“Being old doesn’t make a system a security risk. It may seem like a system that’s been around longer may be a more well known target. But it’s also true that those weaknesses have been found and likely patched. If someone has an old system that’s fully patched, well monitored, and protected by good policy and practices, it can be every bit as secure as anything else.
The real danger is the more likely reality that an “if it isn’t broken don’t fix it” attitude may take over. Often “broken” is measured not by how well patched or protected a system is, rather it’s measured by its ability to continue its role in some profitable part of a business’s operations. By that measure, patching the old system may be a risk as you may then have an old system that people don’t have skills to deal with that has changed some behavior stopping it from ticking away as a cog in the machine.
No one stops to ask about the security risk when the big machine stops churning out revenue. The risks posed by the older systems all stem from the same cost versus risk calculations that businesses do every day. It usually takes a high cost breach to tip the scales from cost driven thinking to risk driven thinking – for older systems and everything else.”
“Oh the woes of using out of date, insecure operating systems. We often hear people screaming UPDATE! But is it really a problem?.. Yes it is, because of the vulnerabilities that will never ever be patched by Microsoft (MS). If you go out and purchase a Windows 8/10 operating system then MS regardless of what people say will try very hard to keep you safe. They want you to be using the most secure up to date operating system in the world. After all, if it works with no problems then you will most likely stick with it, they don’t want the PR backlash of exploits and vulnerabilities so they will do all they possibly can to keep you safe. But if you’re running Windows XP then any exploits that are found or currently known will stay known and useable for all and sundry to exploit and spread, unchecked. Yes of course you can install internet security and be very careful what emails you open and what web pages you go to but it’s like putting the most expensive locks on your 3ply shed hoping that will keep its contents safe, it won’t!
Updating your operating systems is not all about keeping Microsoft afloat it’s one of the multi layers required in modern day computer security, think of it like the foundations for your nice shiny new house, any builder will tell you how important they are.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.