Editor’s note: This article draws on insights from an Aug. 12 CIO Dive and Cybersecurity Dive virtual event. You can watch the sessions on-demand.
CIOs across sectors and geographies consistently assess their legacy tech stacks. Sometimes there’s strategic purpose behind keeping outdated systems online, but these platforms can also increase compatibility issues, security gaps and other vulnerabilities.
The recent rise of AI placed urgency on modernization as CIOs look for ways to use emerging technologies. AI has also come into the fold to accelerate transformation.
Some of the most common use cases that have emerged include AI-assisted data migration and code refactoring, according to Christina Powers, cybersecurity partner at West Monroe.
“If you've got legacy code, legacy applications, someone wrote those applications many years ago and might no longer be with the organization,” Powers said during a CIO Dive live event last month. “You can use AI to modernize the code base and rewrite applications into something that is more manageable and more modern so that it can be maintained and secured.”
The majority of IT and business leaders are eyeing these AI-driven opportunities, with 4 in 5 expecting AI coding assistants to improve management of outdated systems, code rewrites and automated testing, according to a May Publicis Sapient report.
AI can help “both in terms of conversion to modern platforms as well as just getting better visibility into what’s happening on some of these legacy systems,” Powers said.
With the right foundation, Powers said AI can help businesses quickly identify malicious or anomalous activity, which could help alleviate disruptions tied to legacy technologies.
IT infrastructure provider Kyndryl has firsthand experience with AI-boosted modernization. The company was migrating workloads and modernizing applications in the aftermath of spinning off from IBM in 2021.
“Our entire modernization program used AI,” said Kris Lovejoy, global practice leader for security and resiliency at Kyndryl. “We found huge benefits from a performance perspective.”
The modernization opportunities tied to AI are sprouting as providers develop off-the-shelf solutions. In May, Capgemini and Rocket Software rolled out automation tools to help manage and modernize legacy infrastructure. Microsoft also bolstered GitHub Copilot’s refactoring abilities with AI agents.
AI adoption challenges
Despite the potential, adding AI to processes isn’t an enterprise panacea.
Kyndryl is particularly aware of AI’s shortcomings around bias and explainability.
“It’s a really interesting conundrum right now,” Lovejoy said. “We are AI-first in all things, but we are also very careful about making sure that the use cases are narrow enough that any of the algorithms we are using can be reconstituted fairly quickly, and that we have a good fundamental understanding of the corpus of data that's been used to train those models, and that we've got resiliency around that data.”
Most organizations grapple with obstacles on the road to secure and successful AI adoption, especially with generative and agentic AI.
Business leaders are relying on immature data strategies, which can exacerbate access and security risks. AI governance is also lagging behind adoption, leading to security problems. Nearly 4 in 5 businesses say they don’t have the foundation needed to safeguard models, data pipelines and cloud infrastructure, according to an Accenture survey published in June.
Moving forward on AI plans without shoring up the processes and technology underpinning the initiatives can degrade outcomes.
“AI and the right use case can be a great facilitator of moving away from legacy environments,” said Fritz Jean-Louis, principal cybersecurity advisor at Info-Tech Research Group. “But approach with care.”
