SlideShare a Scribd company logo

Legacy Systems: The Forgotten Risk

brittniinicole
brittniinicole

I'm studying for the CASP and sharing my knowledge with you. Learn how legacy systems pose a security risk to any business.

Technology
1 of 9
Legacy Systems: Old technologies, computers, or applications that are considered outdated but are still functioning in the enterprise.
9 of 10 legacy systems are used to perform a critical business function.
of organizations with legacy systems say that COST drives them to keep outdated systems.
Downtime and testing experienced during the upgrade of a system Resources used to build an in- house system or customize a purchased system Price of purchasing a commercial system from a vendor + +
Often the vendor no longer supports the legacy systems, meaning that no future updates to the technology, computer, or application will be provided.
RISKY BUSINESS Weaknesses Widely Published Dependency on an Old Platform Evolving Threats and Hacker Tools Vulnerabilities are made publicly known with no or postponed patch release. Legacy products may only run in legacy environments, forcing acceptance of additional risks. New security risks are constantly being discovered- risks that were not taken into consideration at time of system creation. Hackers are creating easier ways to exploit systems
Implement the legacy system in a protected network Limit physical access to the legacy system to administrators Deploy the legacy application on a virtual computer Employ access control lists (ACLs) on the system Use highest authentication and encryption mechanisms Best Practices for Minimizing Risk in a Legacy System:
when using legacy systems

Recommended

Bse 3105 lecture 5-evolution of legacy systems
Bse 3105 lecture 5-evolution of legacy systemsBse 3105 lecture 5-evolution of legacy systems
Bse 3105 lecture 5-evolution of legacy systems
Alonzee Tash
 
Legacy Software Maintenance And Management
Legacy Software Maintenance And ManagementLegacy Software Maintenance And Management
Legacy Software Maintenance And Management
ValueCoders
 
Bse 3105 lecture 2- software change
Bse 3105 lecture 2- software changeBse 3105 lecture 2- software change
Bse 3105 lecture 2- software change
Alonzee Tash
 
Legacy system.
Legacy system.Legacy system.
Legacy system.
gourav kottawar
 
Critical Systems
Critical SystemsCritical Systems
Critical Systems
Usman Bin Saad
 
Information system implementation, change management and control
Information system implementation, change management and controlInformation system implementation, change management and control
Information system implementation, change management and control
Shruti Pendharkar
 
Information system
Information systemInformation system
Information system
danishhashmi11
 
Ch21
Ch21Ch21
Ch21
phanleson
 

Recommended

Bse 3105 lecture 5-evolution of legacy systems
Bse 3105 lecture 5-evolution of legacy systemsBse 3105 lecture 5-evolution of legacy systems
Bse 3105 lecture 5-evolution of legacy systems
Alonzee Tash
 
Legacy Software Maintenance And Management
Legacy Software Maintenance And ManagementLegacy Software Maintenance And Management
Legacy Software Maintenance And Management
ValueCoders
 
Bse 3105 lecture 2- software change
Bse 3105 lecture 2- software changeBse 3105 lecture 2- software change
Bse 3105 lecture 2- software change
Alonzee Tash
 
Legacy system.
Legacy system.Legacy system.
Legacy system.
gourav kottawar
 
Critical Systems
Critical SystemsCritical Systems
Critical Systems
Usman Bin Saad
 
Information system implementation, change management and control
Information system implementation, change management and controlInformation system implementation, change management and control
Information system implementation, change management and control
Shruti Pendharkar
 
Information system
Information systemInformation system
Information system
danishhashmi11
 
Ch21
Ch21Ch21
Ch21
phanleson
 
Chapter17 system implementation
Chapter17 system implementationChapter17 system implementation
Chapter17 system implementation
Dhani Ahmad
 
L10 system implementation
L10 system implementationL10 system implementation
L10 system implementation
OMWOMA JACKSON
 
Legacy systems
Legacy systemsLegacy systems
Legacy systems
Institute of Validation Technology
 
Critical System Specification in Software Engineering SE17
Critical System Specification in Software Engineering SE17Critical System Specification in Software Engineering SE17
Critical System Specification in Software Engineering SE17
koolkampus
 
Programming maintenance - Programming methodology
Programming maintenance - Programming methodologyProgramming maintenance - Programming methodology
Programming maintenance - Programming methodology
Vishnu J Kumar
 
Qms
QmsQms
Qms
KalpanaSingh105
 
LIMS
LIMSLIMS
LIMS
university of education,Lahore
 
Ch14-Software Engineering 9
Ch14-Software Engineering 9Ch14-Software Engineering 9
Ch14-Software Engineering 9
Ian Sommerville
 
Chapter 11 Enterprise Resource Planning System
Chapter 11 Enterprise Resource Planning SystemChapter 11 Enterprise Resource Planning System
Chapter 11 Enterprise Resource Planning System
Muhammad Azmy
 
Systems development and program change activities
Systems development and program change activitiesSystems development and program change activities
Systems development and program change activities
kristine manzano
 
What features should your Automation Change Management software have?
What features should your Automation Change Management software have?What features should your Automation Change Management software have?
What features should your Automation Change Management software have?
MDT Software
 
Critical systems specification
Critical systems specificationCritical systems specification
Critical systems specification
Aryan Ajmer
 
Ch9-Software Engineering 9
Ch9-Software Engineering 9Ch9-Software Engineering 9
Ch9-Software Engineering 9
Ian Sommerville
 
Ch16-Software Engineering 9
Ch16-Software Engineering 9Ch16-Software Engineering 9
Ch16-Software Engineering 9
Ian Sommerville
 
System Maintenance
System MaintenanceSystem Maintenance
System Maintenance
Subhash Gupta
 
The information systems life cycle
The information systems life cycleThe information systems life cycle
The information systems life cycle
Nur Aqilah Ahmad Khairi
 
Depandability in Software Engineering SE16
Depandability in Software Engineering SE16Depandability in Software Engineering SE16
Depandability in Software Engineering SE16
koolkampus
 
Architectural patterns for real-time systems
Architectural patterns for real-time systemsArchitectural patterns for real-time systems
Architectural patterns for real-time systems
sommerville-videos
 
Chapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsChapter 2 auditing it governance controls
Chapter 2 auditing it governance controls
jayussuryawan
 
ch10.pptx
ch10.pptxch10.pptx
ch10.pptx
gdfgdfgdf1
 
110006_perils_of_aging_emul_wp
110006_perils_of_aging_emul_wp110006_perils_of_aging_emul_wp
110006_perils_of_aging_emul_wp
Jessica Hirst
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
GE코리아
 

More Related Content

What's hot

L10 system implementation
L10 system implementationL10 system implementation
L10 system implementation
OMWOMA JACKSON
 
Critical System Specification in Software Engineering SE17
Critical System Specification in Software Engineering SE17Critical System Specification in Software Engineering SE17
Critical System Specification in Software Engineering SE17
koolkampus
 
Ch14-Software Engineering 9
Ch14-Software Engineering 9Ch14-Software Engineering 9
Ch14-Software Engineering 9
Ian Sommerville
 
Critical systems specification
Critical systems specificationCritical systems specification
Critical systems specification
Aryan Ajmer
 
Ch9-Software Engineering 9
Ch9-Software Engineering 9Ch9-Software Engineering 9
Ch9-Software Engineering 9
Ian Sommerville
 
Ch16-Software Engineering 9
Ch16-Software Engineering 9Ch16-Software Engineering 9
Ch16-Software Engineering 9
Ian Sommerville
 
Depandability in Software Engineering SE16
Depandability in Software Engineering SE16Depandability in Software Engineering SE16
Depandability in Software Engineering SE16
koolkampus
 

What's hot (19)

Chapter17 system implementation
Chapter17 system implementationChapter17 system implementation
Chapter17 system implementation
 
L10 system implementation
L10 system implementationL10 system implementation
L10 system implementation
 
Legacy systems
Legacy systemsLegacy systems
Legacy systems
 
Critical System Specification in Software Engineering SE17
Critical System Specification in Software Engineering SE17Critical System Specification in Software Engineering SE17
Critical System Specification in Software Engineering SE17
 
Programming maintenance - Programming methodology
Programming maintenance - Programming methodologyProgramming maintenance - Programming methodology
Programming maintenance - Programming methodology
 
Qms
QmsQms
Qms
 
LIMS
LIMSLIMS
LIMS
 
Ch14-Software Engineering 9
Ch14-Software Engineering 9Ch14-Software Engineering 9
Ch14-Software Engineering 9
 
Chapter 11 Enterprise Resource Planning System
Chapter 11 Enterprise Resource Planning SystemChapter 11 Enterprise Resource Planning System
Chapter 11 Enterprise Resource Planning System
 
Systems development and program change activities
Systems development and program change activitiesSystems development and program change activities
Systems development and program change activities
 
What features should your Automation Change Management software have?
What features should your Automation Change Management software have?What features should your Automation Change Management software have?
What features should your Automation Change Management software have?
 
Critical systems specification
Critical systems specificationCritical systems specification
Critical systems specification
 
Ch9-Software Engineering 9
Ch9-Software Engineering 9Ch9-Software Engineering 9
Ch9-Software Engineering 9
 
Ch16-Software Engineering 9
Ch16-Software Engineering 9Ch16-Software Engineering 9
Ch16-Software Engineering 9
 
System Maintenance
System MaintenanceSystem Maintenance
System Maintenance
 
The information systems life cycle
The information systems life cycleThe information systems life cycle
The information systems life cycle
 
Depandability in Software Engineering SE16
Depandability in Software Engineering SE16Depandability in Software Engineering SE16
Depandability in Software Engineering SE16
 
Architectural patterns for real-time systems
Architectural patterns for real-time systemsArchitectural patterns for real-time systems
Architectural patterns for real-time systems
 
Chapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsChapter 2 auditing it governance controls
Chapter 2 auditing it governance controls
 

Similar to Legacy Systems: The Forgotten Risk

110006_perils_of_aging_emul_wp
110006_perils_of_aging_emul_wp110006_perils_of_aging_emul_wp
110006_perils_of_aging_emul_wp
Jessica Hirst
 
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSesTECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
Symantec
 
Basic Security Computere
Basic Security ComputereBasic Security Computere
Basic Security Computere
rashmi1234
 
Basic computersecurity
Basic computersecurityBasic computersecurity
Basic computersecurity
HarshadWadkar
 
CISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICSCISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICS
Muhammad FAHAD
 

Similar to Legacy Systems: The Forgotten Risk (20)

ch10.pptx
ch10.pptxch10.pptx
ch10.pptx
 
110006_perils_of_aging_emul_wp
110006_perils_of_aging_emul_wp110006_perils_of_aging_emul_wp
110006_perils_of_aging_emul_wp
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
 
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSesTECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
 
Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger
Andrey Bogdanov, Dmitry Khovratovich, and Christian RechbergerAndrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger
Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger
 
S M B Top 10minstakes
S M B Top 10minstakesS M B Top 10minstakes
S M B Top 10minstakes
 
2021 State of Cloud Permissions Risks Report (1).pdf
2021 State of Cloud Permissions Risks Report (1).pdf2021 State of Cloud Permissions Risks Report (1).pdf
2021 State of Cloud Permissions Risks Report (1).pdf
 
In-House Development Vs. Off-the-Shelf – Factors to consider
In-House Development Vs. Off-the-Shelf – Factors to considerIn-House Development Vs. Off-the-Shelf – Factors to consider
In-House Development Vs. Off-the-Shelf – Factors to consider
 
Securing control systems v0.4
Securing control systems v0.4Securing control systems v0.4
Securing control systems v0.4
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6
 
Ch13.pptx
Ch13.pptxCh13.pptx
Ch13.pptx
 
Basic Security Computere
Basic Security ComputereBasic Security Computere
Basic Security Computere
 
Basic computersecurity
Basic computersecurityBasic computersecurity
Basic computersecurity
 
Ch13
Ch13Ch13
Ch13
 
CISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICSCISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICS
 
Defending industrial control systems from cyber attack
Defending industrial control systems from cyber attackDefending industrial control systems from cyber attack
Defending industrial control systems from cyber attack
 
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control SystemsNCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
 
Seven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber securitySeven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber security
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

Legacy Systems: The Forgotten Risk

  • 1.
  • 2. Legacy Systems: Old technologies, computers, or applications that are considered outdated but are still functioning in the enterprise.
  • 3. 9 of 10 legacy systems are used to perform a critical business function.
  • 4. of organizations with legacy systems say that COST drives them to keep outdated systems.
  • 5. Downtime and testing experienced during the upgrade of a system Resources used to build an in- house system or customize a purchased system Price of purchasing a commercial system from a vendor + +
  • 6. Often the vendor no longer supports the legacy systems, meaning that no future updates to the technology, computer, or application will be provided.
  • 7. RISKY BUSINESS Weaknesses Widely Published Dependency on an Old Platform Evolving Threats and Hacker Tools Vulnerabilities are made publicly known with no or postponed patch release. Legacy products may only run in legacy environments, forcing acceptance of additional risks. New security risks are constantly being discovered- risks that were not taken into consideration at time of system creation. Hackers are creating easier ways to exploit systems
  • 8. Implement the legacy system in a protected network Limit physical access to the legacy system to administrators Deploy the legacy application on a virtual computer Employ access control lists (ACLs) on the system Use highest authentication and encryption mechanisms Best Practices for Minimizing Risk in a Legacy System: