Bringing Mainframe Security Into the Spotlight: Kev Milne’s Mission

This piece is part of the 2026 Planet Mainframe Influential Mainframers series.

The mainframe still powers a vast portion of the world’s critical infrastructure—financial systems, healthcare platforms, and government operations. But for years, it has remained largely absent from the broader cybersecurity conversation.

Kev Milne has been working to change that.

With more than 30 years in cybersecurity, Milne didn’t set out to specialize in mainframe security. Like many in the field, he arrived there out of necessity. While building a team at NatWest, he faced a familiar challenge: finding penetration testers with mainframe experience was nearly impossible. So he went looking for answers himself—and uncovered a significant gap.

Few tools. Limited training. Almost no practical guidance.

So he started building what was missing.

Building What Didn’t Exist

Today, through Neuro Training Ltd, Milne delivers what is widely regarded as the only publicly available course dedicated to mainframe penetration testing. It’s designed deliberately for two audiences: seasoned mainframers looking to understand modern security testing, and penetration testers encountering the platform for the first time.

That dual focus is intentional.

Milne’s work doesn’t just connect disciplines—it lowers the barrier to entry. His course includes discounted pricing and free access for students and early-career professionals, reflecting a belief that access to this knowledge shouldn’t be limited to those already inside enterprise environments.

Opening the Door to Hands-On Learning

That same philosophy extends into the tools he’s created.

Milne developed Gibson, an open-source mainframe simulator written in Python that replicates environments like TSO, CICS, and Db2. For many aspiring practitioners, the biggest obstacle isn’t interest—it’s access. Gibson removes that barrier.

He followed it with PiFrame, a lightweight, Raspberry Pi-based environment that brings mainframe-style learning even closer to the individual user.

Together, these tools have transformed how people can engage with mainframe security—making experimentation, learning, and skill-building possible without needing enterprise access.

Expanding the Conversation

Milne’s impact extends well beyond tools and training.

He has delivered penetration testing workshops at Abertay University, where students with no prior exposure to mainframes quickly engage with the platform. At NatWest, he mentors early-career professionals, helping them develop both technical expertise and the confidence to apply it.

Just as importantly, he’s brought mainframe security into spaces where it’s rarely discussed—presenting at events including the New York Mainframe Group, GSE UK, WAVEZ, and the FS-Cyber Security Intelligence Group.

Online, he continues to share insights with a growing audience and contributes to publications such as HVCK Magazine and Planet Mainframe. His appearance on The Mainframe Book Club podcast highlighted a clear demand for practical, experience-driven perspectives in this space.

Making Security Matter

His next contribution may be his most significant yet: an upcoming book on mainframe penetration testing, to be published by No Starch Press. Expected to be one of the first comprehensive resources of its kind, it aims to fill a gap that has persisted for decades.

That perspective defines Milne’s approach. His work isn’t just about identifying vulnerabilities—it’s about translating risk, building understanding, and helping organizations respond effectively.

The mainframe isn’t going anywhere. If anything, its importance continues to grow. But its security depends on people who can bridge worlds—who understand both the platform and the evolving threat landscape, and who are willing to bring those conversations into the spotlight.

Kev Milne is doing exactly that.

You can connect with Kev Milne on LinkedIn.

Follow @PlanetMainframe and #pmfinfluentialmainframers on LinkedIn to congratulate this year’s honorees.