With the rise of artificial intelligence, Cisco is sounding an urgent warning about the dangers of aging technology.

Aging digital infrastructure Equipment such as routers, network switches, and network-attached storage have long posed a silent threat to organizations. In the short term, it’s cheaper and easier to leave those boxes running in a forgotten closet. But this infrastructure may have old and insecure configurations, and old technology is often not supported by vendors for software patches and other protections. As generative artificial intelligence platforms make it easier for attackers to find and exploit vulnerabilities in target systems, Cisco Networking Technology Inc. is launching efforts to raise awareness of the issue and promote improvements, both for legacy Cisco devices and for other companies’ products that are still in use.

The initiative, called “resilient infrastructure,” includes industry research and development, as well as technical changes to how legacy Cisco products are managed. The company says it’s rolling out new warnings for its products nearing the end of their lives, so if customers are running or trying to add known insecure configurations, they’ll get a clear message when updating a device. Finally, Cisco will go one step further to completely remove historical settings and interoperability options that are no longer considered secure.

“The global infrastructure is aging, and that poses many risks,” said Anthony Greco, senior director of security and trust at Cisco. “What we have to face is this legacy infrastructure was not designed for today’s threat environments. And by not updating it, it creates opportunities for adversaries.”

Research conducted for Cisco by British consultancy WPI Strategy looked at the prevalence and impact of end-of-life technology in the “critical national infrastructure” of five countries: the US, UK, Germany, France and Japan. The study found that the UK (followed closely by the US) faces the greatest relative risk of this group due to the extensive use of old and outdated technology in key sectors. Japan had the lowest relative risk – due to a greater emphasis on continuous upgrading, decentralization of critical infrastructure, and a “stronger and more sustainable national focus on digital resilience”.

Overall, the research also underscores that breaches and other cybersecurity incidents around the world regularly involve attackers exploiting known vulnerabilities that could be prevented through patching or end-of-life technology upgrades.

“The status quo isn’t free—it’s actually costing, it’s just not being paid for,” said Eric Wenger, Cisco’s senior director of technology policy. If we can elevate this risk to something that is seen as a board-level concern, hopefully that will help emphasize the importance of investing here. As an industry, he adds, “we’re not making it hard enough for attackers.”