In this episode, host Steven Dickens sits down with Emma Skovgard, an IT security engineer at Danske Bank, who shares her fascinating and unconventional journey into the mainframe ecosystem. Emma talks about her start tinkering with technology as a child, the challenges she faced entering the mainframe world with less traditional academic credentials, and how she has carved out a distinct space for herself through open source contributions and innovative thinking.
Emma’s insights shed light on the present and future of mainframe security, the skills gap in the industry, and the importance of embracing automation and infrastructure as code. Her passion and candid discussion open a window into what it really means to be a next-generation mainframer today.
Watch Full Episode here:
or
Transcript:
Steven Dickens: “Hello and welcome. My name is Steven Dickens and you’re joining us here for another episode of the I Am a Mainframer Podcast. I’m going to say I’m joined by Emma from Danske Bank. I’m not going to butcher the surname. We were just talking about it off-camera. So Emma, I’m going to let you introduce yourself to the listeners and viewers here.”
Emma: “So I’m Emma. I work as an IT security engineer for Danske Bank as Steven just said. I also do a lot of other stuff. I can’t help myself getting involved in stuff I have no business. I’m also part of open source projects like CS, Security API for ReckF. And I also have some personal projects on the side. And I create a bunch of LinkedIn articles, share my knowledge and get my viewpoints across because I do think it’s important that we have a discussion about which direction the industry should head in because we can’t just freeze things in time.”
Steven Dickens: “So Emma, I’ve been looking forward to this episode because you’ve popped up in my comments and I’ve popped up in your comments. So let’s go there first. This is a pretty free format show. Tell me a little bit around. Let’s just pull on some of the threads. You talked about Open Source, talked about framing where the industry’s going. Love your perspective on the mainframe. There’s a little bit of spice in there. There’s a little bit of sort of pulling at threads. Absolutely behind what you’re doing because I think those types of poking the bear I want to say a little bit is all goodness. We need to do that. We need to be doing that in this industry. So maybe just double click a little and we’ll go around this for a few minutes. You mentioned some things in the introduction. Just double click, reframing the industry, see your perspectives. If you’re not following Emma on LinkedIn, fix that now. Here’s a pause for five seconds. Go look her up on LinkedIn, give her a follow request. She’s fantastic, but just maybe expand on that for the listeners and the viewers here. Just go there for a few minutes.”
Emma: “Yeah, I mean, I talk a lot about everything, both technical posts and more theoretical posts about what kind of principles we should add up. I have a tendency in general both at work and to get into very specific solutions. But we also need to talk about how we do things because that also influences the reason why I talk about the very integrated technical stuff. Right now that’s my experience and impression from talking to other people. So industry is very a lot of manual processes. We do have some automation, but that’s on a very low level. I feel like we have a lot of people going in there, setting up security definitions by this of cutting stuff they have from the press and emails. Like very manual processes. And that’s the exact opposite of what you see on other platforms, residency and other platforms to automate as much as possible. But do you think that actually makes sense? That’s kind of the distrust in automation in our field. But I feel like that’s misguided because it doesn’t mean that someone can just ask for something and they immediately get it on the system. You can still have approval workflows. And you might go like, oh, what’s the point of doing all this automation and all these processes if you’re still going to have human oversight… But it’s also about eliminating that manual data entry because mistakes can happen in that process and it’s slow to have people typing stuff on the system. So I really want us to adopt automation and infrastructure as code, if that makes sense.”
Steven Dickens: “I’m thinking back now to some of your sort of posts. You’re really pulling on the threads, I think, of some of the fundamentals of how Zos, CIS Prague and security is kind of there’s a body of 50, 60 years worth of experience. And what I love about your content is you’re kind of pulling and challenging. In a constructive way, it’s not like this is broken. Everybody look at how this is broken. None of your posts look at that. This is how I think we could make this better. And that’s productive development for me in the community.”
Emma: “Yeah, it’s not about coming in here and saying like, oh, that’s an old server. We need to shove into a cluster and disconnect from power. It’s not about that. I would almost have people be like, you hate server. I was saying, no, I don’t hate it. I actually see everybody’s potential.”
Steven Dickens: “I love it so much that you’re able to get the feedback. I mean, I could cross you there, but I think that’s how it feels to me when I read your content. You’re so enamored by this platform that you want it to be better. Am I capturing that right?
He’s had this conversation. I’m just working on six, nine months worth of watching you on LinkedIn. That’s what’s for me. ”
Emma: “I have this perspective. If you love something, you should criticize it. If you want this platform to die, you should neglect it and free sit in time. That’s how you kill something in my opinion. If you look at technology that has gone by race, it’s because people are like, this is great. We never need to change. Everything is fine as this. I don’t want this to happen to this platform. It’s kind of a miracle we haven’t already gotten by. We need to avoid that. We need to act now. That’s what I want people to take away from me, We need to get out and do stuff.”
Steven Dickens: “I think just that’s a natural segue. You talked about your involvement in open source in the introduction. Maybe let’s go there for a little bit. We’ll talk about what you’re doing in the open source community. We’re on the Open Mainframe Project podcast. Tell us what you’re doing and how somebody who feels the way you obviously feel about this platform can actually get involved. I think there’s a bunch of people who actively feel the way that you do. How do you move that to action? I think what’s come across from my interactions with you online has been you’ve moved that to action. Maybe just explain that for a little while about what that means.”
Emma: “Yeah, I kind of got involved in the whole open source sphere because I was kind of frustrated with the pace of how stuff was moving. I eventually came to the conclusion, okay, we can’t just wait for all these straight vendors to release stuff. We actually need to do stuff ourselves. Also, so we can leave our mark on things because if you wait for a company to deliver, they might have some feedback rounds or whatever, but it’s probably going to be late in the process. And by that time that stuff, that’s too late to change. That’s just the reality of stuff. You don’t throw everything away 24 months into a project. So getting involved in these open source projects, creating something, and from it on Vincent, that others can contribute to it and pick it apart, and then from it, that’s very vulnerable. At this point, I often go into the code of projects to read it. Initially, that’s a very hard thing to do, but as you do it more, it will start to make sense, honestly.”
Steven Dickens: “You mentioned about a particular project that you were working on and contributing to. Maybe you can double click there for a moment.”
Emma: “Yeah, so I got involved in this project that was initially started by IBM. Back then, it was on the revenue record pool. It was the Security API for RACF. Eventually, IBM, for whatever reason, they never got their hands on this. But they shut down the project, but all the code was there, and I had already done a few minor contributions to it, so along with another community member, let’s pick this up, because we’ll shake this to celebrate. It shouldn’t be allowed to die. That’s also a great thing about open source. No one can really kill anything. If there’s people working on it, it’s alive.”
Steven Dickens: “If it’s got code velocity and it’s got contributions, then it’s default alive. And this is on me.
Is that part of the Open Mainframe Project? Have you brought it through the TAC function and trying to get it?”
Emma: “Not correctly, you know.”
Steven Dickens: “That’s something you should do. That’s something you should do. That’s the value of the Open Mainframe Project. Bringing it to a bigger audience, bringing it through. We can have this conversation offline, but connecting you to the Technical Advisory Committee and getting you promoted through as a project. That’s absolutely something, the project.
This is for me the fundamentals of open source. And we’re still having this, I literally recorded a podcast this week. Sorry, it was a press interview correction. It was a press interview for a piece that’s coming out. We’ve come to the 10th anniversary of the Open Mainframe Project. It was August 17th, 2025. 2015. We’re still trying to build this muscle around open source on the mainframe. We’ve been doing it for 10 years. So he’s been I think five of those years. But how do we build this muscle? So we’ll definitely have that conversation offline. But I think for me, there’s a lot encapsulated in what you said of deep engagement with the platform. We’ll into pick up code, we’ll into contribute. I think there’s a lot in there for the listeners.
So tell me a little bit about, well, spend a bit of time on your career. How did you get here? You’re working for one of the biggest banks in Europe…. I’m assuming you’re working in the mainframe team, given what you’re doing. How did you get from college or even high school? If you didn’t go to college, that’s an assumption on my behalf. How did you get from kind of school to where you are running sort of a large part of security for a big sort of global bank?”
Emma: “Yeah, I had a really weird path on this there. Let’s go even further back when I usually, because I get this question, oh, cried often. One part of it’s already I haven’t really covered much. I actually started working with, I guess, tech as a kind of, like, tinkering with tech as a concept all the way back when I was a kid. I was tinkering around with like coding, little dumb video games, you know, scripting languages and stuff. So that’s kind of like how I got into this. And this still kind of affects how I view things, because I have worked on other platforms, then the mainframe, even if it’s not in a professional capacity. So I do actually quite like both platforms. You sometimes see some animals that you get towards that. But yeah, when I, after I finished high school, it seemed natural for me to get into tech. I’d spend all these years like tinking with this in my room for a time as a teenager. So I went to this trade school because I had horrible grades when I went up when I was in high school. Like my grades were not very good, so I was like, okay, I guess I go to trade school because we have a local trade school or vocational school, I think it would be called in English actually. But does have some IT stuff. So I went there and part of that whole course, I guess, was that you also had to get on the apprenticeship working for a company. So I applied at a ton of places and there weren’t really any places really interested in hiring me, which was very like discouraging. Eventually I did actually get an interview with an insurance company. And initially they rejected me, but then I went on to LinkedIn because they had mentioned during the interview that they had a mainframe. I went on to LinkedIn and messaged one of the people from the interview like asking them about the mainframe because I started looking this thing up after the interview and I was like, huh, these still exist. But it looks interesting. I can’t help myself when I hear that we had tickets. It’s all very interesting to me. So I actually messaged them asking tons of questions about what they were on. He mentioned cobalt and all this stuff. So I started learning this stuff. And eventually they actually pulled me back and were like, okay, we’re actually interested in you anyway. So I brought me in for a second interview and I ended up getting in a apprenticeship then. I got my, I guess, launch on the mainframe band. We’ve worked there for a while. Then I wanted to work in a big environment. So I moved on to the bank I worked for now.”
Steven Dickens: “That’s just a fascinating story. I mean, round of applause for you Emma, that not great grades at school based on what you said, technical college, hustle to get the internship. And now you’re working for one of the biggest global banks. I mean, we just need to pause and say just well done. You know, you probably don’t hear that enough. So I want to speak for the audience and say that. So I just want to give you the opportunity. Is there anything you think you, we’ll get to the other questions. But I want to sort of give you a few minutes to just self-guide. What else do you think you should be sharing with the audience here? You know, the downside of me is we get thrown together. I don’t get, we don’t have a huge team to do background and do research. And I’m just mid conversation just genuinely fascinated about your story, how you’re engaging online, how you’re getting involved in open source. So just maybe freestyle yourself. What else do you want to share with the listeners and viewers? Because I don’t want to get to the end of this and me of directing you. And you go, I wish I could have talked about this. I think there’s an opportunity, I think, just such a fascinating conversation for me.”
Emma: ” Yeah, I don’t know. I always had trouble doing my homework. In school, I would rather just do whatever I wanted to do. I would sometimes sit with my laptop in school, because of us at the time in schools, where laptops were starting to make it in. So the teacher would talk about stuff and before I was taking notes, but I was really just sitting there like programming on my laptop, doing anything but what I was supposed to do. And it’s like, I wouldn’t recommend kids just completely disregard the teachers, obviously. But it’s like, if you are driven enough and you are really determined to learn something and be the best and really self-learn and experiment,… you can actually do a lot of things in life. I even dropped out of that technical school earlier. So my highest education level is technically high school. But I mean, it’s not affecting me in my work. I do a lot of things really well. I’ve even gone to the point where I’m training new people, giving them tasks, reviewing their work. So it’s like, you don’t necessarily need to hire all these high educated university. I have nothing against them or anything. But it’s like, you can get talent from a wide range of backgrounds. I think it’s really useful to have that diverse set of people.”
Steven Dickens: “Well, I mean, a dear friend of mine is a gentleman called Mark Wilson. If you’re not connected with Mark, I will absolutely fix that. Because you, given your security space, Mark Wilson is absolutely somebody you should know in the mainframe community. Mark finished high school, aged 16. And he is probably renowned as the best mainframe White Hat hacker in the business. He built two businesses, one of them was acquired by BMC. Phantac runs the GSE conference or has done. Now his daughter has picked it up for a number of years and built that technical community. Literally a rock star. And I think your story in here has got a lot of parallels. It’s not about the academic qualifications. It’s about that hustle and drive and that level of technical competence that can come from various sources. You talked about it, it’s multi-platform. It’s a bunch of different things. It’s how do you pull that together into building a career? And you’ve obviously done that.”
Emma: “Yeah, it’s all about, I guess, your attitude to things. But you can learn anything if you’re willing to pick up a menu or bring fruits and code or just brute forces. I still try stuff until something works. And people are like, oh, how did you do that? And it’s like, I know I just did stuff until I just…”
Steven Dickens: “I’m about a brute force attacking you. It’s hilarious. I look at my daughter and learn to play the piano. I picked a piano up off the side of the road. My daughter learns to play the piano. She then does a minor in college at music in the piano. She just brute force learned it during COVID without any physical lessons just by watching videos on YouTube and just hacking at it. So, I mean, different skill, obviously, but it proves it can be done. So, I mean, I could talk to you for hours now.
There’s so much content here, but we’ve only got half an hour. Talk to me a little bit about where you see the mainframe security space in general. You’re deep in the guts of it. You’re working on an open source project around RACF. Where do you see the… I hear the phrase, secure by obscurity, security via obscurity. And I think there’s an element to that for the mainframe. Mark Wilson gave me a phrase years ago, the most securable platform. And I love that because it means that you’ve got to do work to secure it. Where do you see the state of the security landscape on the box?”
Emma: “That’s a good question, honestly. And we have so many issues on the security side, honestly. We have tooling, but that could be bad, especially when we’re talking settlers. I can’t talk about it. The mainframe of the operating system side can touch, but on settlers, we have some tooling issues, some tools that could be better, analyzing stuff. Just more user-friendly. There’s a lot of stuff that could be done then. So I would love to see improvements then. I think we will see more and more people spending up there, as we see more people joining the platform, because they’re just going to be like, well, I don’t want to use this. I want my own things. I’ve already seen a lot of people do that, not just myself.”
Emma: “We also have a lot of issues on the skills issue. And by that, I don’t mean what a lot of people usually talk about, like, oh, we should teach people like, if it’s not just that, if you have to secure a set of it, you need to be good at both unique security principles and the old school ragged stuff. That’s a lot of stuff to know at once, but it’s even more than that. That’s just the ground principles, I guess. It’s also very useful to scripting languages and stuff like that. So you can automate things that you need. And insanely wide amount of skills to do this effect. And I don’t think there’s that many people out there who really fits that. So it’s very like split up into multiple different teams. And we do need to combine those, because that’s when you really start to understand the whole ecosystem. I’ve met a lot of people that only understand one corner, and they get so confused when they test and attack with the other…”
Emma: “And that’s not a rare thing, like the unique version of an operating system function, but that runs with TCP, IP stack, that’s compiled as well as all these, like, critical resources. So you can’t just only understand all the old stuff. You need to understand all of it. And I think that’s one of our biggest challenges. And I think over time, that world just naturally gets better with new people joining the platform. Because people who have played around with Linux in this spare time, or went to university or something like that, they’ve probably been introduced to the unique security principles. And they will just naturally have to learn all the other stuff as well.”
Steven Dickens: “So we’ve got a wrap up. As I say, I would love to come back and spend some more time. A couple of questions I was asked at the end of the sessions. And I’m really, really interested to ask this first question. You’ve got chance to go back to speak to 16-year-old Emma. And what would you be to her given that you’ve waned forward now a few years? What advice would you give her?”
Emma: “That’s tough.”
Steven Dickens: “I’ve been asking it for seven years. It’s a great question. I’ll answer for you. Do exactly what you’re doing. And just keep hacking at it. Based on what my conversation with you, that’s how I dance. But I’m fascinated to hear your answer.”
Emma: “Yeah, I do have one actually now that I think about it. Don’t assume people will quickly be convinced of your ideas. That’s definitely a challenge ahead a few years ago. I assume it would just be obvious that this new technology was great. But I quickly discovered that you need to address tons of different fears beforehand. And that’s very difficult. I think everyone will stumble with this coming into this. Especially in this space. Not to talk on anyone, but we do have a very high average age. And we’re not bad used to talking to people, not shown. So I think everyone will stumble with that eventually. Yeah, I would tell her to be very prepared. Prepare lots of power points and create like a general script before you do a whole sales pitch, because otherwise it’s going to go off or less than you. And everyone is just going to be like, what the fuck are they talking about? So you need to be prepared.”
Steven Dickens: “That’s good advice. And then the final question. And I’m genuine. I asked I’ve been asking this for seven years, but I’m genuinely fascinated by your response to it. Where do you see the platform? Five years, ten years from there.”
Emma: “I think we’re going to see more API driven, designing more infrastructure as code. But I’m going to cross my fingers. I think it’s an emergency building, but there will be an outdoor battle to get there.”
Steven Dickens: “I agree. Emma, so I’ve been recording hundreds of these over the last few years. There’s some of these that you get to your 15 minutes in, and you’re like, OK, I’ve got to muscle through the last 15 minutes of this. There’s some of these that you wish could go on for hours. This has absolutely been one of those conversations. So thank you so much.”
Emma: “My pleasure.”
Steven Dickens: “So my name is Stephen Dickens. You’ve been listening to the I’m the mainframer podcast. My normal outro is go click, subscribe, and do all the things. But I’m going to also add, go check Emma out on LinkedIn. She is fascinating to engage with, and her take on where the mainframe is going, is genuinely interesting. So do that as well, and we’ll see you next time.”
Steven Dickens: “Thank you very much for watching.
OUTRO- Thank you for tuning in to the Mainframe Connect podcast. And this episode in the I Am a Mainframer series, sponsored by Phoenix Software International and by Vicom Infinity, a converged company. Like what you heard? Subscribe to get every episode. Or watch us online at openmainframeproject.org. Until next time, this is the Mainframe Connect podcast.”
