Banking Legacy Systems Are Under Siege, and the Threat is Surprisingly Human
By Jennifer Nelson, CEO, Izzi Software
Simple Subscribe
Subscribe Now!
Executive Summary
- Mainframes still power a majority of Fortune 500 institutions, including most large banks.
- Contrary to popular myth, these systems are perfectly capable of supporting the digital banking revolution. In fact, they may be more resilient and efficient than the alternatives.
- But mainframes do have a weakness: Staff with mainframe expertise are retiring en masse, and most people entering the workforce lack mainframe skills. That expertise gap creates both support and security vulnerabilities.
Picture this: every time you swipe your credit card for that morning coffee, you’re having a conversation with a 60-year-old computer that’s older than the internet, more reliable than your smartphone, and probably handling more transactions per second than you can imagine.
Welcome to the wild world of mainframe banking, where it’s reported that 90% of all credit card transactions are processed by mainframes, and the biggest threat isn’t some sci-fi robot uprising — it’s someone from accounting clicking on suspicious email links.
The Titans Still Standing Strong
Before we dive into the data, let’s take a moment to appreciate these legendary systems. 71% of Fortune 500 companies still use mainframes, and nearly 97% of banks worldwide use IBM products. These alleged “digital dinosaurs” aren’t just surviving — they’re thriving. The global mainframe market was valued at approximately $3.34 billion in 2024 and is projected to grow at a compound annual growth rate (CAGR) of 7.9% during the period from 2025 to 2033.
Here’s the kicker: Mainframes make up almost half the world’s IT infrastructure, yet they account for only 8 percent of IT costs. Talk about bang for your buck! These machines are like the reliable Toyota Camry of the computing world, not flashy, but they’ll outlast everything else in the parking lot.
The Four Horsemen of Mainframe Mayhem
1. Software Bugs: When Code Goes Rogue
As demands on mainframe systems become more sophisticated, bugs multiply like rabbits at a petting zoo. The real culprit? Human errors during coding. Take running code in supervisory state longer than necessary — it’s like leaving your front door wide open with a sign that says “Free Wi-Fi Inside.”
Fun Fact Alert! Over 30,000 new vulnerabilities were disclosed in the past year — a 17% year-over-year increase. That’s roughly 82 new ways for things to go wrong every single day. Your mainframe programmers are basically playing an endless game of digital whack-a-mole.
The solution? Proper training that treats supervisory state like a VIP nightclub — get in, do your business, and get out immediately. Document everything happening in that elevated state, because staying too long is like leaving the keys in a Ferrari with the engine running.
2. Hybrid Cloud Vulnerabilities: The Identity Crisis
Here’s where things get spicy. In hybrid environments, some data must stay on the mainframe (think Fort Knox-level security), while external applications make calls to access internal mainframe data. The million-dollar question: who’s actually looking at that data?
It’s like having a secret diary that you share through a friend of a friend — you never know who’s really reading it. Applications make business decisions based on data permissions, but they’re essentially blind to the human eyeballs consuming that information.
Plot Twist: The most effective solution, Multi-factor authentication (MFA). Yes, that slightly annoying but life-saving extra step. People often think mainframes don’t need MFA, but when remote access enters the picture, it becomes your digital bouncer checking IDs at the door.
3. Malicious Attacks: The Usual Suspects
While malicious attacks on mainframes are rarer than finding a parking spot in Manhattan, they’re not impossible. Remember the CrowdStrike chaos? That single vulnerability in a software update created ripple effects nobody saw coming, proving that even the most secure systems can have their Achilles’ heel.
Reality Check: 59% of all organizations were hit by ransomware attacks over the last year, and there has been a 91% increase in ransomware attacks on finance organizations since 2021. The average recovery cost? A whopping $1.82 million (not counting the ransom fee itself).
The defense strategy is surprisingly simple: segmented networks. If one segment gets compromised, the others remain safe — like watertight compartments on the Titanic, except these work.
4. Human Error: The Ultimate Boss Battle
And here’s the plot twist that would make M. Night Shyamalan proud: 95% of cybersecurity breaches have an element of human error. That’s right – the biggest threat to your multi-million-dollar, ultra-secure mainframe isn’t some hacker in a hoodie. It’s the new HR intern who clicked on that “Download your coupon here!” email.
The human error hall of fame includes:
- Clicking suspicious links (the classic challenge)
- Sharing credentials like leftover Halloween candy
- Forgetting to remove departing employees from permission groups
- Not updating access when people change roles (a huge problem for any organization)
Sobering Statistics: The average time to identify a breach is 194 days, and the average lifecycle of a breach is 292 days from identification to containment. That’s nearly 10 months of potential chaos — longer than most people stick to their New Year’s resolutions.
The Skills Crisis: A Perfect Storm Brewing
Here’s where the story gets even more interesting. Forty-seven percent of enterprises note that staff with mainframe expertise are retiring, and 56% of organizations lament the fact that most people entering the workforce lack mainframe skills. Meanwhile, by 2025, there will be 3.5 million unfilled cybersecurity jobs globally.
It’s like having a Ferrari with nobody who knows how to drive stick shift. The technology is phenomenal, but finding people who can properly maintain it is becoming harder than finding a good burger in a small town.
The Financial Reality Check
Let’s talk numbers that’ll make your accountant weep:
- The global average cost of a data breach in 2024 is $4.88 million, a 10% increase over last year
- The average total cost of a ransomware breach is $5.13 million, 13% higher than in 2022
- Worldwide cybercrime costs are estimated to hit $10.5 trillion annually by 2025
To put that in perspective, cybercrime costs are approaching the GDP of some small countries. It’s like the world’s worst subscription service that nobody wants but everyone’s paying for.
The Digital Banking Revolution (And Its Challenges)
While we’re securing these mainframe fortresses, the banking world is rapidly digitizing. Fifty-five percent of bank customers are using mobile apps as their top option for managing their accounts, and the number of global online banking users is expected to reach 3.6 billion by 2024.
This creates an interesting paradox: Customers are going digital at lightning speed, but the backbone systems processing their transactions are 60-year-old mainframes that require specialists who are retiring faster than they can be replaced.
The ‘People Problem’ Reality
Here’s the uncomfortable truth: Mainframes aren’t the problem — people are. Every major vulnerability traces back to human decisions:
- Software bugs? Someone didn’t validate the code properly
- Cloud vulnerabilities? Someone configured access incorrectly
- Malicious attacks? Someone didn’t follow security protocols
- System breaches? Someone clicked the wrong link
It’s not malicious intent — it’s usually bad processes, lack of education, or simple oversight. The likelihood that a cybercrime entity is detected and prosecuted in the U.S. is estimated at around 0.05%, so the consequences for attackers are minimal while the costs for victims are astronomical.
The Path Forward: Trust the Tech, Train the People
The solution to these challenges isn’t replacing this reliable platform – it’s investing in the humans who operate them. Ninety-four percent of respondents see mainframes as a long-term platform or a platform for new workloads, and 90% of respondents report that their organizations are continuing to invest in the platform.
The Action Plan:
- Regular training refreshers to prevent complacency from creeping in
- System audits to catch vulnerabilities before they become headlines
- Access management that’s tighter than nightclub security
- Segmented networks that contain damage when (not if) something goes wrong
The Bottom Line
Mainframes have been around for 60 years not because of nostalgia, but because of their power. As of 2020, 92 of the top 100 banks and all top 10 insurers worldwide use IBM mainframes. If they weren’t incredibly good at what they were made for, they would have been replaced decades ago.
The real challenge isn’t technological — it’s cultural. We need to adapt modern security thinking to these platforms, which means recognizing that the biggest vulnerability isn’t in the code, it’s in the cubicle next to yours.
Remember: When the digital firehouse burns down, it’s rarely because the firetrucks weren’t powerful enough. It’s because someone forgot to lock the doors, left the keys in the ignition, or clicked on an email containing an enticing coupon.
The mainframe isn’t going anywhere — but neither are the humans who must be properly trained to protect it. In a world where more than 8 million DDoS incidents occurred in the first two quarters of 2024 and the second quarter of 2024 saw a 30% increase in cyberattacks compared to Q2 2023, the stakes have never been higher.
Your mainframe is ready for the future. The question is: are your people?
