Advisor

Addressing Tech Debt from Mission-Critical Systems

Posted September 25, 2024 | Technology |
Addressing Tech Debt from Mission-Critical Systems

Recent tectonic crises have underscored the profound risk posed by technical debt within mission-critical systems. Such debt can cripple an enterprise, leading to a catastrophic service outage or even forcing a business to close its doors temporarily. Examples from Delta and Southwest Airlines illustrate how unaddressed technical debt can render companies unable to serve their customers or leave them vulnerable to ransomware attacks or hacking. For these reasons, it’s imperative for CIOs to proactively manage and mitigate technical debt to safeguard their organizations’ future.

Tech Debt Negatively Impacts Mission-Critical Systems

In a recent discussion, several CIOs identified multiple ways that technical debt can impact mission-critical systems. The most pressing include security risks (where vulnerabilities can lead to breaches or ransomware attacks) and stability risks (which threaten the overall reliability of systems). The financial implications for either are significant and include costs arising from additional support requirements, reacting to unplanned issues, and maintaining outdated systems. These factors reduce system reliability and degrade performance, leading to poor customer or user experience. Over time, technical debt increases the cost to maintain systems, reduces the ability to deliver changes effectively, and prolongs outages when they occur.

According to Dion Hinchcliffe, VP of CIO Practice at The Futurum Group, “Technical debt is one of the most pernicious forces in IT and can have far-reaching negative effects.” FIRST CIO Deb Gildersleeve agrees, adding that tech debt on mission-critical systems limits innovation for those systems and can prevent upgrades to operating systems and security. “You often end up with that one specialist and are stuck if something happens when they take a vacation,” she says.

Steps CIOs Can Take to Protect Mission-Critical Systems

To protect mission-critical systems from the risks of technical debt, CIOs suggest several proactive measures. First, set clear enterprise architecture (EA) standards and establish a debt ceiling for legacy systems. This helps manage and limit the accumulation of debt. Regularly assessing and measuring technical debt, coupled with routine code analysis, ensures that debt is identified and addressed before it becomes problematic. According to enterprise architect Ed Featherston, “Smart organizations require [that] every sprint contain 10% tech debt work.”

Budgeting and prioritizing, as well, should include refactoring, alongside mandating tech debt reduction in financial plans. These are crucial steps to keep technical debt under control. Communicating the total liabilities of technical debt to the board and educating business stakeholders on its implications can enlist organizational support. Additionally, maintaining a technical debt emergency fund allows for quicker responses when critical business issues are discovered with tech debt related to mission-critical systems.

It is imperative that CIOs develop a comprehensive plan for addressing technical debt rather than reacting only when issues arise. Risk assessments should be conducted on all forms of debt, including legacy processes, with a clear understanding of the trade-offs involved. New Zealand CIO Anthony McMahon is correct when he suggests that “Step one is to know what the technical debt actually is — this includes capturing why it exists in the first place.”

With this uncovered, addressing technical debt must be an active decision-making process, not something left to chance until a system failure occurs. Once failures occur, “You can isolate them as much as you can, understand the gaps, leverage the data somewhere else, and make sure you have a couple of people who know how to support it,” says Gildersleeve.

EA Helps Eliminate Tech Debt

As a systems discipline, EA plays a crucial role in articulating the case for eliminating technical debt by clearly mapping out the impact of tech debt on current operations and aligning it with the organization’s long-term goals. Providing a structured approach helps organizations not only address existing technical debt but also envision and move toward their desired future state, ensuring that technology decisions support strategic objectives. McMahon argues that EA provides a strategic roadmap, which allows for the standardizing of processes and prioritizing of investments: “The outcomes of that are enhanced collaboration, setting the foundation for continuous monitoring.” 

“It’s another voice to help make the case for eliminating tech debt. [EA] and the diagrams of the entire ecosystem help show where tech debt gets in the way,” adds Gildersleeve. But, Hinchcliffe argues, the “CIO must make it clear that everyone in IT is responsible for surfacing known technical debt, which can creep in via surprising routes.”

Recent Outages & Hacks Give CIOs Fodder to Sell Projects

Recent outages and hacks to mission-critical systems may provide a brief opportunity for CIOs to push projects addressing mission-critical systems. Featherston argues that this window will be short-lived, so technology leaders must act while the issue is fresh. Nevertheless, Hinchcliffe cautions that organizations can fail to recognize the severity of accumulated technical debt, even after a crisis. McMahon, however, insists that accountability be established rather than blame-shifting. He argues that this is essential for resolving the deeper issues, as shown by Delta Airlines’s struggles. Finally, Gildersleeve points out that selling tech debt projects is tough without having user pain, though she believes strong business cases can help.

Parting Words

There is a critical need for CIOs to address technical debt within mission-critical systems, especially the severe risks tech debt poses, including security vulnerabilities, system instability, and increased operational costs. Examples like Delta and Southwest illustrate how unaddressed technical debt can cripple companies, leaving them vulnerable to crises. CIOs should take proactive measures such as setting clear EA standards, regularly assessing technical debt, and prioritizing its reduction in financial plans. Additionally, EA is a key tool in identifying technical debt, offering a strategic roadmap for aligning technology decisions with long-term organizational goals. The need for continuous monitoring and accountability across IT teams is essential for managing technical debt effectively.

About The Author
Myles Suer
Myles Suer has been a data business leader at various companies, including Privacera, Alation, Informatica, and HP Software. Mr. Suer is the facilitator for CIOChat, a platform that brings together worldwide executive-level participants from a mix of industries, including banking, insurance, energy, education, and government. He has been published in Computerworld, CIO Magazine, eWeek, CMS Wire, and COBIT Focus. Mr. Suer has been named #1… Read More