Government must act on “ticking time bomb” of outdated software, think tank warns
Maya Sgaravato-Grant
Outdated software is exposing public services to the risk of cyberattacks and critical outages, a think tank has warned.
In a report entitled From legacy to leadership: upgrading the digital State, Re:State tied outdated technology to critical incidents in Guy’s and St Thomas’ Hospital, the British Library and local councils.
It argued that the government must take action to update old IT systems through the creation of a new Digital Modernisation Taskforce, the introduction of “Technology Impact Assessments”, and assigning senior civil servants responsibility for reporting on the financial risk created by outdated systems.
Joe Hill, co-author of the report, Director of Strategy at Re:State and former Treasury civil servant, called the situation a “ticking time bomb”.
He said: “[T]oday the gap between public sector tech and private sector tech continues to grow.
“The public don’t understand why their experience with government to book appointments and pay taxes are so much harder than when they buy anything from the private sector.
“They are right to have high standards, and for government to invest in IT to keep up the pace.”
The report underlined what it sees as a contradiction between government calls for the adoption of cutting-edge technology and its reluctance to part with older software, highlighting how the Police National Computer is still reliant on the technology that was used when it was first introduced in 1974.
From legacy to leadership calls for mandatory technological assessments for all major policy and spending changes with technological implications, and the introduction of a requirement for Accounting Officers to report on legacy IT risks.
With 28% of high-risk government IT systems having no funding available for their repair, Re:State argues that the Government Digital Service should use “match funding” to pay public sector organisations to fix them.
It also advocates for the acceleration of digital spending pilots focused on “funding services, not projects”, as well as the creation of a new set of commercial guidelines for managing legacy IT providers.
