Search Rocket site

Only 27% of Organizations are Extremely Confident in Mainframe Security Compliance, According to Rocket Software’s Latest Survey

Rocket Software

October 24, 2023

Rocket Software today launched its 2023 Survey: The State of Mainframe Security. The report, which surveyed IT leaders at companies with more than 1,000 employees, uncovered that while many organizations run most of their core business applications on mainframe, IT leaders lack confidence in the effectiveness of their mainframe security compliance, signaling a need for more robust security practices.

For decades, mainframe systems have been the cornerstone of enterprise infrastructure, unparalleled in reliability, scalability, and data security, and that remains true to this day. Over half of survey respondents (51%) indicated that they either run all or the majority of core business applications on the mainframe. But, with the digital landscape changing and with the introduction of new methodologies like DevOps, open-source adoption, and the shift towards hybrid cloud solutions, security vulnerabilities are a serious threat to organizations. Because of that, prioritizing mainframe security is more important than ever.

Highlights of the survey found:

  • The Majority is Uncertain About Mainframe and Vendor Compliance
    Organizations now face stricter standards in handling personal data, with the rise in regulations such as the GDPR and PCI DSS. The changing rules highlight the imperative for businesses to operate with transparency, accountability, and foresight in protecting user data in a digital world. However, a mere 27% of survey participants are highly confident in their organization's mainframe security compliance effectiveness. Moreover, businesses must also consider third-party suppliers to ensure compliance, yet, only 31% of respondents are fully convinced of their organization's effectiveness in making certain that vendors stick to these rigorous QA benchmarks—highlighting a major gap in security.
  • Proactive Security Measures are Adopted by 62% of Organizations for Open Source and Mainframe
    Open source offers numerous advantages, such as community collaboration and transparency, but it also allows for potential vulnerabilities. Encouragingly, organizations are proactive about open source and mainframe security: 62% consistently perform vulnerability assessments and security audits, 58% continuously monitor and update open source for security patches, and 54% train developers on secure coding with open-source components. While open-source communities can quickly apply patches and fixes to critical vulnerabilities and exposures, vendor support is critical to promptly address vulnerabilities, particularly when it comes to languages ported to z/OS.
  • Challenges Remain in Integrating Mainframe Security with DevOps
    Integrating security best practices into the DevOps toolchain ensures that security remains an unwavering, collective responsibility throughout the software development life cycles. This integration promotes swift and efficient security updates, diminishing potential threats. Nonetheless, the integration of mainframe security with DevOps introduces unique complexities. Survey participants highlighted limited automation and integration capacities within DevOps pipelines as their primary concerns.
  • Respondent Geographies Reveal Differing Perspectives on Mainframe Security
    By far and away, the United Kingdom relies most on the mainframe for security purposes – with 56% of U.K. respondents citing it as the number one ranked reason for the mainframe. Interestingly, when asked about challenges organizations face in ensuring effective mainframe security – respondents in the United States noted a lack of awareness about mainframe security risks – more than any other country.

Read the full report.

Related posts


My Rocket Software Journey – Insights from a Former AMC Employee

Demystifying the Future for IBM i Professionals at POWERUp 2024

Celebrating the start of a new era at Rocket Software