“There comes a day when the air conditioning stops working and the 100-degree heat of July comes, and that’s the day I regret not having been proactive,” Illinois CISO Adam Ford said this past summer during an event on IT modernization.
The analogy was apt, Ford said, because just as cooling units require regular maintenance to avoid summertime pain, government IT systems need to be updated and refined to ensure that they’re more efficient and secure than the decades-old legacy technologies that are more challenging and expensive to improve.
“Agency priorities sometimes don’t align with hygienic maintenance that’s required to do modern cybersecurity,” he said. “It becomes an issue of working with agency stakeholders to prioritize updating systems that may or may not be mission-critical. Governments are used to performing a function in a set way that was developed 25 years ago.”
Ford also said at the time the air-conditioning unit in his home was about 17 years old — well into the upper range of an industry average lifespan of 15 to 20 years.