Big iron. Sounds indestructible, right? Reliability is indeed an advantage of mainframes, and it’s one of the primary reasons they have anchored the IT systems of Global 500 enterprises for more than 50 years. In fact, despite claims that mainframes are going the same route as the dinosaurs, they’re still in use by 70% of Global 500 companies with a mean time between failures (MTBF) that’s commonly measured in years. The problem is that these systems, relied upon to meet vital bulk data and transaction processing needs, are facing a greater cybersecurity risk than we truly realize.

GDPR carries severe consequences for both companies and individuals responsible for data mismanagement, and it governs all data handling organizations with “data subjects” residing within European borders. In addition to doling out punishments to organizations that lose or misuse data, it lays out a framework of steps that organizations (including non-profits) must take to demonstrate their commitment to protecting EU citizens’ personal data.

The GDPR has had far-reaching effects, including the inspiration of similar data protection regulations in the United States. California passed the California Consumer Privacy Act (CCPA) in 2018, and eleven states quickly put forth their own legislation regarding data protection. Now, that number has grown to 258, and bodies such as the U.S. Chamber of Commerce are calling for a federal privacy law to protect consumer data. Following President Trump’s 2018 creation of the Cybersecurity and Infrastructure Security Agency (CISA), experts such as former FTC commissioner and current Microsoft vice president of privacy Julie Brill, think the U.S. government will pass its own sweeping regulation, applying further pressure on CIOs.