Capco has recently observed an increased demand for technology currency strategy and maintenance engagements from our clients with varying levels of maturity in this space. The 2017 WannaCry ransomware attack, estimated to have cost $4 billion, targeted Windows XP. Among others, the list of targets included Fortune 500 businesses like FedEx, Honda, and Hitachi and government bodies such as England's NHS. Despite the attack, unsupported technologies from all the major software companies continue to make up a large portion of the software used by financial institutions today.
This article aims to provide a roadmap for financial institutions to develop a mature software currency capability that effectively eliminates these vulnerabilities in an ongoing fashion. Financial institutions can achieve this by following three key steps: creating a proactive mindset towards currency, developing a granular software inventory and relevant KPIs, and incorporating software currency management into performance reviews. Some future-looking capabilities that allow financial institutions to manage their software currency in a more automated fashion are equally explored.