The security aspects of modernization

A White House plan and a recent survey of federal IT leaders highlight the need for collaboration when it comes to creating a secure, modern IT environment.

Shutterstock image.
 

IT modernization has resurfaced as a topic of conversation in the federal government in the past month. On Aug. 30, White House officials issued a draft report on the Trump administration's plan to modernize federal IT. It directs agencies to move more swiftly to the cloud, consolidate networks and prioritize the modernization of high-value, high-risk assets.

The following week, a report by research company Market Connections found that many agencies -- in the opinions of their own managers -- were not as successful in their modernization efforts as they could be. On behalf of Unisys, the company asked about 200 federal IT decision-makers to self-grade their agencies' modernization efforts. Only a small minority of respondents gave their agencies' efforts the top grade of A, and more than half rated their several activities at the middle grade of C or lower.

Although the release of those documents at roughly the same time was coincidental, the results of the survey underscore the recommendations made in the White House document: the need for greater efficiency, shared services and cross-agency collaboration.

When asked about the benefits they seek to achieve through modernization, participants in the Unisys survey cited enhanced security (38 percent), greater operational efficiency (35 percent), ability to meet mission goals (33 percent) and reduced costs (26 percent).

Similarly, when respondents were asked about the most important factors for successful modernization, the three top factors they cited as "very important" were leadership commitment, sufficient funds and budget, and skilled technical staff.

The results reflect a high level of awareness among federal IT decision-makers of what they need to achieve their modernization goals. But when asked if they agree with the notion that IT modernization journeys are unique to each agency, many more agreed than disagreed (109 versus 42). Of those who agreed, 61 percent said all agencies have unique modernization needs, and only 8 percent said agencies were unique but had common needs.

Although it is true that each agency has a unique mission, culture, risk appetite and level of maturity in IT implementation, which can lead to unique IT modernization requirements and goals, the White House report makes it clear that there is plenty of room for collaboration. Many of its recommendations emphasize points such as the consolidation of network acquisition and management and shared services related to the cloud and security.

The White House plan also makes the point that beyond the well-known efficiencies and savings offered by shared services and collaboration, those activities can help achieve modernization goals such as improving security -- the No. 1 reason for modernizing cited by respondents to the Unisys survey.

As the White House report points out: "Today, each agency must independently identify possible vendors, evaluate the security of the vendors, issue an [authority to operate], integrate the solution into their own independent bespoke IT infrastructure, and allocate resources to monitor and operate that infrastructure on an ongoing basis. The combination of these factors does not achieve consistent high-quality security outcomes."

The underlying message is clear: If agencies want to achieve the goals they have cited for their modernization efforts, they must not view themselves as unique and must instead seek areas of common need that can be addressed through shared services and collaboration.