Dutch  |   English

What WannaCry Can Teach Businesses about Legacy Technology

Authored by: Silvano Stagni and Krishan Chauhan

The recent WannaCry Ransomware cyber-attacks have highlighted the vulnerability of legacy technology, data and operations to malicious business attacks, raising this as a key risk for financial services firms. Similarly, the Financial Conduct Authority (FCA) 2017 mission published in April also highlights the systemic and technical risks that derive from the continuous use of old technology as a priority area of intervention.

Why did “legacy” become such a big deal? What can be done about it at a time when a large share of the Information Technology (IT) budget, resources, and efforts are aimed at managing regulatory change? To answer these questions, we need to look at what makes these systems vulnerable and why.

Some areas of the financial industry are constantly embracing new technology, using people with extensive systems and workflow experience. The tail-end of the technology lifecycle management is often neglected. Managing the upgrade (or the update or, indeed, the demise) of an old system must include maintaining a robust control model (e.g. performing updates check each quarter) to identify and remediate points of vulnerability and to understand how they apply across the technology ecosystem.

Few systems exist in complete isolation. Any change, however small, to the corporate IT landscape may affect an old system. If the system is poorly documented, it will take longer than expected to implement any change. The worst-case scenario may result in unplanned investment in time, effort, and money. Any system downtime has the potential to result in reputational risk, a sudden and urgent need to source costly resources to re-establish the service, or a high-priority requirement that can block resources from being used elsewhere.



Enter your details to download this article for free.

Voer de tekens in die op de afbeelding worden getoond.


Synechron, Inc. en / of zijn dochterondernemingen en groepsmaatschappijen nemen uw privacy serieus. Door uw informatie te verstrekken, meldt u zich aan om informatie te ontvangen over Synechron-services en gerelateerde marketing. Uw persoonlijke gegevens worden beschermd in overeenstemming met het Privacybeleid van Synechron. Door dit formulier in te vullen, geeft u Synechron uw toestemming zodat we u relevante informatie kunnen meedelen via e-mail, telefoon, uitnodigingen en andere digitale meldingen. Als u op enig moment uw toestemming wilt intrekken of uw profiel en voorkeuren wilt bijwerken, kunt u dit doen door hier te klikken of door rechtstreeks contact met ons op te nemen.