IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Modern servers replacing old computer australia map cybersecurity upgrade
#
Ransomware
#
Phishing
#
Advanced Persistent Threat Protection

Australian organisations urged to upgrade legacy tech for cyber safety

Fri, 26th Sep 2025
Author image
By Shannon Williams, Journalist

This year's Cyber Security Awareness Month is drawing attention to the rising risks associated with legacy technology and the expanding threat landscape faced by Australian organisations.

The Australian Government has underscored the persistent use of outdated systems as a priority issue for businesses. As technological developments continue to gather pace, many organisations struggle to ensure all systems remain current and secured against rapidly changing cyber threats.

Legacy systems risk

Dan McLean, Country Manager, ANZ at Barracuda Networks, notes that legacy technology does not necessarily refer only to decades-old infrastructure. He explains that any system which has not been updated in accordance with modern threats presents risks. "With the current pace of change, the window to update and maintain systems is shrinking fast," McLean states.

Older platforms or unpatched technologies frequently retain known and unaddressed security vulnerabilities. Such systems may lack compatibility with up-to-date security tools, or be unsupported by vendors, resulting in no further updates or technical assistance. The absence of ongoing support places enterprises at significant risk, transforming unmaintained infrastructure into easy targets for cyber criminals.

According to McLean, the management of these legacy environments comes at a substantial operational cost. Reports suggest that up to 70 per cent of IT teams dedicate over six hours per week solely to security patching. For already stretched IT departments, this is a considerable resource drain and can impact other priorities.

Insecure legacy systems also increase the likelihood of human error. The complexity and age of these platforms make them more challenging to secure correctly, heightening the risk of misconfigurations or accidental exposure of sensitive data.

When systems aren't kept up to date, it isn't just inefficient - it's dangerous. Building a cyber safe culture means recognising that security is not just about reacting to threats but about proactively strengthening the foundations of our digital environments.

Supply chain vulnerabilities

The growing interconnectedness of business ecosystems is amplifying exposure to cyber incidents, particularly across supply chains. Alan Win, Founder and CEO of Middlebank Consulting Group, highlights the compounded risks brought by digitalisation within logistics, eCommerce, and supplier networks.

Win remarks that every stage, from suppliers to logistics providers and customer-facing platforms, represents a possible entry point for attacks such as ransomware, phishing, or supply chain compromise. Disruption to any element can have wide-ranging operational and reputational impact, including exposing sensitive data and eroding customer trust.

Cybersecurity is increasingly critical across the supply chain sector, including eCommerce, as digitalisation and interconnected systems increase exposure to cyber threats. Every link, from suppliers and manufacturers to logistics providers and online platforms, can be a potential entry point for attacks. Ransomware, phishing, and supply chain compromises can disrupt operations, expose sensitive data, and damage customer trust. Companies need a proactive approach by strengthening digital security, conducting regular risk assessments, training employees, and collaborating closely with partners. Building cyber resilience across the supply chain is not just a technical requirement; it is a strategic necessity for protecting operations and maintaining stakeholder confidence.

Win advises that a proactive approach to digital security is now regarded as a strategic requirement. This includes not only technical measures and regular risk reviews but also a cultural emphasis on cyber awareness and resilience throughout the network of business partners and employees.

Building a cyber safe culture

The theme for this year's awareness campaign, 'building our cyber safe culture', emphasises the need for organisations to shift from a reactive position to a proactive one. Both McLean and Win agree that genuine progress requires integrating cyber security practices into daily routines, ongoing staff education, and fostering accountability at all organisational levels.

Australian businesses are encouraged by experts to examine whether their own digital environments and those within their supply chains are being upgraded and patched alongside evolving security best practice. Legacy systems, understaffed IT teams, and insufficient partner collaboration continue to present significant hurdles in this endeavour.

The focus during Cyber Security Awareness Month is on recognising and addressing these vulnerabilities, not only to comply with government guidelines but to ensure a secure foundation for ongoing digital operations and trusted business relationships.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Prezzee names Edwin Ter Wijlen Chief AI Officer for global growth
AI infrastructure growth threatens 14 million Australian bees a year
Synology unveils PAS7700 NVMe storage to meet AI data surge
Australia urged to bridge research gap with better AI adoption
Exclusive: Granicus' Alex Gelbak on 'making the invisible visible'

Top stories

McKinsey report shows AI interest but slow scaling
Enterprises to focus AI spend on cost savings & data control
AI & phishing attacks highlight human risk in Australian fraud
Dematic launches RTS 120 AGV for high-bay automation in warehouses
Adobe data shows USD $88.7 billion spend & AI boost in October