliance, once a box-checking activity, is now a moving target requiring continuous adaptation.
From Legacy Label to Living System
Security perceptions play a major role in strategic planning. Many organizations still categorize the mainframe as “legacy” rather than “strategic.” Yet those that recognize it as critical infrastructure are also more likely to see it as a platform for innovation.
According to the 2025 Arcati Mainframe User Survey, 35% of organizations have already invested in security enhancements such as encryption and zero-trust frameworks—clear signs that modernization and protection go hand in hand.
The real danger isn’t obsolescence, however, it’s neglect. Systems that remain outside modernization cycles risk losing visibility, patch management, and compliance alignment. As the report cautions, “Without modernization and integration with AI, cloud, and automation, organizations may struggle to shift perceptions beyond the past.”
Forward-thinking teams are redefining “legacy” as a living foundation—continuously updated, secured, and integrated with modern toolchains. For them, modernization isn’t optional; it’s the only way to ensure the mainframe’s security remains intact.
Security in the Age of Automation and AI
Automation is playing a major role in mainframe operations and, increasingly, in security. Event-driven rule engines and policy-based management are gaining ground, while true AI-driven automation is still rare (just 3% in production). The Forrester Mainframe Developer Study reinforces that automation is the top priority for accelerating secure development, especially as DevOps maturity grows across Z environments.
The next frontier is analytics-driven security: anomaly detection, predictive maintenance, and automated incident response. Just 6% of organizations currently use AI-based analytics, while another 32% are planning and 22% are testing. These emerging tools are beginning to close the loop between performance, resilience, and cybersecurity.
The Human Factor: Building the Next Line of Defense
Technology alone cannot secure the enterprise. The Arcati survey shows that security skills are in demand by 49% of organizations, and internal upskilling remains the preferred strategy. Internal training (77%) far outpaces hiring or vendor partnerships, reflecting both a talent shortage and a recognition that mainframe security requires contextual expertise.
By combining deep platform knowledge with modern security practices—like zero-trust, continuous monitoring, and DevSecOps—mainframe professionals are becoming the connective tissue between old and new IT worlds.
Continuous Vigilance, Not Complacency
The findings of the 2025 Arcati Mainframe User Survey reaffirm what most in the industry already know: the mainframe remains the backbone of enterprise security, but it isn’t invincible. As cyber threats grow more sophisticated, maintaining its reputation for resilience depends on consistent modernization, proactive monitoring, and steady investment in people and processes.
As we have read this Cybersecurity month, the message running through every feature, podcast, and panel on Planet Mainframe has been clear: the mainframe is only as strong as the vigilance behind it. From penetration testing to encryption strategies, from compliance analytics to lessons learned from recent cyber incidents, our contributors continue to show that security is both a discipline and a culture.
And while 2025 has highlighted progress, the next chapter begins now. The 2026 Arcati Mainframe User Survey, which opens today, invites mainframe professionals around the world to share their experiences and shape the next report. Your insights drive the data, and the data drives the discussion.
The mainframe doesn’t need rescuing—it needs reinforcing. Those who treat it as a living, evolving system will continue to rely on the world’s most trusted platform for secure, scalable computing.
0 Comments