Features, Insight, Opinion

The urgent case for infrastructure modernisation in the Middle East

Pieter W Bil – Senior Vice President, Managing Director for Kyndryl Middle East and Africa, discusses the results of their latest readiness report and the need to replace legacy technology in order to combat security risks.

In an increasingly digital world, resilience is not just a requirement but an inevitability, withstanding the pressure of a volatile threat landscape. The spotlight often falls on cybercriminals and their ability to disrupt business operations, but there’s another, often- overlooked threat that remains central to security: outdated IT infrastructures.

Despite high levels confidence at 92%, only 43% of business leaders in the UAE and Saudi Arabia believe their IT is truly future-ready, according to the latest Kyndryl Readiness Report. This gap underscores the urgent need to update legacy systems as the demand for cyber resilience grows.

Relying on outdated hardware and software to provide essential services for people around the world can be inefficient and costly to maintain, and leave enterprises vulnerable to cyberattacks at a time when business disruptions can result in disastrous consequences.

To put it simply, imaging trying to secure a fortress with crumbling walls – no matter how strong the gates are, the vulnerabilities remain.  By updating legacy systems, organisations can achieve lasting financial gains, foster innovation and build true cyber resiliency — the strength to protect, prevent, withstand and recover from adverse events.

As enterprises progress their modernisation efforts, some threats will be unavoidable. Technology leaders must reinforce defences, like securing windows and bolting doors to keep intruders out.  But they cannot overlook the “cracks in the foundation” beneath them. All those security measures are futile if the entire structure is unstable.

The longer legacy technologies linger, the more security risks will grow.

Inviting unnecessary risk

According to Frost & Sullivan, the Middle East ICT market is predicted to reach US $95.05 billion by 2025, driven by increased demand for technologies like AI, machine learning, and IoT. In recent years, investments in these technologies have transformed how and where people work. However, as companies scrambled to adapt to the virtual office, some decisions were made hastily. Many moved to the cloud, with a lack of structured planning, adopting a variety of tools and quick fixes that bogged down already complex IT estates, adding to technical debt. Meanwhile, legacy technologies were left untouched.

Relying on — and building on top of — outdated infrastructure exposes companies to unnecessary risk.

As newer, better options hit the market, older technologies are retired; critical updates like security patches are no longer provided. Yet many enterprises continue to depend on these end-of-life and end-of-service assets. Essentially, they’re relying on decades-old cars after manufacturers have stopped making their parts.

Building applications on outdated infrastructure can also delay time to market and make companies less competitive, a McKinsey analysis suggests. At the same time, their analysis found that there are clear financial benefits to updating systems: operating costs of modernised fintech platforms were as low as 10% of traditional banks’.

If a competitive edge and reduced costs aren’t compelling enough reasons to refresh infrastructure, there are additional challenges business leaders will face if they continue to delay action. Legacy technologies often lack strong encryption standards — and encryption-breaking technologies like quantum computing are on the horizon. Outdated technologies also tend to rely on older programming languages, which can hinder modernisation efforts and slow innovation as the mainframe skills gap widens.

Confronting legacy technologies

Enterprises that have delayed addressing legacy technologies may need to quickly catch up as governments encourage modernisation efforts. In the UAE, the Telecommunications and Digital Government Regulatory Authority (TDRA) introduced the “UAE Information Assurance Regulation” to establish robust security standard for information assets and supporting systems across all entities. The goal is to create a trusted digital environment nationwide.

In Saudi Arabia, the SAMA Cyber Security Framework mandates comprehensive security measures for all banks, insurance firms, and financial institutions within the Kingdom. Additionally, the Cyber Threat Intelligence (CTI) Principles outlines best practices for generating, processing, and sharing threat intelligence, helping the financial sector to identify and mitigate of relevant cyber threats more effectively.

Companies can take steps today to tackle outdated technology. They must first define and identify legacy assets. From there, they need to understand how these technologies relate to critical business processes and consider the maximum downtime they can withstand. Some disruption now will likely pay off down the line. And future gains must similarly be prioritised over short-term economic pressures.

Enterprises should prioritize staying on track with hardware refresh cycles, as hardware failures remain one of the most common sources of disruption. Legacy systems continue to pose challenges for financial institutions in the Gulf Cooperation Council (GCC) region; according to IDC, over one-third of these institutions have indicated the fragmented nature of their IT environment as a key obstacle to their digital journey. Companies should also enforce strict patching policies to ensure software updates and implement regular mainframe health checks.

Broader mainframe modernisation efforts can enable enterprises to become more agile, as many still depend on mainframe technology for mission-critical business. Today, most companies take a hybrid approach to modernization — but any path can result in increased profitability.

The efforts ahead may seem daunting, but legacy technologies present the opportunity to turn a security liability into an asset: The work can’t start too soon.

Image Credit: Kyndryl

Previous ArticleNext Article

GET TAHAWULTECH.COM IN YOUR INBOX

The free newsletter covering the top industry headlines