PROTECTING LEGACY SYSTEMS IN A MODERN SECURITY STRUCTURE
It is easy to forget that in the timeline of advancement, information technology, and thereby cyber security, are less than half a century old. For example, the internet, as a publicly available resource, just celebrated its 40th birthday in 2023.
The acceleration of technology advancements continues rapidly, regularly outpacing most businesses expenditures and plans. When this happens, some systems are left in the wake of advancements, commonly referred to as legacy systems, which still require protection. Even with new technologies and capabilities, some systems are required to stay operational well past their initially expected end of life date.
While in some cases it might be easy to plan for this obsolescence, in the case of home-grown applications, such as operational technology and critical systems, additional safeguards must be put into place to ensure these legacy devices are not a significant risk to the business or, in the case of critical infrastructure, a risk to national security or citizens.
It is the standard passage of time struggle. When homes or cars age, maintenance costs grow, and additional protections are put in place to maintain their usefulness, such as a fresh coat of paint, a new engine or replaced electrics. New technologies may also be added to the original structure, for example.
Many major organisations have legacy technology in their networks. For some, this is because of an in-house development that can only run on a specific platform, the cost to upgrade does not make financial sense, or systems were connected to networks or the internet for a business benefit without understanding the associated threats.
Apr-Jun 2024 Issue
Information Security Analytics, LLC
HiddenLayer