The federal government runs three legacy technology systems dating back five decades without modernization plans to update, according to a Government Accountability Office report released Tuesday. Agencies developed plans for seven out of the 10 critical legacy IT systems, excluding the oldest ones.
A Department of Education system containing student information, Department of Health and Human Services information system supporting clinical and patient administration, and Department of the Treasury system containing taxpayer information date back 46, 50 and 51 years, respectively. All are critical to the agency and pose moderately high to high security risks.
GAO warned federal agency reliance on old coding languages, such as COBOL, could cause a rise in procurement and operating costs as the number of workers with the skill set declines. The legacy systems also increase security vulnerabilities and frequently run on hardware and software no longer supported.
The tech debt problem doesn't hold the federal government back from innovation — see GAO's Innovation Lab, the Department of Veterans Affairs Innovation Center and other efforts — but it can leave assets vulnerable if left unchecked.
Some technology infrastructure is good enough for the time being to focus on other efforts contributing to business value. Tech debt becomes problematic when it's insecure and no one knows how to run it, according to Emily Brand, chief architect at Red Hat, speaking at the Red Hat Summit on Wednesday.
That's exactly the conundrum federal agencies face. Modernization plans underlie agencies' abilities to "meet mission needs, address security risks and reduce operating costs," the GAO report reads.
Pouring billions into federal IT transformations helps, but the modernization versus innovation gap exists in the private sector, too. "We've seen innovation budgets skyrocket at our organizations, but their legacy modernization needs to get the same type of love for the insecure platforms," Brand said.
The COVID-19 pandemic and remote work jolted many members of the enterprise into modernization action. In 2018, 24% of executives had the digital capabilities required for transformation, but that number jumped to 60% in 2020, according to a Capgemini survey of 1,000 executives.
But tech debt isn't always a strike against an organization.
"Not all legacy is bad," Brand said. "I know that's not a cool thing to say today but … there's a lot of legacy hardware out there that has been running for 40 years that people have been keeping up to date."
Companies such as Liberty Mutual, for example, adopted automation around its mainframe to cut down on maintenance windows, Eric Drobisewski, senior cloud architect at Liberty Mutual, told CIO Dive.
IT departments took on pilot projects and fostered innovation for business continuity, pushing out legacy systems along the way. Keeping up the momentum post-crisis will fall on members of IT leadership working closely with CEOs to secure the funds.