Why legacy tech is stifling CIOs’ dreams of global growth

Companies looking to expand overseas need to jump through many hoops. Growth always comes at a price, and it will often take deep levels of investment to get the ball rolling. Pushing forward with such ambitions can be a big challenge and, according to Expereo research, legacy tech in new markets is constraining ambitions. 

Four in ten of 200 CIOs questioned – all from global organizations – cited legacy connectivity and management systems as the biggest limiters to growth right now. Jim Tiller, CISO at Nash Squared, understands why.

“There remains the reality of aging solutions that consume vast amounts of time and energy to secure,” he tells ITPro. “It’s one thing to make legacy systems work, but a completely different one to ensure they are protected.

“Moreover, while the spectrum of new technology combined with its rapid progression provides unlimited optionality and innovation, the security industry is still facing challenges of implementing foundational security capabilities, most of which will be essential to securing the next generation of technology.”

The challenges CIOs face today

Expereo’s CIO group, all based in the UK, had the second-most positive outlook after CIOs from China. This is largely because nearly half of the CIOs (48%) said they had already secured increased technology budgets to deliver growth and tackle existing challenges.

The challenges facing CIOs are manifold but start with breaking through the growing talent and skills shortage. Dan Beevers, managing director EMEA at Expereo, suggests the talent pool is so limited that “businesses are starting to see how they can nurture talent internally and enhance it within organizations”.

Other limiting factors are also a consideration, he explains. For example, there’s an urgency to innovate, but this is set against a record speed of technological change. That has brought an explosion of new devices and apps but, in turn, that brings with it a wide range of new security threats. Today’s greater levels of remote and hybrid working also present challenges for cyber security.

Joseph Carson, chief security scientist and advisory CISO at software company Delinea says he isn’t surprised by the positivity of UK CIOs. “However,” he adds, “adopting the latest innovations, which can make businesses more effective and productive, also makes us even more dependent on technology. It also makes security – and automating as much as possible – an even greater priority.

“In a world that is always connected, this has major implications in how we secure businesses, particularly as identity has replaced the legacy perimeter and access is the new security layer.”

Which markets should CIOs expand into?

Expereo is an internet, cloud connectivity and SD-WAN provider and its research has thrown up many other considerations for CIOs and CISOs eyeing up moves overseas. As well as the troubles with skills and talent retention, security environments, complicated physical and geopolitical infrastructure, and local knowledge were all also highlighted.

But choosing which new markets to enter seems to be their toughest headache. Although boardroom support is in place, given that CEOs recognize they must “stay relevant”, there are many different barriers to entry across many different regions.

The “biggest opportunity for growth”, according to the study, was perceived to be in Western Europe followed by North America. The Middle East, Northern Europe, and Eastern Europe came next. But UK CIOs were most concerned about Asian markets, as well as India, due to agility, security, and the knowledge of local providers. This is a tricky line to walk when these are some of the world’s fastest-growing economies and therefore vital to expansion.

“To navigate Asia, where regulatory can be a challenge, they need a partner who they could work with who knows how to work with local suppliers,” Beevers says.

Having had many conversations with CIOs about this problem, Beevers explains how they have often brought up the subject of the speed of entering a new market without someone to support you. “To be able to do that with speed without having themselves to learn through mistakes and experience is probably one of the biggest themes I’ve seen,” he adds.

Keeping everything and everyone safe when you open new offices in new geographies means securing increasingly connected and data-centric architecture, explains Riaz Lakhani, CISO at network security firm Barracuda. Otherwise, it will bring risks from an “ever-broader attack surface” from growing cyber threats. 

“Security measures such as zero trust network access and SASE are key assets here,” he says. “They verify identities and securely connect users, devices, and things with their applications, while simultaneously optimizing network traffic and security – regardless of location. 

“This, together with a growing need to build security into technologies from the very start – security by default – will help to future-proof security and provide a solid umbrella for business growth. If the security fails, other growth ambitions will likely fail too.”

CIOs are making up for lost time

Secure connectivity overseas is a delicate puzzle to solve. Expereo’s research recognized this with 45% of CIOs claiming that establishing and managing connectivity in new markets was the single most critical factor to ensuring successful global expansion.

More markets also naturally bring with them more problems, but Beevers insists CIOs are ready for this challenge, especially as COVID-19 held back many growth ambitions that were on organizations’ roadmaps.

Beevers suggests CIOs were championing many of the solutions they are now being funded to buy and install for a long period – especially when it comes to applications and security. He feels the pandemic gave them an opportunity to prove the need for all that had been advocating for. “I think they’re excited now they can go into action,” he adds.

Looking ahead, future success will also come from technological implementations and integrations. Expereo’s study found artificial intelligence (AI) and machine learning, security plus automation, and data analytics were the top three areas due to see increased tech investments from UK boards in the next few months. These were followed by 5G, edge computing, SaaS, public cloud or hybrid cloud, and WAN. 

But with all these areas waiting to be navigated, understood, and deployed, it even further highlights that legacy issue for new markets. “It appears organizations are quick to adopt new technology but extremely slow to let go of the old,” says Delinea’s Carson. “This causes all sorts of constraints when it comes to protecting and securing the business. Typically, it means having to deploy multiple security solutions, which raises complexity and requires more skilled resources.” 

And Carson warns: “Legacy technology is an additional burden that adds to the existing skills shortage.”

To deal with what comes next, CIOs are going through a period of “self-learning”, explains Beevers, to make sure they are ready for areas such as AI, automation, and security. But he says many don’t “necessarily have the biggest IT team internally” making it vital to find key partners to get them up to speed.

The landscape is shifting though, and Beevers adds: “People are starting to get on a journey where they realize what they did in the past is no longer relevant for the future.”