If we look back at the history of cybersecurity, there were computer worms and viruses around from as early as the late 1980s. But it was only in the 21st century that credit cards became the primary target and businesses started taking credit card security seriously. Today, no business is safe and every organisation, regardless of size and industry, needs to keep security at the top of its mind.
If we consider the technologies and risks of the past and juxtapose them with the technologies and risks of today, it’s safe to say that we’ve come a long way. Just as technology has taken us ahead in leaps and bounds, the threat landscape has also evolved – and dramatically so.
This is the primary reason why legacy IT infrastructure can be so problematic. The security strategies, software and network infrastructure that was adequate a few years ago might just open up your business to unnecessary threats today.
If you’re a business that relies on legacy IT infrastructure, it’s best to be mindful of the following risks:
- High costs of maintaining legacy systems: A 2015 report from the Accountability Office for the US government found that about $60 billion (R842 billion at today’s rates) was spent on legacy IT infrastructure. A similar report detailed that, on average, three-quarters of IT budgets are being spent on the maintenance of legacy infrastructure. While businesses may think that investing in new technologies is too expensive, maintaining old systems is often just as costly.
- Older systems are likely to be more susceptible to malware: As we’ve already mentioned, older systems aren’t advanced enough to deal with modern cyberthreats. For example, Microsoft has admitted that Windows XP is six times more likely to be infected with malware than newer versions of its Windows software.
- A lack of functionality and visibility: Government, industry standards and governance regulations stipulate that modern businesses secure data in very specific ways. Unfortunately, legacy IT infrastructure isn’t robust enough to meet these requirements. Similarly, business leaders who want to keep themselves safe need to have constant visibility in the event that something does go wrong. Legacy IT might not provide this visibility.
- Existing software faces end of life: Systems and software come and go. If you are using legacy IT infrastructure, you run the risk that the tools you are using might no longer be supported by software vendors in future. Once these technologies are retired, you will need to hire highly trained and expensive professionals to keep things going.
- Internal apps being externally exposed: Few IT professionals will admit that websites developed for internal use aren’t created with the best security standards. These internal platforms are usually a business’s weak security link. While these internal resources might have been adequate in the beginning, as they’ve been linked to the Internet over time, they might not be secure enough.
All business executives from the CEO to the COO need to have a clear understanding of the value of IT, and the risks and possibilities associated with new technologies. If you are a modern COO and need a helping hand with appropriate IT solutions, check out our “Understanding IT for the COO” Ebook here.