November 24, 2015 By Fran Howarth 2 min read

The vast majority of organizations rely on computing systems to run their operations, but for many, those networks have been built up over a number of years. As a result, many organizations find themselves relying on legacy infrastructure.

Maintaining legacy systems can be costly. A recent report by the U.S. Government Accountability Office (GAO) found that of the total technology budget of more than $78 billion earmarked for the fiscal year 2015, 26 federal agencies spent a total of $60 billion on legacy investments. The amount spent on obsolete technology has been increasing for the past six years.

The situation is no better in the private sector. In a recent poll of the banking sector conducted by Tenemos, 80 percent of respondents agreed with the following statement: “Aging IT is the biggest threat to banks today.” It also found that maintaining legacy systems costs, on average, three-quarters of most IT budgets, showing how widespread the problem is in enterprises, as well.

Legacy Infrastructure Hinders Innovation

Maintaining legacy infrastructure can lead to many problems. For example, older systems are likely to be more susceptible to malware. One example is Windows XP, which, according to Microsoft, is six times more likely to be infected with malware than newer versions of Windows. Other problems include systems that are impossible to patch or for which no patches are available, or systems that have been customized to such as extent that upgrading to a newer version would require the customization to be redone from scratch, which is an expensive proposition.

According to the CIO of the Federal Communications Commission, legacy technology is both a security issue and a hindrance to innovation, FierceGovernmentIT reported. New technology developments seen in recent years — including cloud computing, more powerful mobile devices and the Internet of Things (IoT) — provide greater flexibility, efficiency, intelligence, automation and security.

These technologies allow organizations to be more agile, remain innovative and align costs to actual usage. They are generally less complex and easier to manage, and many come with embedded capabilities such as policy management, encryption, authentication and continuous monitoring for greater control.

Investing in New Technologies Makes Good Business Sense

According to a recent article in CSO Online, investing in new technologies makes good business sense, and investments in technologies such as cloud computing and mobile apps are easy to pitch to executives since they save money and bring in new customers.

CSO Online recommended security practitioners should consider either trying to put a dollar value on security risks associated with legacy systems, such as the cost per record lost should the system be breached, or on the ongoing cost of maintenance for a legacy system. With cyber risk insurance gaining popularity, another metric could be the higher costs of insuring legacy infrastructure against breaches.

Given the high costs of maintaining legacy systems and the risks that they can introduce — risks that can lead to dented reputations, reduced profitability and hindered competitiveness from stifling the ability to innovate — all organizations should take a good look at their infrastructure.

There will be many opportunities to replace parts of the legacy infrastructure with new technologies that are more beneficial and allow inefficiencies to be reduced, such as by being able to consolidate data centers or increase usage of shared services. New technologies will also give organizations the opportunity to increase revenue by providing better customer service across multiple channels, which will set an organization apart from its competitors.

More from Mainframe

How dangerous is the cyberattack risk to transportation?

4 min read - If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and subway routes. The results could be terrible. Between June of 2020 and June of 2021, the transportation industry witnessed a 186% increase in weekly ransomware attacks. In one event, attackers breached the New York Metropolitan Transportation Authority (MTA) systems. Thankfully, no one was harmed, but incidents like these are cause…

Low-Code Is Easy, But Is It Secure?

4 min read - Low-code and no-code solutions are awesome. Why? With limited or no programming experience, you can quickly create software using a visual dashboard. This amounts to huge time and money savings. But with all this software out there, security experts worry about the risks. The global low-code platform market revenue was valued at nearly $13 billion in 2020. The market is forecast to reach over $47 billion in 2025 and $65 billion in 2027 with a CAGR of 26.1%. Very few,…

Starting From Scratch: How to Build a Small Business Cybersecurity Program

4 min read - When you run a small business, outsourcing for services like IT and security makes a lot of sense. While you might not have the budget for a full-time professional on staff to do these jobs, you still need the services.However, while it might be helpful to have a managed service provider handle your software and computing issues, cybersecurity for small and medium businesses (SMBs) also requires a personal, hands-on approach. While you can continue to outsource some areas of cybersecurity,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today