IT investment, Information technology

In the dynamic landscape of modern business, Information Technology (IT) has transitioned from a supporting function to a core driver of competitive advantage. Over the years, the partnerships forged within this space have yielded significant value, fostering considerable achievements for all parties involved. 

These accomplishments have laid a solid foundation, but the current state of IT is undergoing a profound transformation that necessitates a reevaluation of strategies and priorities. The digital age has propelled IT into the heart of business operations, where it not only supports processes but also enables innovation and growth. 

This evolution, however, comes with its own set of challenges. IT departments are now facing unprecedented pressure to deliver more with fewer resources. This often leads to a reactive approach, characterized by the “if it ain’t broke, don’t fix it” mentality. While understandable in resource-constrained environments, this strategy overlooks the escalating risks and opportunities inherent in today’s IT landscape.

Is the Risk of Not Updating Your Legacy System Worth the Short-term Reward?

Organizations across the globe face a daily struggle to decide whether to update their IT assets, or risk running just one more quarter, one more year, or even one more decade on their legacy platforms. Risk a concept until its realization becomes an actual event, and then organizations suffer. Some may remember one of the most stark, public examples of riding a legacy system until it was too late. The New York Magazine article that described this had a title that said it all and read like a satirical headline: “NJ Governor Requests Expertise of 6 People Who Still Know COBOL.”        

The article went on to state, “Over the weekend, New Jersey governor Phil Murphy put out an open call for tech experts to help balance the load placed on the state’s unemployment system, which runs on a legacy programming language called COBOL.” 

They had an important legacy unemployment system that they were leaning on to get out-of-work people, many displaced by COVID-19, the resources they needed to live. They were on aging technology that was getting more and more difficult to support. Finally, there was a risk realization event during the pandemic, to the point where the governor of New Jersey needed to put out an open call for support!

The rapid pace of technological advancement and the increasing reliance on digital infrastructure have made IT an indispensable element of business success. IT systems now underpin virtually every aspect of operations, from supply chain management to customer relationship management. 

This integration has made businesses more efficient and data-driven, but also more vulnerable to disruptions. As a result, the old standards of “good enough” are no longer sufficient. Past successes in maintaining stable systems do not guarantee future security or performance. Latent risks, which may have been dormant in less complex IT environments, are now surfacing with greater frequency and impact. 

If Your System Went Offline Tomorrow, What Would Be the Fallout?

The best acknowledgement of risk comes by answering this question: If your system went offline tomorrow, what would be the fallout? Talk it through in your organization – if your ERP system went down, how would it affect your organization? What would it cost, in terms of resources and investment to respond and recover?

Cybersecurity, in particular, has become a pressing concern in the new era of easily accessible generative AI. The sophistication and frequency of cyberattacks are increasing, making it essential for organizations to prioritize proactive security measures. 

What was once considered adequate protection may now leave businesses highly exposed. In just one example, a cyberattack at a single supplier caused Toyota to idle all of its 14 manufacturing plants in Japan. “Toyota Motor will restart domestic production from Wednesday after a cyberattack on a supplier ground the automaking giant’s factories to a one-day halt, sparking concerns about vulnerability in Japan Inc’s supply chain.”

Business leaders must acknowledge the dangers of underinvesting in IT and recognize its strategic importance. Aging on-premise ERP solutions create a cascading effect of lack of functionality, emerging cybersecurity risk, and increasing instability that may put an enterprise in jeopardy. A modern and robust IT infrastructure is not just a cost center; it is an enabler of innovation, efficiency and resilience.

Experience gained from conducting system management assessments reveals that many organizations face substantial risks related to downtime. The costs associated with IT downtime are significant and can have severe financial and operational consequences. Gartner estimates the average cost of IT downtime at $5,600 per minute. This figure underscores the substantial financial losses that can accrue in even a short period. Moreover, a significant majority (98%) of organizations report that a single hour of downtime costs at least $100,000, with 27% indicating costs ranging from $1-5 million. These figures highlight the need for businesses to invest in reliable and resilient IT systems and robust recovery plans. The financial and strategic risks of underinvestment in IT are considerable and demand the urgent attention of business leaders. 

Southwest Airlines faced a public meltdown in 2022 when its legacy systems finally succumbed to age and a lack of flexibility. “…union officials representing Southwest workers say the company did not keep pace with technology changes. And they say they’ve been raising concerns for years. ‘We’ve been harping on them since 2015-ish every year,’ Mike Santoro, a captain and vice president of the Southwest Airlines Pilots Association, told CNN. The result: A massive Christmas travel meltdown that scuttled holiday plans for hundreds of thousands of passengers. Nearly 16,000 flights canceled. Orphaned baggage piling up at airports and travelers told to give a shipping address.”

Imagine the internal conversations over those years within Southwest. Risk. Budget. Resources. Timing. Business continuity. The business side was warning the organization – how many more quarters or years could they get out of that aging system? There is never a clear herald announcing that the risk is definitively and finitely about to turn into an event. There are only waypoints of risk: age, lack of resources, lack of functionality, lack of software updates, lack of a clear roadmap, software vendor viability, and if those waypoints are not heeded, then the choppy plateau of risk becomes the abyss of a business impact event. 

Navigating Business Disruptions, like Tariffs

Most manufacturing enterprises are facing an external impact event related to tariff volatility. The incredible pressure to maintain bottom and top-line stability will lead to creative workarounds at best, and unsanctioned shortcuts. Taking risks is now almost a survival tactic, making the point at which an event tests the durability of IT systems closer each day.

The potential for significant financial losses, reputational damage, and operational disruptions makes IT investment a strategic imperative.

Questions regarding Disaster Recovery (DR) plans, the frequency of testing, and vulnerability assessments must be addressed proactively. DR plans must be comprehensive, up-to-date, and regularly tested to ensure their effectiveness. Regular vulnerability assessments are essential for identifying and mitigating security gaps before they can be exploited by malicious actors. 

Compliance requirements add another layer of complexity. Industries such as Automotive, Food & Beverage, and Life Sciences are subject to stringent regulations that mandate the use of formally supported and validated systems. The possibility of undetected breaches also represents a major risk. Many organizations may be unaware that their systems have been compromised, which leads to long-term damage and exposure. 

To achieve strategic goals in this complex environment, organizations need a comprehensive, vertically integrated support model that minimizes business disruption. 

QAD Helps You Stay Ahead and Up-to-date

QAD Adaptive Applications in the cloud provide a compelling solution, offering a fully inclusive suite of services designed to support current and future business strategy outcomes. This cloud-based approach builds upon existing investments and relationships, offering a less disruptive path forward compared to implementing entirely new systems. 

By embracing this evolutionary approach, organizations can ensure their IT infrastructure remains robust, secure, and aligned with their strategic objectives. If you are on aging, legacy ERP and Supply Chain systems, there is risk in your environment. 

Please contact us at QAD to schedule a System Healthcheck to mitigate risk and secure your future.

1 COMMENT

  1. IT investments aren’t discretionary—they’re the pillars of resilience and innovation. With legacy systems brittle and threats mounting, a measured upgrade to adaptive, cloud-based ERP like QAD is not just smart—it’s essential. Solid piece—thanks for shining a spotlight on this critical transition!

LEAVE A REPLY