Using AI to take a manoeuvrist approach to defence legacy
Guest blog by James Thomas, Global Head of Cyber and Priit Liivak, Chief Architect at Nortal #SupplyChainSecurity
James Thomas
Global Head of Cyber, Nortal
James Thomas
Global Head of Cyber, Nortal
Priit Liivak
Chief Architect, Nortal
Priit Liivak
Chief Architect, Nortal
In defence, advantage comes from applying force where it matters most. AI is now making it possible to understand complex legacy systems well enough to focus effort where it delivers the greatest effect.
UK defence’s digital landscape is a deeply interconnected system of systems, spanning C4I platforms, communications infrastructure, digital services, and operational technologies across the MoD and its wider ecosystem. Many of these systems are decades old, tightly coupled, and only partially understood.
Legacy as a structural feature, not a failure
This creates a structural challenge: obsolescence is not an anomaly, but an inherent feature of defence at scale. Efforts to modernise have historically struggled not due to lack of intent, but because the problem itself is difficult to define. When systems are tightly coupled, changing one affects many others, making understanding as complex as transformation.
The result is a persistent cycle of legacy, limited visibility, and risk aversion, where the safest decision is often to leave systems unchanged.
The cost of working around legacy
Limited visibility into system dependencies makes it difficult to identify vulnerabilities or respond quickly to incidents. Workarounds inevitably emerge, created by users seeking faster access to functionality or developers adapting systems beyond their original design.
While often effective in the short term, these workarounds tend to be poorly documented, difficult to support, and frequently operate outside formal control frameworks. Historically seen as shadow IT, and now increasingly as shadow AI, they can demonstrate what is possible but rarely scale into core environments due to security requirements, integration challenges, and the need to meet strict approval and governance standards. Instead, they introduce new, ungoverned dependencies into an already opaque ecosystem, adding to complexity and creating the conditions for the next generation of legacy.
Legacy systems are not only a constraint on modernisation, they are also high-risk targets. Hidden dependencies and fragmented integrations create vulnerabilities that are increasingly easy to exploit as AI capabilities advance (like Anthfropic’s latest model Mythos demonstrates). Improving transparency and control through modernisation significantly reduces this risk.
System understanding through AI
This is where artificial intelligence presents a different kind of opportunity. A new class of agentic AI systems can interpret and reason over software estates, reconstructing system understanding directly from artefacts such as code, data structures, and runtime behaviour – a practice we call AI-driven legacy archaeology.
This makes it possible to surface operational logic, workflows, and dependencies that would be extremely difficult to identify through manual analysis alone, shifting modernisation from assumption to evidence.
Achieving this depends on a structured approach. Systems need to be broken down into manageable components, with clear decisions about what to examine and what needs to be achieved. This is where process design and expertise come into play, ensuring AI is applied in a way that produces meaningful and usable insight in complex environments.
With that structure in place, AI-driven analysis becomes significantly more effective, enabling organisations to extract reliable understanding from systems that would otherwise remain difficult to interpret.
Focus effort where it delivers the greatest impact
Applied to legacy modernisation, this enables a more manoeuvrist approach. Instead of large-scale transformation programmes, organisations can use AI-driven insight to focus effort where it delivers the greatest impact, based on a clearer understanding of system interactions.
This improves the ability to integrate new technologies and enables faster adoption of capabilities such as AI, autonomy, and advanced sensing.
In practice, this means targeting specific interventions – improving interoperability, reducing reliance on manual workarounds, or addressing risk in tightly interconnected systems. Here, AI is not replacing systems, but enabling more precise and confident change.
AI acts as a force multiplier, improving decision-making, resilience, and the effective use of resources.
Breaking the cycle of legacy
AI-driven legacy modernisation offers a path to make systems visible and move towards incremental, controlled change.
The opportunity is not simply to modernise legacy systems, but to break the cycle in which complexity limits change. With the right application of AI, defence organisations can move from reacting to legacy constraints to actively shaping more secure and adaptable systems.
Explore the technologies, policies and partnerships shaping the future of secure and resilient supply chains across the UK. From third-party cyber risk to defence, AI and operational resilience, Supply Chain Security Campaign Week brings together expert insight on the challenges organisations are facing and how industry is responding. Follow the week to stay informed and connected to the evolving threat landscape.
Securing the chain: innovation, accountability and resilience in supply chain security webinar
Explore how organisations are strengthening supply chain security through innovation, accountability and resilience. Gain insight into emerging technologies, regulatory approaches and practical strategies for managing cyber risk across complex supply chains. Join the webinar to understand how industry and government are responding to an evolving threat landscape.
techUK brings together key players across the cyber security sector to promote leading-edge UK capabilities, build networks and grow the sector. techUK members have the opportunity to network, share ideas and collaborate, enabling the industry as a whole to address common challenges and opportunities together. Visit the programme page here.
Supply Chain Security in Practice – Real-world strategies from techUK members
Discover practical strategies for strengthening supply chain security through real-world examples from techUK members. Explore how organisations are managing cyber risk, improving resilience and responding to evolving operational and regulatory challenges. Read the playbook to gain actionable insight and learn from approaches already being applied across industry.
Explore the key challenges and opportunities shaping secure and resilient supply chains through techUK’s Supply Chain Security Campaign Week 2026. Gain insight into cyber risk, defence, AI, resilience and public-private collaboration from across industry and government. Follow the campaign to access expert perspectives and practical approaches to strengthening supply chain security.
Our members develop strong networks, build meaningful partnerships and grow their businesses as we all work together to create a thriving environment where industry, government and stakeholders come together to realise the positive outcomes tech can deliver.
Jill leads the techUK Cyber Resilience programme, having originally joined techUK in October 2020 as a Programme Manager for the Cyber and Central Government programmes. She is responsible for managing techUK's work across the cyber security ecosystem, bringing industry together with key stakeholders across the public and private sectors. Jill also provides the industry secretariat for the Cyber Growth Partnership, the industry and government conduit for supporting the growth of the sector. A key focus of her work is to strengthen the public–private partnership across cyber to support further development of UK cyber security and resilience policy.
Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
Annie is the Programme Manager for Cyber Resilience at techUK. She first joined as the Programme Manager for Cyber Security and Central Government in September 2023.
In her role, Annie supports the Cyber Security SME Forum, engaging regularly with key government and industry stakeholders to advance the growth and development of SMEs in the cyber sector. Annie also coordinates events, engages with policy makers and represents techUK at a number of cyber security events.
Before joining techUK, Annie was an Account Manager at a specialist healthcare agency, where she provided public affairs support to a wide range of medical technology clients. She also gained experience as an intern in both an MP’s constituency office and with the Association of Independent Professionals and the Self-Employed. Annie holds a degree in International Relations from Nottingham Trent University.
Olivia Staples joined techUK in May 2025 as a Junior Programme Manager in the Cyber Resilience team.
She supports the programs mission to promote cyber resilience by engaging key commercial and government stakeholders to shape the cyber resilience policy towards increased security and industry growth. Olivia assists in member engagement, event facilitation and communications support.
Before joining techUK, Olivia gained experience in research, advocacy, and strategic communications across several international organisations. At the Munich Security Conference, she supported stakeholder engagement and contributed to strategic communications. She also worked closely with local and national government stakeholders in Spain and Italy, where she was involved in policy monitoring and advocacy for both public and private sector clients.
Olivia holds an MSc in Political Science (Comparative Politics and Conflict Studies) from the London School of Economics (LSE) and a BA in Spanish and Latin American Studies from University College London (UCL).
Outside of tech, Olivia enjoys volunteering with local charities and learning Norwegian.
