As we move further into the 21st century, technology is increasingly becoming the only way for businesses to stay relevant and competitive, notes Byron Gibson, Product Manager, SEACOM.
That’s why so many of them are prioritising their digital transformation strategies, but because transformation is a journey, new and old systems often have to work in tandem, creating a threat gap. Without the necessary security tools in place, companies’ ideas, innovations, and privacy can become compromised due to cyberattacks.
The word ‘cybersecurity’ has been thrown around quite a bit in the last few years, with companies aware of the fact that it’s important but not quite sure how to secure their data and IP. Last year, for example, US healthcare giant Universal Health Services was a victim of one of the largest ransomware incidents. All 400 UHS sites were impacted by the attack, and it took the health system more than three weeks to bring all systems back online.
Closer to home is the Experian hack that exposed the personal details of 24 million South Africans and 793 749 business entities last year. Two days prior to this, Momentum Metropolitan experienced a data breach that implicated their administrative and financial records. Not only can these orchestrated attacks lead to devastating losses to clients, but they can also impact business productivity and cause reputational damage and revenue loss.
Governments are also vulnerable to cybercrime. In June 2020, the Ethiopian Information Network Security Agency suffered a cyberattack from an Egypt-based actor known as the Cyber Horus Group. These cyberterrorists hacked into government webpages, posting messages threatening war if Ethiopia began filling the dam – a topic that continues to be a significant source of tension between Ethiopia and Egypt.
These attacks may lead to businesses asking the question: What are the risks of continuing with your business’s current legacy security products, and what are the advantages of outsourcing security to a third-party whose focus it is to provide these services to customers and ensure that they are well protected from all manner of attack vectors?
Weighing the options
For businesses considering these options, they first need to evaluate their current system capabilities and vulnerabilities and the type, cost, and functionality of available compatible security products. More established companies that have yet to start on their digital transformation journeys are probably still using legacy systems that are more vulnerable to attacks, failures, and other interruptions. Many of these organisations still use on-site computer backups and email security on physical machines.
But why make use of these seemingly outdated systems if digital transformation promises solutions tailored to the latest security practices and threats? Budget constraints, IT priorities, and the complexity of replacing an indispensable component of their enterprise are all valid reasons.
And besides, when businesses have many competing priorities to address, the old adage of “if it ain’t broke, don’t fix it” puts upgrading systems (which incurs time and resource costs) on the bottom of the to-do list. Legacy systems provide familiarity, a system that gives the team access to records without any real roadblocks, and offers effectiveness, especially if the business is relatively small and doesn’t need elaborate functions to manage its databases or generate reports. Legacy systems have worked for years, so motivating to change them can be difficult.
But what these companies fail to realise is that legacy systems come with their own set of challenges that may only surface when it’s too late. Vulnerabilities in the system can cost businesses time and money and could result in complete system failure. These systems are more vulnerable to cyberattacks for many reasons. When manufacturers end support for their systems, they stop updating any security vulnerabilities too. This means that hackers can exploit unpatched vulnerabilities and gain access to the systems, which often end up being much more costly than the price of replacing outdated systems.
The best way to avoid this is to modernise and upgrade legacy systems; that is to say, speed up your digital transformation journey and invest in security solutions and partners that can support better performance and reliability, reduced maintenance costs, improve scalability due to cloud migration, and improve agility.
Of course, modern systems also offer higher security standards. Compared to legacy systems that lack sufficient encryption methods, including multifactor authentication, single sign on, and role-based access, innovative security solutions not only ward off potential attacks but also prevent malicious actors who do manage to get inside your system from freely moving between databases, networks, and systems.
What companies need to realise is that cybersecurity is a never-ending pursuit and what your system is able to defend against today, it might not be able to defend against tomorrow. Regardless of how your digital transformation journey is progressing, there will always be a need to secure your assets. As a business leader, you should look for a partner that understands where you’re headed and can provide you with solutions that protect your organisation while it’s evolving. Setting a strong, secure foundation ensures greater security for you, your business and your clients.