{"id":16269,"date":"2025-11-20T11:55:21","date_gmt":"2025-11-20T11:55:21","guid":{"rendered":"https:\/\/dmsretail.com\/RetailNews\/securing-critical-infrastructure-by-tackling-technical-debt\/"},"modified":"2025-11-20T11:55:21","modified_gmt":"2025-11-20T11:55:21","slug":"securing-critical-infrastructure-by-tackling-technical-debt","status":"publish","type":"post","link":"https:\/\/dmsretail.com\/RetailNews\/securing-critical-infrastructure-by-tackling-technical-debt\/","title":{"rendered":"Securing Critical Infrastructure by Tackling Technical Debt"},"content":{"rendered":"

\"Retail<\/a><\/p>
\n<\/p>\n

\n

As policymakers confront new cybersecurity challenges from emerging technologies like AI and quantum computing, an urgent threat hides in plain sight\u2014end-of-Life (EoL) technology beyond its supported lifespan. Headlines focus on novel threats and futuristic defenses, while outdated network equipment and software in critical infrastructure already pose a clear and present danger. This is demonstrated by high-profile nation-state sponsored campaigns targeting unpatchable technology\u2014such as Volt Typhoon. Addressing this threat requires urgent and focused attention, beginning with a common understanding of the size and scope of the problem. <\/span>\u00a0<\/span><\/p>\n

When technology reaches the scheduled\u00a0EoL, vendors stop providing security patches or support. Continued reliance on unsupported technology creates a significant and growing risk of exploitation.<\/span>\u00a0<\/span><\/p>\n

Available estimates suggest that globally, nearly half of business network infrastructure assets were aging or already obsolete at the beginning of this decade. To date, there has been inadequate data to effectively assess how this exposure varies across critical sectors and national markets, or to compare the risks of failing to manage \u201ctechnical debt\u201d against the costs of replacement investments.<\/span>\u00a0<\/span><\/p>\n

\"Update

New Research Fills a Critical Gap<\/span><\/b><\/h2>\n

WPI Strategy\u2019s report, \u201cUpdate Critical: Counting the Cost of Cybersecurity Risks from End-<\/span><\/span>of-Life Techno<\/span>logy on Critical National Infrastructure,\u201d<\/span> highlights this growing global challenge and offers recommendations for policymakers and private sector l<\/span>eaders. Commissioned by Cisco, this research provides a novel approach to comparative analysis of EoL risk across\u00a0<\/span>key markets (US, UK,\u00a0France,\u00a0Germany\u00a0and Japan) and critical sectors including healthcare, energy, water, manufacturing, and finance.<\/span>\u00a0<\/span><\/p>\n

The findings are\u00a0staggering.\u00a0I<\/span>n the U.S., 80% of federal IT spending goes to operating and maintaining existing\u2014often legacy\u2014systems, increasing risk to critical infrastructure. Some <\/span>60% of EU cyber breaches in 2022-2023 exploited known vulnerabilities for which patches existed but were not applied, underscoring that basic cyber hygiene remains a fundamental challenge. The report examined countries and sectors, with healthcare consistently emerging as particularly vulnerable. It found that proactively tackling EoL technology offers a clear, strategic route to significantly raise cyber resilience across critical sectors\u2014and that by addressing vulnerabilities before they are exploited, we can better protect essential services and citizens.<\/p>\n

Practical Policy Recommendations<\/strong><\/h2>\n

As governments and the private sector\u00a0consider how\u00a0to\u00a0best\u00a0allocate\u00a0resources\u00a0and securely\u00a0deploy\u00a0AI, the report offers several actionable recommendations:<\/span>\u00a0<\/span><\/p>\n