The call is coming from inside the house - the ticking time bomb that is legacy cyber security technology

I will be presenting on the threat within, the ticking time bomb that is legacy cyber security technology.

In the fast-paced world of cybersecurity, technological advancements are heralded as the frontline defence against evolving threats. However, what happens when these technologies age and turn into potential liabilities? My presentation will be an insightful exploration of the lifecycle of cyber security technology and the hidden risks it may harbor.

Throughout history, we've witnessed the emergence of countless point solutions, each promising to revolutionise the cybersecurity landscape. Some have indeed fulfilled their promises, growing into significant vendors that shape the industry. Others have met a different fate; some being absorbed into larger organisations where they might have had a greater impact than the sum of the parts, while others have gone where security technology goes to die - where the prize is not the technology but its captive customer base.

Beneath the surface this has created a lurking menace – the creation of "zombie technologies." These are the platforms that, upon acquisition give the impression they have a new home. That they are now part of a much larger strategy and will benefit from greater synergies and related buzzwords. In reality they may actually cease to receive adequate R&D funding, relegating security to an afterthought. Technical debt that accumulated over the years – perhaps even part of innovating and iterating in a agile manner has now morphed into a ticking time bomb waiting to explode.

Threat actors have keenly observed this trend, using Gartner magic quadrants as their compass to pinpoint legacy security technologies ripe for exploitation. They are able to actively target legacy security technologies with the knowledge that success will open up an entire vendor's client base.

In this presentation, I will delve into the intricacies of cybersecurity technology aging and its implications for modern organisations. I will examine the rise of zombie technologies using some recent examples from the headlines and explore the inherent risks posed to the cyber security ecosystem.

I'll conclude by outlining practical steps for cybersecurity executives to consider in selecting and supporting security technology within their estates, including key warning signs to watch out for. It's crucial to know when to part ways or, at the very least have a contingency plan in place.