Consumers expect modern, digitally-enabled experiences from global brands. As digital transformation initiatives enable enterprises to deliver better products, services, and experiences, consumers’ expectations of other types of institutions are shifting, as well.
Citizens now eye public sector institutions. They demand the same speedy and seamless consumer experiences from their local, state and federal government agencies. This opens up a huge opportunity for public sector CIOs to rethink and redefine IT’s role.
So, where are public sector CIOs focused as they look to the future?
Every year, the National Association of State Chief Information Officers (NASCIO) surveys U.S. state government CIOs about their top priorities for the next calendar year. The top of the 2019 to-do list looks a little something like this:
Security and Risk Management
- Implement a security framework to protect sensitive data.
- Provide awareness training to help mitigate internally generated threats.
- Use analytics and automation to address cybersecurity staffing shortages.
- Deliver applications across multiple cloud environments.
- Implement a cloud brokerage model to meet various departments’ needs.
- Modernize app delivery and management with containers.
Consolidation and Optimization of IT Services
- Centralize and consolidate IT services, operations and infrastructure to drive efficiencies across agencies, departments, and teams.
- Improve citizen experiences and accessibility to digital government services.
VMware state, local and education (SLED) strategist Herb Thompson sat down with former and current public sector CIOs to discuss what factors are shaping digital transformation priorities. The following are key takeaways from that illuminating discussion.
Cybersecurity Is Everyone’s Responsibility
When it comes to cybersecurity, the stakes could not be higher for public sector CIOs. Their scope looms large as they are responsible for:
- Protecting citizen and customer data.
- Locking down access to top-secret material.
- Safeguarding IT infrastructure that keeps critical public services (i.e., law enforcement, transit) and infrastructure (i.e., electric grid, water supply) running.
IT leaders are keenly aware that the number of cybersecurity threats is on the rise. So too are the number of hours that information security (InfoSec) teams log to ensure a threat doesn’t slip through the cracks. And when you consider that the public sector experiences more cyber incidents than any other industry, according to Accenture research, the task at hand can be daunting.
InfoSec burnout is something that cannot be addressed by simply adding more staff, suggests Matt Van Syckle, chief technology officer for the U.S. state of Montana. IT leaders must also look to automation to reduce the workload of existing staff.
“Automation is the key to driving security and infrastructure forward in the future,” says Van Syckle. “It’s not necessarily just focusing on adding more staff to address the staffing issue. It’s a two-pronged approach — add or train more staff while also layering in automation to help reduce the current workload.”
Another area where public sector IT leaders focus on is security training to raise awareness among employees and customers. The CIO at the University of Northern Texas System, Rama Dhuwaraha (now CEO of Frisco Labs), launched a security awareness program for all university staff.
“In our experience, 70 to 80 percent of all security problems arose due to internal actions,” explains Dhuwaraha. “As participation in our security awareness program rose year after year, the metrics showed a decrease in risky behaviors, such as clicks on ransomware.”
Van Syckle agrees. “Cybersecurity and security as a whole is everyone’s responsibility. With training and education, employees can identify when something doesn’t look right and say something. If only the security team is aware and looking out for threats, there will be blind spots.”
There’s More to “Cloud-First” than Meets the Eye
The Federal Cloud Computing Strategy was referred to as “Cloud First” when launched in 2011. Following a 2017 update, it’s now referred to as “Cloud Smart.” The strategy aims to accelerate the pace at which U.S. government agencies adopt cloud-based solutions.
With this new mandate driving its cloud journey, the public sector has steadily made progress in realizing the value of cloud computing. Not without challenges, though.
During the conversation, leaders emphasized the importance of acknowledging the unique position in which many public sector institutions find themselves. Many of these agencies and institutions are hundreds of years old and now deal with decades-old legacy IT infrastructure.
“You hear a lot about being ‘cloud-first.’ That’s a great approach for many companies starting from scratch. But when you have 165 years of history behind you, that’s not a practical approach,” says Dhuwaraha. “So, any cloud strategy needs to be met with the reality of the situation on the ground before you execute a plan to get you to the desired end state.”
When selecting cloud environments to run applications and workloads, Thompson notes that many public sector CIOs choose to remain cloud-agnostic.
“When I ask customers about why they’ve adopted a cloud-agnostic strategy, many of them state they want to avoid getting locked into any single cloud provider,” says Thompson. “All that is fine and well, but I often caution them that a cloud-agnostic strategy will fail if consideration is not given to consistent management and security across all cloud services. I see that area — providing that consistent management and security layer across a multi-cloud environment — as the VMware secret sauce.”
Using Emerging Technology to Bring a Consumer-like Experience to Public Services
Citizens and residents expect a consumer-like experience for all their government services. The public sector is turning to emerge technologies, including artificial intelligence (AI) and the Internet of Things (IoT), to innovate service delivery.
Dhuwaraha describes how the University of North Texas System reimagined how apps were delivered to students, particularly as Gen Z entered the college population.
“Many people refer to Gen Z as the ‘I-Gen,’ because they want all of their experiences to be customized and individualized to them,” he explains.
To provide a more personalized educational experience, his team dug into app data to learn more about how students prefer to learn, collaborate and share. Using AI to analyze this data, they better determined what kinds of apps and digital experiences students wanted.
Public sector institutions also look at how they can collect data at the edge to better inform operational decisions.
In Montana, for example, the Department of Transportation (DoT) will utilize IoT sensors to help determine when plows need to clear snow from roadways. Cameras on the plows will help feed data back to Montana DoT officials, giving them a sense of current driving conditions.
Yet, Thompson cautions that collecting data from IoT endpoints is just part of the equation.
“It’s not just about getting data off of IoT sensors. This must also be coupled with data analytics,” he says. “The real magic happens when predictive analytics pull insights from all that sensory data and help leaders make informed decisions to better serve their constituents.”