Aging digital infrastructure, including routers and network switches, has long been a hidden threat for organizations. While it may seem easier and cheaper to keep older equipment running, this approach can expose systems to vulnerabilities due to outdated configurations and a lack of vendor support for security updates. As generative AI technologies enable attackers to more easily uncover and exploit these vulnerabilities, Cisco has initiated a campaign to address the risks associated with aging tech.
The initiative, named “Resilient Infrastructure,” is aimed at raising awareness and promoting upgrades to both old Cisco equipment and other legacy products still in use. Cisco’s efforts include research, outreach, and changes to how the company manages its products. The company plans to introduce warning notifications for devices nearing the end of their life cycle, alerting customers when they are using insecure configurations or attempting updates that could expose them to risks. Ultimately, Cisco intends to eliminate unsafe legacy settings completely.
Anthony Grieco, Cisco’s chief security and trust officer, emphasizes the risk posed by aging infrastructure, noting that it wasn’t designed to withstand today’s security threats. By neglecting updates, organizations inadvertently create vulnerabilities that adversaries can exploit. Research from WPI Strategy for Cisco shows that several countries, particularly the UK and the US, suffer significant risks from outdated technology within critical national infrastructure.
The study found that while Japan has been able to maintain lower risks thanks to consistent upgrades and a strong focus on digital resilience, many incidents of cyber breaches globally stem from organizations failing to address known vulnerabilities. Cisco’s senior director for technology policy, Eric Wenger, asserts that the consequences of inaction are not negligible, and addressing these risks should become a priority at the board level to justify the necessary investments.
Cisco, a longstanding leader in networking, acknowledges that while encouraging customers to invest in new technologies may seem self-serving, the urgency of upgrading outdated systems transcends profit motives. The need for improved security is crucial as attackers increasingly leverage AI tools to facilitate their operations, making it easier for both inexperienced and skilled hackers to carry out attacks.
Grieco calls for heightened awareness regarding the risks of neglected infrastructure, stating, "It’s time to give people a jolt about the silent risk of aging infrastructure." Cisco’s campaign seeks to make these concerns prominent in discussions surrounding organizational security and resilience.
