9 April 2025
Data has become an invaluable resource, serving as the cornerstone for organizational growth and competitive advantage. As organizations utilize AI to improve efficiencies across their hybrid cloud, data remains the key ingredient.
However, the potential for data breaches poses significant risks, including unauthorized access, destruction and disclosure. These threats can lead to severe consequences, such as financial loss, reputational damage and legal repercussions. Moreover, the emergence of quantum computing poses a new and formidable challenge to data security.
The new IBM z17 system is designed to help enhance security to address the challenges our clients are facing today. Clients will be able to leverage AI and other technologies with IBM Threat Detection for z/OS and secrets management with IBM Vault Self-Managed for Z and LinuxONE. Additionally, IBM intends to offer capabilities utilizing AI to tag and classify sensitive data.
In IBM’s recent “Mainframe as Mainstays of Digital Transformation” report, approximately 82% of the clients surveyed said it was ‘very important’ (46%) or ‘extremely important’ (36%) that the mainframe support AI capabilities for monitoring, analyzing, detecting and responding to cyber threats.
Our latest AI-driven security solution, IBM Threat Detection for z/OS, is designed to help clients detect and identify potentially malicious anomalies that might be the result of a cyber-attack1. Clients can leverage the dashboard to further explain the anomaly, which could simplify the diagnosis. It is also engineered to identify and issue alerts for anomalous ICT-related incidents which could assist clients in their adherence to requirements in regulations like the EU Digital Operational Resilience Act (DORA). In addition to cyber anomaly detection, a key component of this solution that IBM intends to deliver, is to provide the option of quarantine functionality designed to help satisfy clients in asserting their compliance of anti-malware on z/OS. IBM Threat Detection for z/OS unlocks the power of AI to provide enhanced security for enterprises.
IBM intends to deliver a new AI solution to discover and classify sensitive data on the platform. This would tap into the new IBM Telum II processor in z17 for natural language processes and other newly created AI techniques, so crown jewel data can be identified and protected before using in the AI data pipeline. These capabilities would be engineered to help organizations overcome the labor intensive and error-prone process of manual data classification, and instead, benefit from automated tagging and classification using AI-driven technology.
After tagging your sensitive data, it is important to make sure it is encrypted appropriately. While Quantum computing can create a fundamental change in technological advancement, its unprecedented processing power could potentially crack current encryption standards. To bolster defenses, IBM Z Crypto Discovery & Inventory (zCDI) is built to simplify how clients discover cryptographic assets on the Z platform and can aid with building a crypto inventory. One of the first steps on the quantum-safe journey will require organizations to understand where cryptography is being used in their environment to build this inventory. zCDI is engineered to simplify the process of how clients discover usage of cryptography within their Z infrastructure by analyzing and consolidating crypto relevant statistics from several data sources. This new solution is designed to help businesses assess their systems for potential weaknesses and aid with remediation plans so they can accelerate their migration to post-quantum cryptography. Finally, these strategies are not complete without a proper way to store and protect the secrets that protect the data.
It is imperative to standardize and streamline your secrets management process as another layer of defense to protect sensitive data. In support of this, we recently launched IBM Vault Self-Managed for Z and LinuxONE, a result of the recent HashiCorp acquisition. This solution is built to use identity-based security to enable least-privileged access to secrets. By running IBM Vault Self-Managed on Linux on Z and LinuxONE, it is designed to help enterprises extend the security capabilities of confidential computing to their vault instances. With these capabilities and additional solutions, IBM z17 is positioned to be the industry’s leading platform for organizations to bolster their security posture.
Disclaimers:
* Statements by IBM regarding its plans, directions, and intent are subject to change or withdrawal without notice at the sole discretion of IBM. Information regarding potential future products is intended to outline general product direction and should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code, or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for IBM products remain at the sole discretion of IBM.
1 Client is responsible for its response to alerts issued by IBM Threat Detection for z/OS, whether automated or manual.