Last month, in the first part of this series, I presented a bunch of strategic topics that I think the IBM i community needs to think about as we figure out what needs to be done in their application estates in 2026 and beyond. I talked predominantly about pragmatism versus hype with AI and then DevSecOps transformation and AI integration into DevSecOps. You can read Part 1 at this link, and that is probably a good idea before diving into Part 2.
In Part 2, I want to focus in on application security. This is a big theme, and I will address it from three angles: cybersecurity, change processes, and non-regression.