Home » Topics » Cybersecurity » The ‘Y2K’ danger isn’t over: why the danger from legacy systems is real

The ‘Y2K’ danger isn’t over: why the danger from legacy systems is real

Avatar photoby Ben Rossi

Remember Y2K and the fear of a major catastrophic breakdown in all things digital? Well, it's back. But this time, the implications are validated. Legacy software systems are facing imminent danger of a major security breach and loss of data if they're not updated…and soon.

Financial institutions are one of the most vulnerable given the spiderweb of IT architectures and technologies they have built up over decades. Those that fail to modernise are losing millions of dollars in lost customers and brand equity not to mention the backlog of IT issues that need resolution.

Royal Bank of Scotland in the UK is just one bank that has seen multiple denials of service affecting millions of customers (600,000 payments failed to process overnight in June 2015; and millions of credit and debit card transactions were denied on Cyber Monday in 2013).

But it's not just the UK that's at risk. At Morphis, a global enterprise legacy-to-cloud software company, we want to prepare U.S. enterprises, and the countdown to the hour has already begun.

The customer experience

Businesses with outdated IT systems don’t just suffer 'internally'. Major outages can impact customers through denial of service and the user experience, whether the user interface itself or the lack of availability of mobile access, is going to drive customers to look for new providers.

Whether mainframe or client-server based systems, applications built in the last century are almost impossible for modern programmers to understand and the original creators have either moved on, already retired or getting very close to retirement age.

> See also: The disappointing truth about data privacy and security

This 20th century software is not suitable for today’s modern business and their demanding, tech savvy customer base. And, unlike in the year 2000, if updates aren't made to these systems soon, the company will have major technology and customer retention problems.

Today, customers expect fast, on-demand data. They expect the data to be available through a simple, easy-to-use user interface, and they expect to be able to find this information through any of their many available channels. If you’re missing any part of this equation, you are at risk of losing your customers to a company who’s systems are up to date.

The brand equity you spent many decades building up is not going to help you. It has never been easier for new entrants to quickly acquire IT and COTS (commercial off-the-shelf) products to address your market.

Witness Metro Bank – who recently entered the UK banking market – is the first new entrant in over 100 years! Or Atom Bank, the first completely digital bank, both Atom and Metro got to market using COTS IT solutions.

Then there’s Google, who's now an aggregator in the insurance industry; Apple’s physical digital wallet…and to cap it all, 71% of millennials would rather go to the dentist than listen to their bank!

And it’s not just financial services. An outdated legacy system can jeopardize any enterprises health. Older software vendors are suffering the same customer user experience issues and seeing new entrants to their market provide a better user experience and greater functionality on a variety of mediums, including smartphones, tablets as well as the desktop.

As much as we want our user’s experience to be easy and positive, what matters even more when the clock strikes midnight is security.

The safety experience

Remember when Microsoft marketed their new software by saying 'friends don’t let friends use Internet Explorer 6?' That was a decade and a half ago, and data as recent as just a few years ago showed nearly 60% of businesses were still using it.

So why are we so slow to migrate and modernize -seven when we have help and guidance being offered? Why is it that users will replace their iPhones on a yearly basis, but the businesses managing their finances and personal information are still stuck in the 1980’s? Think about it this way, in 1980 there were only about 1 million computers in use, worldwide. In 2012, the number of smartphones exceeded 1 billion.

> See also: The three golden software rules for software security in the IoT

The sad but true fact is that it is difficult and pricey to completely modernise. If current systems are viewed as 'good enough,' they’ll likely stay as they are. But what is good enough? And how do companies determine that ranking? In 2014 the world watched as some of the planet’s biggest retailers compromised the security of their customers. Even the state of New York was hacked.

If it can happen to Home Depot, Sony, Target and JP Morgan Chase, why can’t it happen to your company? The 'if it’s not broken, don’t fix it' philosophy cannot apply to software systems any longer – nor does it need to!

Sourced from Neil Hartley, Head of U.S. Operations, Morphis

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Data Security

Related Stories

Cybersecurity

How AI will shift the security landscape in 2024

The impact of AI within cybersecurity is expected to grow significantly this year, says Alex Holland, senior malware analyst at HP

AI & Machine Learning

NCSC releases guidelines for secure AI development

New guidance from the National Cyber Security Centre (NCSC) aims to help businesses securely innovate with AI and minimise risks

Cybersecurity

3 cybersecurity compliance challenges and how to address them

Earning those trust seals can strengthen relationships with board members and prospective customers, but it sure isn’t easy.

Cybersecurity

70% of UK firms reported cyber insurance changes in past year

According to research from Databarracks, seven in 10 UK businesses have seen changes to their cyber insurance in the past 12 months, as requirements rise