Cisco Warns: Aging Tech Poses Major AI Security Risk
▼ Summary
– Aging digital infrastructure poses security risks due to outdated configurations and lack of vendor support for patches.
– Cisco’s “Resilient Infrastructure” initiative includes warnings for end-of-life products and plans to remove unsafe legacy settings.
– Research shows the UK and US face the highest relative risk from outdated technology in critical national infrastructure.
– Cybersecurity incidents often exploit known vulnerabilities that could be prevented by upgrading end-of-life technology.
– Cisco emphasizes that maintaining outdated infrastructure has hidden costs and should be treated as a board-level concern.
Aging digital infrastructure represents a significant and growing security threat, particularly as artificial intelligence tools empower attackers to exploit vulnerabilities more efficiently. Many organizations continue to operate outdated routers, network switches, and network-attached storage systems, often tucked away in forgotten closets. While this approach seems cost-effective in the short term, it creates substantial long-term risks. These legacy systems frequently contain insecure configurations and no longer receive vital software patches or vendor support, leaving them dangerously exposed.
Cisco has launched its “Resilient Infrastructure” initiative to address this widespread problem, focusing on both its own aging products and equipment from other manufacturers still in active use. The program combines research, industry collaboration, and technical modifications to how Cisco handles its legacy devices. The company is implementing new warning systems that will alert customers when products approach end-of-life status. These notifications will explicitly warn users if they’re running known insecure configurations or attempt to implement them during device updates. Eventually, Cisco plans to take the more drastic step of completely removing historical settings and interoperability options deemed unsafe by modern security standards.
“Infrastructure globally is aging, and that creates a ton of risk,” explains Anthony Grieco, Cisco’s chief security and trust officer. “The thing we’ve got to get across is this aging infrastructure wasn’t designed for today’s threat environments. And by not updating it, it’s fostering opportunities for adversaries.”
Recent research commissioned by Cisco from British advisory firm WPI Strategy examined end-of-life technology prevalence within critical national infrastructure across five nations: the United States, United Kingdom, Germany, France, and Japan. The findings revealed that the UK, followed closely by the US, faces the highest relative risk due to widespread dependence on obsolete technology in crucial sectors. Japan demonstrated the lowest risk profile, attributed to consistent upgrade practices, decentralized critical infrastructure, and what the report describes as “a stronger, more consistent national focus on digital resilience.”
The study further emphasizes that security breaches and cybersecurity incidents worldwide frequently involve attackers exploiting known vulnerabilities that proper patching or technology upgrades could have prevented.
Eric Wenger, Cisco’s senior director for technology policy, notes that maintaining outdated systems carries hidden expenses. “The status quo is not free, there is actually a cost, it’s just not being accounted for,” he states. “If we can help elevate this risk to something that is treated as a board-level concern, then hopefully that will help to underscore the importance of making an investment here.” Wenger adds that as an industry, “we’re not making it hard enough for the attackers,” highlighting the urgent need for improved security measures across all technology sectors.
(Source: Wired)
