At the start of every year it's common for subject matter experts to make predictions for the coming year. Ashok Reddy, General Manager, CA Software Mainframe Business Unit, did just that a year ago, in 2017. So how did he do? I took the liberty of posting his results here. To read the original article you can check it out at http://bit.ly/2I6uYSq.
The web has dozens of prediction blogs and articles covering every aspect of technology, but although they’re interesting, how often do you go back to see whether those predictions were right or wrong? In the spirit of continuous learning, we looked at those four predictions about the mainframe we made a year ago.
Prediction #1: Mainframe DevOps Will Become Mainframe DevSecOps
In 2017, we predicted that mainframe DevOps would continue to shift left and pick up security to include DevSecOps. We were right, though we didn’t go far enough. What we’re seeing is that in addition to DevSecOps, our industry is rapidly going from the concept of siloed mainframe-only DevOps to a cross-enterprise DevSecOps.
Companies clearly recognize the importance of security in the DevOps process. On the basis of the latest IBM research, 67 percent of mainframe users concur that mainframes are now more connected to the outside world and are therefore more vulnerable. Additionally, 80 percent say the growing sophistication of cybercriminals is a major reason to increase mainframe security.
Vulnerabilities abound, which is why identifying sensitive data on the mainframe remains highly critical: information leakage is the most prevalent vulnerability, with 66 percent of all apps failing on the first scan.
Switching from DevOps to DevSecOps is a major step toward resolving these security concerns. DevSecOps means applying application security best practices earlier in the development life cycle by including security and compliance experts from the beginning. The cross-enterprise aspect of DevSecOps has emerged rapidly because mainframe back-end applications are being closely integrated with web and mobile applications that support various lines of business (LOBs). The LOBs drive frequent changes and upgrades to the applications they use, demanding greater mainframe agility and security.
There’s another reason for the speed at which cross-enterprise siloes are being eliminated. As seasoned mainframe developers are set to retire and the next generation comes up the learning curve, the need to provide a common set of cross-enterprise tools becomes more critical. And that’s what we’re seeing from customers, be it in the area of DevSecOps or in the area of entirely new service catalogs that enable self-service using popular open-source tools for new developers.
Prediction #2: Mainframe as a Service (Mainframe Cloud) Goes Mainstream
We expected mainframe as a service (mainframe cloud)—which provides compute, storage and DevOps capabilities as self-service—to flourish in 2017. Although it has yet to become mainstream, we’re seeing greater use of this approach by early-adopter customers as they seek to address skills gaps, improve economics, increase agility and more. Increasingly, our customers are seeking the flexibility to consume mainframe as a service rather than deploy single-tenant, on-premises or operational models.