How is technology obsolescence a threat to information security? Let's explore the risk legacy IT components pose to your cyber security and data.
Technology obsolescence and information security (infosec) aren't often discussed together. It's easy to forget about legacy IT components when you're talking about cutting-edge cyber crime.
To protect themselves, many focus on acquiring new technology, such as artificial intelligence (AI), to guard their data. Obsolete IT components leave a vulnerability in this protection that can undo all that hard work.
READ: AI Security- A Digital Guardian For Your Data
It's the equivalent of putting a high-tech, finger-print locked, titanium steel security door on a crumbling old building with huge holes in the walls. It may not be as exciting, but it's more valuable to repair and fortify your existing estate than it is to invest in nifty new security technology.
Cutting-edge cyber security technology is still revolutionary, but you need to update your existing tech before you can fully leverage it. Thankfully, updating your obsolete tech can actually free up the budget you need to invest in the latest cyber security tools.
To find out more about how obsolete technology is holding back innovation in your organization, download our whitepaper:
WHITEPAPER: The 5 Types Of Obsolescent Tech Holding Back Your Organization... And How To Deal With Them
The Infosec Risk Of The Humble Printer
Technology obsolescence is an immediate threat to your information security (infosec). This is such a concern, that organizations are taking action to raise awareness of the issue.
In 2022, news website CyberNews.Com hacked 27,944 unsecured enterprise printers to print out instructions on how to secure obsolete IT components. The action was harmless, but the ease with which this was done shows just how vulnerable obsolete tech can be.
CyberNews claims that they attempted to hack 50,000 devices and had a 56% success rate. They, therefore, estimate that there are 447,000 unsecured, internet-connected enterprise printers in use around the world.
Printers may not seem too threatening, but a hacked printer could print out a ransom threat just as easily as useful advice. Not to mention, it could easily produce disturbing content that will upset both your staff and the regulators who expect you to protect the work environment.
Perhaps a greater concern would be the potential for a hacked printer to allow a cyber criminal to duplicate confidential print-outs. It also acts as an access point to allow hackers to infiltrate your wider network.
All of that from the corruption of a humble printer. Imagine the impact that a more-crucial IT component could have when left unprotected.
The Wider Risk Of Tech Obsolescence
echnology obsolescence leaves huge gaps in your information security (infosec). The very first piece of advice you give to an elderly relative about securing their technology is to update their hardware and software, and this is just as basic for enterprise.
When technology reaches end-of-support, you lose the capability to patch its security when new threats arise. This applies just as much to your core operating systems and mission-critical systems as to simple printers.
Here are a few statistics and facts to keep in mind when deciding whether to tolerate outdated technology:
- An unprotected device is likely to be attacked within an hour of connecting it to the internet
- 70 to 80% of the most-common malware is only effective against obsolete technology
- 400,000 machines infected by the WannaCry ransomware in 2017, at a total financial loss of $4 billion, could have been safe if they had applied a readily available Microsoft Windows OS patch
Put simply, you can see that the vast majority of the risk associated with malware and ransomware can be easily removed by ensuring your software and hardware remains within vendor support. The consequences for not doing so could be disastrous.
The key is then to find the obsolescent technology hidden within your organization before it can be exploited by cyber criminals. Unfortunately, that's easier said than done.
How To Target Tech Obsolescence
Technology obsolescence can remain a hidden threat to your information security (infosec) unless you have oversight of it. Vendors will often send notifications to users about the approaching end of support, but in a large organization, these don't always find their way to the correct person.
Even when technical teams are aware of the end of support for one of their essential applications or components, it doesn't mean they have the motivation or the budget to replace it. Often there will be a disconnect between those that understand the risk, those who know support has ended, and those with access to the money to buy new software.
To overcome the risks of tech obsolescence, you need to ensure that you have a system and process in place to monitor and remedy it. This will involve a combination of an information repository about your applications and IT components, including logs on vendor support duration, along with a process to activate your chain of command to replace tech before it goes out of support.
This is exactly what SAP LeanIX can provide. This makes our products essential, not just for enterprise architecture and technology obsolescence risk management, but also for infosec.
How SAP LeanIX Supports InfoSec
Technology obsolescence risk management is essential for information security (infosec). That's why SAP LeanIX is key to rooting out the hidden legacy technology that's leaving your data vulnerable.
Create SAP LeanIX fact sheets for each of your applications and IT components with customizable fields to log the data you need. These fact sheets will then automatically pull in vendor lifecycle information to give you early warning of when your applications and components will go out of support.
This information is viewable by anyone in your organization, and you can even create custom dashboards and presentations directly within SAP LeanIX. This will ensure all stakeholders are constantly prepared for when obsolete technology needs to be replaced to keep your data safe.
To find out more about how obsolete technology is holding back innovation in your organization, download our whitepaper:
