Many organisations are still running legacy operating systems, often which are no longer supported. Doing this runs an increased risk of detrimental impacts should something go wrong, or if targeted by cyber-attacks. Have you recently considered what the impacts are to your organisation by continuing to run systems that are now obsolete?
Despite the latest Microsoft desktop operating system, Windows 10, being available since 2015, and now powering more than 700 million devices, the now unsupported Windows XP still accounts for around 5% of the worldwide desktop operating system market.
So why should I upgrade legacy operating systems?
One of the reasons people still use legacy operating systems is that, as OT systems often perform simple yet essential tasks, such as monitoring a valve and shutting it off when a certain value is triggered, they can perform their tasks for years without running into major issues. As updating equipment costs time and money, companies relying on legacy systems may conclude that the cost of replacing the system is not worth the return on investment.
Often it’s not until something starts to go wrong that many organisations are compelled to upgrade. As many system developers are now pulling support for older operating systems, when something does go wrong, people can be left with nowhere to turn. The frequency and length of downtime occurrences are then greatly elongated as people search to find solutions to work around the challenges of working across obsolete systems.
In maintaining legacy systems, companies may also be overlooking the cost of the missed opportunity for operational improvements. If you’re relying on old applications, you’re not allowing your business to realise the benefits from improved system efficiencies and remote system capabilities.
Are you concerned about malicious software that could bring down parts or all of your system?
You also need to consider one of the greatest risks of running legacy operating systems, as they no longer receive cumulative updates and security patches, is that they have become increasingly vulnerable to ransomware and other cyber-attacks.
Given there has been a startling increase in the number of security attacks against Industrial control systems (ICS), such as programmable logic controllers (PLC), supervisory control and data acquisition (SCADA) systems and human machine interfaces (HMI) over the past few years, the need to act where legacy operating systems are in place can’t be ignored.
Last year, manufacturers were subject to an unprecedented level of cyber-attacks. From WannaCry to Nyetya, criminals have discovered that the manufacturing industry is ripe for attack, in large part due to the lack of investment and focus on security within the sector. Once thought to be largely immune to such cyber threats, recent experience has proved that complacency to these types of attacks can no longer continue.
Given that the recently released Cisco 2018 Annual Cybersecurity Report found that 31% of security professionals said their organisations have already experienced cyber-attacks on OT infrastructure. In addition to the report from Cybersecurity Ventures that predicts ransomware damages will cost the world $5 billion in 2017, and that there will be a ransomware attack on businesses every 14 seconds by the end of 2019. Organisations within the industrial industry need to take responsibility for protecting their assets and consumers, since these attacks are primarily focused on causing plant downtime and disrupting activity.
Future proofing your system
By being proactive in keeping systems up-to-date you can reap long term benefits in improving your operational efficiency. You can gain access to the latest features and support, whilst protecting your business against these threats and potential disruption.
When considering an upgrade to your operating system, it would be prudent to review your complete system architecture, as it could open up a whole host of options for also upgrading the applications you use – previously not supported on the legacy operating systems being ran.