Space for Thinking in a Big Room


To survive the Digital Transformation, companies will have to respond quickly to changing markets and customer needs. This is “business agility” and can only happen when cross functional units leave their silos and unite in joined up thinking to achieve shared business goals.

LittleBlogAuthorGraphic  David Hodgson, Feb 12 2016

One of the last things I did at CA before I left, was join in a “Big Room Planning” session to help prioritize goals and initiatives for the Mainframe Business Unit. As the name implies, the basic idea of Big Room Planning is getting a lot of key people together physically in the same room to do strategic planning for the business. It needs a big room to accommodate all the necessary participants! Our guides and facilitators were two expert consultants from the Rally Software group, now a part of CA Technologies through acquisition.

The Quest for an Agile Business

Agility is delivering customer value faster. The adoption of Agile development methodologies has been an intrinsic part of the Digital Transformation that we are experiencing in the IT industry. Big Room Planning is part of the next wave of Agile adoption; extending it from just transforming the development process, to using the same principles to transform the way a business is run. It is a natural next step for companies adopting Agile because it soon becomes apparent that delivering successful products involves the whole company, not just the engineering teams.

SAFe – the Scaled Agile Framework

Big Room Planning at the portfolio level is really an extrapolation of one part of Scaled Agile Framework, or SAFe. Championed by Dean Leffingwell, SAFe itself will have to be a subject for a future blog as it is too big a subject to cover here. Suffice it to say that it is the application of Lean principles to scale Agile for large enterprises that have multiple products and many development teams. An essential element of SAFe is Product Increment planning where cross functional teams agree the direction of a product roadmap.

The power of cross functional teams thinking together

Big Room Planning takes PI Planning up a level and expands the audience to include more business and operational functions. It allows a business to take two days out to set an annual strategy that everyone understands and is bought into, because they helped create it. Quarterly follow-up meetings allow the team to track progress and tweak the strategy responding to new information; the better understanding of obstacles, or changes in market conditions and customer requirements.

CA’s Mainframe BU was doing Big Room Planning for the first time. We were all learning together and there was a general sense that the team would do it better the next time! Some things you can only learn by doing however much preparation you do before hand, watching videos and reading primers. In fact it is central to Agile philosophy that the team learns together by doing and that the learning crucible is what forges the most valuable results.

What I saw in this first stumbling attempt was colleagues learning to work together in new ways. Functions like Sales and Marketing getting to understand and validate the roadmap before Dev start building anything. In fact those functions helped to prioritize the roadmap alongside Product Management with the advice of Architects to help size and weigh the impacts of alternatives. These deep interactions between multiple functions can help large companies behave like small companies i.e. help them truly be agile.

A Competitive Advantage for You Too?

Rally could be one of the best things that has happened to CA. The acquisition brought a great new product that will surely drive growth for CA where there will be synergies and operational multipliers. But the bigger impact could be in a company-wide evolution if the Rally culture can help fuel agile adoption at CA. If their new practices are adopted across CA’s business units we could see a unified company delivering successful organic products from ideation with prospects to successful implementation by customers.

But more importantly, what about you? Do you have a vision for your company as an agile business? Could the concept’s of Big Room Planning be a starting point for you to gain competitive advantage in the markets you serve? Check it out.


Image credit: CA Technologies

Annual Analytics Assessment


At this time last year I celebrated the Chinese New Year by publishing my predictions about the world of analytics and Big Data. Its always fun to look back and hold yourself accountable, so let’s go!

LittleBlogAuthorGraphic  David Hodgson, January 14, 2016

In 2015 the Chinese year of the Ram started on February 19. For 2016, the year of the Monkey, the new year has moved forward to start February 8. It is determined by a zodiac cycle and so bounces around a bit compared to our Julian calendar, which approximates the solar year.

So how did I do on my five predictions?

To keep me honest you can read my blog entry from last year here.

#1 I correctly predicted that people would still be using the term “Big Data”. No-one likes this buzzword, but those who predicted its demise were too optimistic! It’s here to stay because culturally we like reductionist simplicities.

#2 I may have been a bit optimistic in saying that every major enterprise would have a real, funded, Big Data strategy by the end of 2015. I bet it’s close though. Analysts reported continued adoption driven by LoB departments, with Marketing front and central.

#3 I said that “data agility” will be the aspirational driver of big data strategies. We did indeed continue to see people moving data from traditional proprietary data warehouses into more portable forms. However, the erosion slowed as the incumbents found ways to embrace Hadoop and the new became more additive to the old than replacing it. T’was ever thus with IT.

#4 2016 will get us to 10 years of Hadoop being used as the primary tool of Big Data analytics. I got this right, but several forecasters were saying that we would have moved on from Hadoop to other technologies. The elephant still stands largest and squarely in the middle of the room. True we saw Cloudera and many enterprise adopters embrace Apache Spark over MapReduce, but still in the context of the Hadoop stack and ecosystem.

#5 The IoT did not yet become the shaping force that I thought it might. Of course it waits in the wings, growing slowly (who got Nest thermostats last year?), just needing enterprises to really embrace the new technologies involved.

So what trends did emerge to continue as shapers for 2016? I’ll just call out two areas this year.

#1 Analytics and the IoT

It is still early days for enterprises finding business advantage with analytics on IoT generated data, but I think we will see significant progress in the year ahead. Most speculators would bet on the manufacturing industry for results here. But given the proliferation of wearable technology in the last 18 months, my bet is that we will see serious headway in healthcare related analytics.  To come true this prediction is probably dependent on the next area.

#2 Security and Compliance

Security and compliance issues remain a barrier to larger scale production implementations, particularly where PII information may be involved. I predict that we will start to see better defined process and procedures around the handling and merging of structured and unstructured data.

Otto Berkes of CA Technologies has suggested that Bitcoin’s blockchain protocol could be re-used as a secure and validated way for IoT devices to communicate and exchange data. Otto is a lot smarter than me, so I will just say that in 2016 we will see stronger solutions emerge to make the IoT secure and less vulnerable to corruption by hackers.

The Monkey Wrench

Ok, so that’s three predictions really not two – I’ll review them next January. What will the Year of the Monkey really bring? With the economy picking up steam, analytics will be central to IT investment and hiring. We will see a lot of companies copying each other (as monkeys do) but let’s look out for the “alpha ape” trend setters; those who will take us into new territory. Who are you watching? Let me know by commenting at the top of this blog.


Protecting sensitive mainframe data with CA Data Content Discovery



How a new software solution from CA announced recently at CA World can help your business conquer the mainframe data mountain and protect your organization’s most sensitive data.

 LittleBlogAuthorGraphic David Hodgson, December 8, 2015

Your mainframe has been collecting data for years — probably decades — and you rely on it to run your business and the apps that serve your customers. But over the years, its collected mountains of records and files, many of which contain sensitive data that require special controls stipulated by government regulations.

With so much information residing in your mainframe, it’s hard to locate regulated or sensitive data when you need it (and takes up far too much time). You may not be limiting internal access appropriately, and copies may end up somewhere else, without proper access control. At last count, 400 mainframes worldwide are connected directly to the Internet and accessible to anyone via a login screen.  So yes, while mainframe remains the most securable platform – it isn’t 100 percent immune to data breaches.

Recently at CA World in Las Vegas, CA Technologies announced two new mainframe solutions to help organizations become more agile. One of these new solutions, CA Unified Infrastructure Management for z Systems, supports our DevOps portfolio and helps customers accelerates problem resolution with a unified view across mainframe and distributed systems.

In this blog I’d like to focus on the new solution, CA Data Content Discovery that supports our Security portfolio. Bottom line, if you don’t know where your sensitive data is, you can’t protect it. CA Data Content Discovery scans your mainframe data to identify the location of data that matches regulations such as PCI, PII or HIPA, so you can make business decisions around securing, encrypting, archiving or deleting those records.

This isn’t just good business sense; it will help you address potential audit findings and risks.

If it ain’t broke, why fix the mainframe?

But why now? After all, the adage “if it ain’t broke, why fix it” often applies to mainframes. But these days, mainframes are not only tied to mission-critical applications, but those applications now face your customers through the web and mobile apps.

In the application economy, the mainframe plays a key role in how apps perform — and how happy your customers are.

Unknown unknowns: trust isn’t a strategy 

The stakes for mainframe security have changed.  In a recent blog post, Jeff Cherrington offers a colourful history lesson and metaphor comparing mainframe security to the evolution of fortifications of medieval castles.

The plain fact is today’s application economy puts different demands on the mainframe data – everyone wants in!  The Chief Digital Officer wants access to systems of record for his pet big data project or some backup project didn’t follow all the necessarily controls – the fact is mainframe data is moving off the platform when it shouldn’t be and if it needs to – let’s at least know about the location of that sensitive data and apply the right controls.  Companies that make security a priority understand that blind trust and “nothing will happen” isn’t the solution.

With the right tools and processes, you can be confident to leverage the mainframe as part of your digital transformation while safeguarding sensitive and regulated data. CA Data Content Discovery has three distinct advantages:

  • Find: You can locate regulated and sensitive data using data-pattern scanning, helping to gain insight into the magnitude of potential data exposure on z Systems.
  • Classify: Once you’ve found the data, you can prove to auditors that you’re compliant with regulations (controls are checked by data type and content).
  • Protect: Critical data never leaves the z/OS platform. Integration with CA ACF2, IBM RACF and CA Top Secret for z/OS means you can quickly visualize who has access to regulated or sensitive data.


For more details, check out the Data Content Discovery page.

It’s not enough these days for organizations to embrace software — they need to use it strategically. And that includes the mainframe.

In the era of digital transformation, organizations need to be more agile — and this is possible, even with legacy systems. With the right tools, people and processes, it’s possible to bring your mainframe along on the digital transformation journey.


How mobile-to-mainframe apps help you get more from your mainframe


Mainframes are here to stay and are more relevant than ever before in the application economy – so it’s time your business thought about “reframing the mainframe”.

LittleBlogAuthorGraphic  David Hodgson, October 19, 2015

Too often in a haste to rush towards the future, we easily eschew what we did in the past. But as companies race towards an increasingly connected world where customers are more demanding than ever, there’s a machine in the background, underpinning the business and driving some of the most important apps we use every day on our smartphones. That’s right, folks it’s the mainframe.

Mainframes are here to stay — after all, millions of lines of COBOL code continue to run the most important business applications in the world. That’s why we need to reframe the way we think about the mainframe.

In fact these days, mainframes are expected to do far more — from providing easy data access for big data projects to supporting cloud and mobility. The specialized skill sets required by the mainframe team are becoming even scarcer and most IT departments are under pressure to keep costs down.

That’s where reframing the mainframe comes in. Recognizing that success in the application economy will require investment in the mainframe and that the investment will directly grow your business. The rise of mobile-to-mainframe applications is a key driver here.

The mainframe at play in the application economy

In my first blog post in this series, I talked about the curse and blessing of connectedness for the mainframe in the application economy. It’s this same connectedness that is empowering customers like never before.

And in my second blog post, I talked about how the customer is always right — so it’s incumbent on mainframers to create flexibility for the mainframe platform of the future. The interplay between cloud and the mainframe has presented new opportunities, including Linux on z Systems.

The three largest banks in the U.S. already have 50 million customers using mobile banking — and that adoption rate is growing at a rate of 15 percent annually. Even checking your bank balance on a mobile phone requires hits back onto the critical transaction-processing component of the data center.

To connect mobile-to-mainframe apps, developers need processes and tools that span the divide. This helps to speed up time to market and improves quality with software change management.

Past legacy equals future innovation

Moving forward, the most successful organizations will evolve from supporting legacy business processes to driving innovation.

How will they do this? They’ll develop applications exploiting mobile-to-mainframe architectures that are managed as a whole, not within silos, allowing greater visibility into operations and performance.

This empowers IT staff to perform tasks and access relevant information to accelerate service delivery. Workloads can be more easily orchestrated to run on the best-suited server — the cloud, distributed or mainframe — and data is transformed into insights to drive opportunities.

Learning to become Agile

And it’s already happening. The proportion of professionals with four or more years of Agile adoption at their firms has increased significantly, according to analysts. Many teams are already leveraging core Agile practices: 20 percent are using Agile from ideation to deployment (including DevOps), while 51 percent are using Agile in the upstream.

“Behavioral change is the biggest barrier to adoption; properly skilled business product owners are also a big impediment for Agile adoption success,” according to analysts. “Organizations are finally realizing that the lack of cross-functional teams is one of the top impediments for successful Agile adoption.”

Managing mainframe costs as a strategic asset

What we often hear from customers is that it’s hard to justify the cost of their mainframe platform. Mainframes, however, can be managed as a strategic asset that creates value — if you create mainframe platform flexibility for the future.

According to analysts, the top three benefits of becoming Agile are better business and IT alignment, faster delivery of solutions and more opportunities for midcourse corrections.

The right testing tools can help you deliver higher-quality applications faster, while keeping costs under control. Integrated Application Quality and Testing Tools from CA Technologies, for example, are designed to help you test, diagnose and fix problems in mainframe applications quickly — before issues affect application performance.

By reframing the mainframe and connecting mobile-to-mainframe applications, you can reduce costs, improve efficiency and reallocate resources to more strategic business initiatives. You’ll maximize what you already have, while integrating new service offerings — turning your mainframe platform into a competitive differentiator with potential new revenue streams.


Colorful fall insights for reframing the mainframe in the application economy


Usher in the changing of the season with CA’s Virtual Summit in partnership with InformationWeek and gain insight into how to run your business better.

 LittleBlogAuthorGraphic David Hodgson, September 28, 2015

Like clockwork, fall is in the air and this is my favorite time of the year: the crisp, cool air, the changing colors and a sense of acceleration as we head towards the holiday season.

For myself, the fall ushers a fun, frenzied but fulfilling pace at work – so much that has to get done and of course don’t we all love it – making sure we are doing right on our commitments to the business and planning for next year. As I speak to many of my colleagues and customers, I am learning mainframers are in a similar frenzy figuring out questions such as:

  • Will our current capabilities around monitoring and automation be sufficient for new growth and compliance demands of my organization?
  • How do new options around Linux on the mainframe offer us greater flexibility in our hybrid data center plans?

Join CA and InformationWeek on September 30

So, just in time, I am really excited about the upcoming Virtual Summit CA is hosting with InformationWeek“Mainframe Reframed for the Application Economy” on Wednesday, September 30, 2015.

The change of colors is a nice metaphor for our clients’ new mission, internal transformation and conversation around “mainframe reframed.” Should we really be spending our time continuing the debates and defensive stances about the mainframe?

A much more productive conversation is one about the business value and growth the mainframe can help you deliver. That’s why I urge you to take a day to connect and catch up with us.

Here is a quick sneak peek of sessions you shouldn’t miss:

  • Linux & Open Source: Driving New Innovation and Value on your Mainframe: Join a panel of industry experts from IBM, SUSE, Brown Brothers Harriman and CA as they discuss the new Linux and open source options, and what the new Open Mainframe Project consortiummeans to you.
  • Reframing the Mainframe to Thrive in the Application Economy: Join Gary Barnett of Ovum and myself, as we cover a variety of issues that combine ideas to improve overall enterprise performance, including advancements in DevOps, mobility, data management, network performance, data security and mainframe performance.
  • De-Siloing End-to-End Ops in an Increasingly Trans-Platform World: Join a panel of experts to learn how IT organizations are unifying ops across platforms to keep their multi-platform front-ends, mainframe back-ends and hybrid clouds all working together in harmony.
  • Apps and Ops: Keys to a Superior Customer Experience: To deliver great customer experiences, IT has to develop awesome apps and ensure the availability and performance of those apps with equally awesome ops. Get actionable insight into addressing some of your DevOps challenges as we explore the apps and ops approach to reframing your mainframe.

Last but not the least – you asked and we listened. We are committed to you – our user community – and making sure you are successful as you reframe the mainframe in your organization.

The Virtual summit is designed to help you catch up on the latest updates to key solutions that help you run your business. In addition to keynotes, the virtual summit hosts 15 booths for live-updates, demos, videos, on-demand tech-talks with product experts spanning application development, testing, automation, infrastructure, operations, performance, storage and security.

The summit environment will be live for 12 months so you can come back for quick refreshers or find what you need.

Grab some coffee, tea or apple cider and join us on September 30, 2015. It will be informative and fun.

How to run the mainframe of the future


Customer demands are putting new pressures on all areas of IT, including the mainframe. Linux on the mainframe is nothing new but it could just be the key to teaching an old dog new tricks.

LittleBlogAuthorGraphic  David Hodgson, September 17, 2015

I’m sure at some point you’ve walked into a store or a restaurant and seen a sign that says, “The customer is always right.” If you think about it for a minute, how many times has the establishment you’re dealing with proven this wrong? Probably more often than you’d like. And how did you vote? With your feet (and word of mouth) most likely.

Well, in the application economy, things have just got a lot more interesting. The customer is not only always right they also have the power to determine how a company is going wrong. We’re living in an era where the customer is more pivotal to the success of a business than ever before.

In my last blog post, I talked about the curse and blessing of connectedness for the mainframe in the application economy. It’s this same connectedness that is empowering customers like never before.

In a white paper that I recently authored, “Mainframe Reframed for the Application Economy,” I discussed the challenges of customers driving change in the application economy. Because customers are more likely to interact with a business through their app than a person, they can’t afford (literally) to get it wrong. One estimate suggests that a quarter of users will abandon an app within a three second delay.

In order to meet this new level of customer demand, businesses have had to provide new levels of transparency, availability and reliability like never before. With this transformation, comes new pressures on all areas of IT, including the mainframe platform, apps and back-end systems it hosts.

The open mainframe of the future

That’s why it’s incumbent on mainframers to create flexibility for the mainframe platform of the future. The interplay between cloud and the mainframe has presented new opportunities for the mainframe, including Linux on z Systems. Linux on the mainframe – tell me something new you say – I know.

Making the mainframe more accessible than ever before

The Open Mainframe Project, a collaborative effort coordinated by the Linux Foundation, which CA is a founding Platinum sponsor of, to grow Linux on the mainframe, will open up driving the direction to a broader community.

In addition, the launch of IBM LinuxONE – a portfolio of hardware, software and services solutions for the enterprise – will make the Linux platform on the mainframe more accessible.

Addressing the barriers to adoption

In the past, three main barriers to adoption of Linux on the mainframe were:

  • Use of proprietary IBM hypervisor (z/VM) for virtualization
  • Lack of support for open source components

The announcement of LinuxONE addresses all three of these barriers by allowing IT to deploy Linux on KVM, use the more common open source components, and most importantly for any business decision maker, to avoid the high initial cost of a mainframe by adding usage based pricing.

The bigger picture

CA, along with leading industry counterparts and academic institutions are platinum founding members of the Open Mainframe Project. The aim is to use Linux’s strengths in Big Data, mobile processing, cloud computing and virtualization to advance mainframe Linux tools and technologies and increase enterprise innovation.

The focus areas of the project address some of the key challenges organizations are facing when it comes to the sheer volume of transactions and data they’re dealing with in their data centers. These include scalability, reliability, performance and security.

So unless you want to be cursed with negative customer feedback, start to discover the blessings hidden in these new opportunities for the mainframe to meet and exceed customer demand.

The sign stating the obvious about the customer being right may not be hung up in a virtual sense, but it should always be in the back of companies’ minds as they increasingly have less and less physical interaction with their customers.

Join us at CA World 2015

If you want to learn more about new innovations on the mainframe and how to create great customer experiences join us at CA World 2015, November 16-20, 2015 in Las Vegas where we’ll be hosting a panel discussion on the Open Mainframe initiative and much more. Click here for the CA World Mainframe Session Guide.

Connectedness for the mainframe in the application economy: blessing or curse?


With the mainframe online and connected to apps that people use every day, the proximity of users on the mainframe has never been closer. So how should businesses think about security in the application economy?

LittleBlogAuthorGraphic  David Hodgson, August 20, 2015

I recently discovered an app that dials you into conference calls without the hassle of having to dig up phone numbers and participant codes. All you have to do is put your network ID and password into the app once and you’re off.

This begs the question: What is being done with this data and is it secure? What if at the other end is someone sitting in a café halfway around the world, calmly sipping a latte while receiving data from the app and using it to access your company’s network or maybe even the mainframe.

In a white paper I recently authored: “Mainframe Reframed for the Application Economy,” I explore the implications for the mainframe in today’s application economy and the need to reframe the mainframe for this new era’s demands. I point out that as this digital transformation is occurring, where we’re interacting with companies more through the palm of our hands than face to face, there’s pressure mounting on all areas of IT, including the mainframe platform.

The curse of connectedness

The application economy is driving the need for transparency, availability and reliability to meet customer demand in an always on, 24-7 world.

That very connectedness which makes apps like the one referenced above possible in the application economy is also shrinking the proximity of people to enterprise systems, including the mainframe, exposing businesses to unprecedented security risks.

With many high profile security breaches of late, the old “fortress” security mentality of keeping the bad guys out is no longer the prevailing approach to guard against the bigger risk – the people inside your organization, who often times do not realize they are creating vulnerabilities, or sometimes are themselves the threat.

Security is now more about detection and compliance than it is locking people out. More specifically, that is:

  • Knowing who is in your network
  • What they are doing
  • Whether they should be doing that.

A savvy auditor is certainly going to ask you how you would know if someone accessed data they were not supposed to.

In these days of rampant identity theft, people are not always who they appear to be. Once hackers have phished someone’s credentials the only way you detect a breach is when they start doing something anomalous. Social engineering is now much more sophisticated and your ‘trusted’ mainframe expert in the data center is as susceptible to social engineering as anyone else.

Remember also that as mainframe experts retire the very lack of skills and know-how left in their wake could inadvertently open new doors if proper transition plans aren’t put in place. That way, businesses can take action early when they know something is amiss.

Security breaches haven’t seen anything yet

While to-date, relatively few security hacks involve the mainframe, think of the impact of something such as the recent breach of U.S. computer systems for visas and passports and how much worse that would be if it was the mainframe of a major bank or airline, for example.

A recent MIT Technology Review article discusses how the mainframe, which has been around since the 1960s and houses some of our most precious data from banks, airlines and governments, has been put online, exposing it to a previously unknown world of cybercrime. The article goes on to quote security researcher Phil Young, who said he has found around 400 mainframes on the Internet prompting a login screen to anyone who connects.

Mainframe modernization or exposing the classic system of record data to new services means that the data is no longer isolated on the mainframe – the world is now “unknown, unknown.” We have lost sight and control of where the data is going the minute we try to harness mainframe data for other purposes than batch or transaction applications.

Think of the potential and, more importantly, the scale of damage. We’re not just talking about one database of customers of a retail chain – this would be something more far reaching than we could ever imagine.

How to catch a thief before they act

So how can organizations build the ability to detect problems before they arise into the mainframe platform? I came across this post by that shows how to use USS shell script to create a C program that can be piped over a network to run on z/OS. Fundamentally, it’s the same as how you’d do it for any other platform, just that you have to generate z object code and call different system devices.

While this is simply one vector into a system, it’s possible to create a product (or put it into an existing product such as CA Auditor for z/OS) that can scan for these vulnerabilities on a system, plug them and report on the number of times these attempts were blocked.

Last but not least, such news about technical exploits helps, but there is a huge cultural and communication barrier for mainframe security professionals in getting the broader organization and the rest of the security community to understand the risk. There is still a culture of denial or, “Wait my mainframe has never been compromised.” This is why we believe the mainframe reframed discussion is a timely and thoughtful conversation we need to have as a community.

If you want to find out more about how the mainframe is being reframed to handle the new security threats in the application economy, join us at CA World ’15. We will be giving a number of talks about security across platforms – including mainframe security in sessions such as “Castle Walls under Digital Siege – Risk Based Security for the z/OS.”

You will learn how identity can be applied to engage, serve and protect customers while they interact with your digital business – and make the connectedness we all enjoy in the application economy a blessing rather than a curse.