Mitigating mayhem in a complex hybrid IT world

We’ve all seen the insurance commercials: Mayhem is everywhere. When it strikes in the consumer world of insurance, you want the right people on your side and the right plan to navigate a way forward.

The same can be said about IT. When a system begins to break down, the most important thing is ending the breakage, restoring it, and minimizing the business impact. When bad actors and rogue pieces of code come into play, or subsystem breakdowns occur, it’s imperative to have the right processes in place to identify the next steps toward relief and prevent issues from happening in the future.

In increasingly complex hybrid cloud environments, establishing these processes might seem difficult. But with the right technologies, strategies, processes, and partnerships in place, you can mitigate the mayhem, and better yet, avoid it all together. Protecting your systems must be a healthy combination of offensive and defensive strategies; it’s about prevention—and in the event that disaster does strike, it’s about rapid recovery and relief.

When mayhem is a cybersecurity breach

Every technological innovation brings both positives and potential risks. Take generative AI, for example; for every technologist aspiring to use it for business and societal benefit, there is also a hacker out there figuring out how to apply its potential for nefarious purposes. And the fact of the matter is, today’s hackers are more professional than ever. Add to this the increasing potential for negligent insiders, and you can see why securing your systems must be top of mind.

That’s why organizations need an environment that starts with a paradigm of Zero Trust—so that even if somebody does break in and obtain credentials, they still can’t get to all the data. Add to that the importance of continuously monitoring and tracking activity in your systems, enabling you to figure out exactly when and where the breach occurred, what was accessed, and what’s been exposed.

As a final line of defense, businesses must think about air gapping their data and storing copies that have been cleansed. Pair these strategies with using the inherent security strengths of each platform—including the mainframe—in your hybrid plan, and your organization’s infrastructure will become much more difficult for today’s professional hackers to breach or take advantage of unintentional insider actions.

When mayhem is a rogue piece of code

Nobody wins the race standing still. Change is necessary to stay competitive and lead in your markets. Infusing new innovation in your applications, changing business processes, and so on is crucial and usually comes in the form of newly introduced altered code.

As I mentioned earlier, protecting your systems must involve both offensive and defensive strategies. For example, once a piece of rogue code enters your systems, you’re on defense to figure out what went wrong. But on offense, when you have an automated change management solution in place along with processes to scan your code, your organization can more easily find and understand vulnerabilities before they become a problem.

When I see issues at the customer level, the first question to ask is, “What changed?” The challenges I see usually involve a change that was implemented with an issue in it. This is not to say that enterprises shouldn’t change and innovate; on the contrary, change brings advances and advantages. But when an issue occurs, having automated change management processes in place allows you to closely examine what changed and identify the root cause.

When mayhem is a subsystem breakdown bringing business to a halt

Everyone talks about the importance of mean time to resolution (MTTR), but what’s more important is to focus on accelerating mean time to relief. Think about visiting a doctor because you’re experiencing elbow pain. Even if they can’t immediately tell you what’s causing the discomfort, your first priority is to get it to stop hurting—that’s relief. From there, you can focus on exploring what’s causing it and understanding how to avoid it in the future.

The same can be said about your IT systems, and understanding your overall topology is the best way to do this. You must be able to see how systems are interconnected, how they interact, and the components within them. When breakdown or failure occurs, having a view of topology that is automatically discovered can show you these relationships in real time. Combine this with AI-generated alert insights, and you can quickly sift through the blizzard of alerts to see the snowflake you must act upon.

Where does the mainframe fit in?

Everything I’ve mentioned here can help you navigate increasingly complex hybrid architectures while mitigating mayhem. But the other crucial component here is about using the inherent strengths of all platforms, including the mainframe, as you expand your hybrid strategy.

The reality is, 72% of the world’s transactional data is processed through the mainframe at only 8% of overall IT costs. And although cloud investment is still on the rise, we’ve also learned that top performers in the industry are increasing their investment and investing 10% more in their mainframes compared to their average performing peers.

All of this is to say that cloud and mainframe work better together. But having a mainframe doesn’t make your organization automatically immune to mayhem; like any other platform, this inherent security and resiliency takes work, and you must implement the right capabilities and tools to get there.

Prioritize resiliency AND innovation

Organizations must prioritize resiliency planning while also innovating to stay competitive or better yet, lead. Innovation, along with resiliency through continuous monitoring, automated change management, and topology are all key focus points for us here at Broadcom. It’s so important to prioritize innovation while protecting your environment. In fact, top performers we work with who have implemented these strategies have been able to:

• Proactively detect 79% of issues BEFORE they happen vs. 39% for all others
  (more than 2x as many issues caught before business impact)
• Reduce MTTR: 38 minutes vs. 224 minutes (83% less time fixing incidents)
• Detect security threats in 24 minutes or in near-real time vs. 10 hours (96% faster). We’ve seen organizations go for months before detecting a breach.

Ultimately, organizations who are doing it right benefit from 2x the budget and time for innovation initiatives. So, what are you waiting for? Yes—we live in a hybrid world with increasingly complex architectures. But with the right technology, the right people, and the right partnerships across the ecosystem, it’s possible to drive innovation while keeping your systems resilient enough to mitigate mayhem.

Learn more about mitigating mayhem in a hybrid IT world in my latest presentation from the Six Five Summit. I also encourage you to contact me directly at mainframe.greg@broadcom.com

About Greg Lotko

Greg Lotko is SVP and General Manager for Broadcom’s Mainframe business unit. A passionate leader, Greg’s customer-first approach has helped countless organizations drive business and technical success resulting in lasting customer relationships. Currently, Greg is responsible for all facets of the Mainframe division, including strategy, product management, engineering, services, support, and marketing. Under his leadership, the division helps the world’s top companies operate, automate, secure, and modernize the mainframe systems that run their businesses.