For your organization to stay ahead of current and future threats, it can't rely on yesterday's cybersecurity technology. Unfortunately, even as attackers continue to refine their skills and use new techniques, many companies continue to deploy outdated firewalls and legacy endpoint protections.
To keep your organization and its data secure, you need to implement next-generation protections, up-to-date policies and tools, and modern systems architecture that is designed with security in mind.
"As vendors, we can do the best job in the world at building secure systems," says Barbara Hudson, Global Product Marketing Director at Sophos, in
a recent company webinar. "But if you're not applying patches or you continue to use devices that are either end-of-life or unsupported, our efforts will be in vain."
How old technology fails against current threats
Hudson and, in
a different recent webinar, Sophos Sales Engineers Angel Ramos and Ryan Lockerbie detail how outmoded technology fails to protect against the latest threats.
The latter pair's example is remote
ransomware, the attack technique that infects an embedded or
IoT device on the office network, such as a smart TV or a smart speaker, rather than a proper endpoint.
"[Attackers] realized really quickly that trying to attack an endpoint directly gets picked up by the anti-ransomware engines pretty well, so they've shifted to mounting the drive to a rogue device on the network," Lockerbie explains.
"That is what remote ransomware means: where the encryption process happens on a secondary device so that the endpoint protection can't see it."
For her part, Hudson focuses on the firewall, the granddaddy of
network-security devices. Firewalls have been standard enterprise devices for at least 30 years, but how often do they get updated or replaced? How many firewalls are kept running after vendor support ends?
"Vendors will contact customers and partners and inform them about the end-of-life date," Hudson says. "Unfortunately, many customers ignore those communications, particularly the ones that come years in advance. So when date X, the end of life, arrives, there's a little bit of a problem."
For those reasons, she reminds us, outdated or improperly configured
firewalls are one of the top reasons for data breaches and other successful network incursions.
"Network edge devices," Hudson says, quoting
Sophos' 2025 Threat Report, "are the single largest source of initial compromise of networks in intrusion incidents and in ransomware and data-exfiltration events."
How next-gen tech rises to the challenge
The paramount defense against current and future attacker techniques is to build your software — any kind of software — using
Secure by Design principles as laid out by the U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) and other organizations.
"Secure by Design is a pledge to support a set of design goals to strengthen product security," Hudson explains, adding that the approach includes factors such as "integrating
MFA into all systems, eliminating default passwords and credentials, implementing automated security patches and offering rapid and transparent vulnerability disclosure."
Another key part of Secure by Design is
zero-trust network access, which Hudson notes is essential to stopping attacks that might otherwise exploit outdated VPN technology to move laterally within a network.
"The problem with VPN is that once you're on the network, you're generally trusted, and frequently have access to everything," she explains.
"The zero-trust network access approach is probably a better choice, as it provides you with the ability to give granular control to resources and apps that can be revoked. If the device health changes, the perimeter moves to where you need it to be."
Sophos itself has been tracking a multi-year campaign, which it calls "Pacific Rim," that originates in China and targets firewalls protecting government agencies, healthcare providers, critical infrastructure and defense contractors across the world.
Hudson credits Sophos' embrace of Secure by Design as a key reason that Sophos' firewalls have largely withstood the attacks.
"We need secure products as much as we need security products," she says, "But when our adversaries are targeting the tools built to defend us more than anything else, we need secure security products."
Likewise, say Ramos and Lockerbie, Sophos' next-gen
endpoint protections are designed to repel new threat such as remote ransomware. Ramos explains how a feature called CryptoGuard will automatically revert files to their previous state upon the first hint of ransomware activity.
"If we see files showing the signs of malicious rapid encryption, we can identify those and roll them back without the use of a volume shadow copy," he says. "This is done in an in-house, proprietary method that is unique to CryptoGuard and unique to Sophos."
A team effort
One of the best and simplest ways to stay ahead of attackers is to just keep your security tools updated, especially when an update patches a known exploited flaw. Many organizations may be reluctant to apply updates immediately, especially with network protections like firewalls, but as Sophos CISO
Ross McKerchar says in a recent blog post, it's time to get over that.
"Over time, as the internet evolves, even the most diligently updated hardware will reach the end of its ability to cost-effectively support necessary updates and features," McKerchar says. "At some point, these older devices become not just dead, but actively undead and dangerous."
As Hudson says, cybersecurity is a team sport. That team can include not only your colleagues, but your competitors and your cybersecurity provider's competitors as well.
"We all share the responsibility," Hudson reminds us. "Vendors need to build secure products and customers must apply patches and stop using unsupported and end-of-life systems, as that adds risk for all of us."