UpTrajectory Review
The article from CIO Magazine highlights the urgent need for businesses to rethink their approach to mainframe security amid the rapid evolution of AI and hybrid environments. With a significant percentage of IT leaders prioritizing data security over cost and innovation, the focus is shifting towards integrating security into modernization efforts rather than treating it as an afterthought. This is particularly crucial as data flows across various platforms and systems, creating new vulnerabilities.
For small business operators, this piece underscores the importance of a cohesive strategy that aligns data management, infrastructure, and security. As AI technologies become more prevalent, the risk of data breaches increases, making it essential to adopt a holistic approach to security. Businesses should be wary of fragmented modernization efforts that could leave them exposed. Instead, they should prioritize integrated solutions that address security concerns while enabling innovation and efficiency.
“69% now rank data security as their top modernization concern, outpacing cost control and even innovation priorities.” — CIO Magazine
Takeaway: Integrate your data strategy and security measures to safeguard against vulnerabilities in an AI-driven landscape.
From the original item — CIO Magazine:
Data and mainframe modernization are widely recognized as prerequisites for AI success. What’s changed is the focus: enterprises are now grappling with how to modernize while maintaining strong mainframe security across complex hybrid environments.
Rocket Software’s recent survey of global IT leaders stresses this inflection point: 69% now rank data security as their top modernization concern, outpacing cost control and even innovation priorities. As data moves across platforms and AI systems increasingly act on it through agents, copilots, and automated workflows, maintaining consistent mainframe security policies has become significantly more challenging. The challenge goes beyond where data resides to how autonomous systems access and use it.
Many IT leaders still approach modernization as a set of parallel initiatives, such as infrastructure upgrades, AI experimentation, governance frameworks, and disconnected data strategies. But this fragmented model is increasingly untenable. It assumes that security and performance can be optimized independently, when in reality, they are tightly linked. The result is a growing strain on mainframe security, with expanding attack surfaces and rising operational complexity.
The path forward requires a shift in mindset. In an era defined by AI acceleration and hybrid complexity, competitive advantage will belong to organizations that architect data strategy, infrastructure, and governance together—rather than managing them in isolation.
For years, enterprise data strategy centered on storing information efficiently and making it accessible. In today’s hybrid, AI-driven environments, data is constantly in motion. It moves across on-prem systems, mainframe environments, hybrid cloud content services, and into AI models that depend on it for training and decision-making.
This constant movement puts mainframe security under pressure. As data crosses system boundaries, maintaining consistent controls becomes more difficult, especially in environments undergoing legacy system modernization. Policies must be enforced dynamically, or organizations risk creating blind spots where sensitive data is exposed or becomes unreliable. With 70% of IT leaders citing data privacy and security as their top concern related to AI adoption, the implications for mainframe security are clear. Without strong data governance, the integrity of both systems and AI outputs begins to erode.
The rise of AI only amplifies this challenge. AI systems are highly sensitive to the quality and integrity of the data they consume. Poorly governed data degrades model performance and skews insights, undermining business confidence in AI outcomes among both stakeholders and employees.
This is where many modernization efforts quietly begin to break down. Organizations invest in advanced analytics and AI capabilities but fail to establish the data foundation required to support them. The result is a growing gap between technological potential and actual business impact.
As adoption accelerates, pressure is mounting to integrate new technologies into existing environments. Rocket Software’s survey found that 58% of IT leaders say technologies like hybrid cloud and AI are driving a new wave of change, promising efficiency and competitive advantage, yet also making it harder to separate real value from hype.
In highly distributed environments, new technologies interact with legacy systems and control frameworks in unpredictable ways. The emergence of AI agents adds another layer of complexity. Often developed outside formal governance processes, these agents can trigger actions and connect systems in ways that create new operational and security risks. Without clear visibility into how they operate and what data they can access, organizations risk expanding their attack surface faster than they can secure it.
That’s why complexity itself has become the primary risk driver. Each new layer of technology adds complexity, and without consistent infrastructure to unify how systems operate, that complexity compounds. Most organizations are not yet equipped to manage hybrid environments as a cohesive system. Until they are, adding new technologies, no matter how advanced, will continue to expand the attack surface faster than it can be secured.
The gap between policy and execution is already showing up in how leaders assess their own capabilities. Nearly half (46%) of IT leaders cite data governance as one of their biggest challenges, which proves just how difficult it is to maintain control as data moves across increasingly complex environments.
Traditional governance frameworks were not designed for systems where data moves continuously and AI agents increasingly execute tasks on behalf of users. Reactive, policy-based approaches assume stability. In modern hybrid environments, that assumption breaks down, leaving mainframe security exposed to lagging controls and delayed responses.
To keep pace, governance must shift from oversight to design. This means embedding controls directly into systems, workflows, and data pipelines so that policies are enforced continuously rather than retroactively. Automation becomes essential here. Policy-as-code, real-time monitoring, and automated enforcement mechanisms enable organizations to apply governance at scale consistently without manual intervention.
Done right, governance becomes an enabler, providing the confidence to scale AI and modernize responsibly. Organizations that embed it into their architecture create an environment where innovation can move faster, because guardrails are already in place.
The tension facing IT leaders isn’t going away. With each exciting new development, which drives expectations to the ceiling, complications arise alongside it.
In tech, speed alone is rarely a competitive advantage. The organizations that succeed are the ones that can move quickly with confidence. Those that continue to operate across fragmented systems, where data, infrastructure, and governance evolve independently, often find complexity outpacing their ability to manage it. By taking a more integrated approach, organizations can gain the visibility and intelligence needed to turn complexity from a source of risk into a source of resilience.
Learn more about how Rocket Software can help strengthen mainframe security while advancing modernization initiatives.