The Legacy Cyber Threat: Why We Must Prioritize Modernization
In the News
The Legacy Cyber Threat: Why We Must Prioritize Modernization
An important but often overshadowed technology issue for government CIOs and CISOs is legacy system modernization. Indeed, the topic comes in at No. 5 on the National Association of State Chief Information Officers (NASCIO) priority list for 2025.
No doubt, cyber and AI (along with budgets for everything) are clearly near the top of current priorities for CIOs and other tech leaders. Nevertheless, this ranking can be deceiving because cyber protections must be applied to all systems, and new AI-powered solutions often replace legacy systems.
The conventional wisdom amongst IT and cyber pros is that legacy systems are a serious cyber threat that must be addressed with urgency. Many government IT modernization efforts even use cybersecurity as a top reason to get off aging platforms that can’t be properly supported, patched for vulnerabilities or protected in other ways from hackers.
While there are no easy answers regarding legacy upgrades, I like this 2025 guide from EPAM Systems which offers a "Mainframe Modernization ROI: A Cost-Focused Guide for Businesses." Here's an excerpt:
“While the modernization process is complex, and upfront costs are high, it holds promise for long-term savings and improved business agility.
"The following analysis breaks down the key factors influencing costs and the potential for ROI. The typical cost trends seen in mainframe modernization are summarized below.
The 3 Most Common Cost Patterns for Mainframe Modernization
"Before diving into the specifics around cost analysis, we’ll review the three most common mainframe modernization approach cost patterns based on our experience, which are as follows:
- Rehosting ('Lift and Shift') — Move the mainframe applications to a lower-cost processor or to a cloud-hosted environment without modifying the architecture, code or data model.
- Replatforming — Migrate mainframe applications to a new and modern runtime platform. Maintain the core application architecture and data model while making necessary code changes for the new OS, database and compiler(s).
- Refactoring/Rearchitecting — Optimize the existing codebase, potentially the data model, and storage for the target on-prem or cloud environment without changing external behavior. Use modern languages and efficient cloud-native services.”
Read the complete article here.
Get your copy of EPAM’s Mainframe Modernization: A Cost-Focused Guide.
Learn how EPAM can help your enterprise reduce risks and ensure resilience against evolving cybersecurity threats: EPAM | Cybersecurity