Can agencies gain agility, security without also layering on more complexity?

This is the sixth article in our series, The Power of Technology.

Between leading new initiatives to modernize and transform services and managing legacy systems — while also keeping on top of cybersecurity demands — “there’s so much complexity that, honestly, it has to be exhausting a lot of the time for the government’s IT staffs.”

That reality is a chief focus for Cisco when it comes to providing technology to the government, pointed out Jennifer Keating, director of the company’s partner sales organization.

“Our solutions are designed to help automate routine tasks and processes, freeing up time for more strategic initiatives,” she said during a discussion for the Federal News Network The Power of Technology series. “For example, our network automation solutions can help automate tasks such as network configuration, monitoring and troubleshooting, allowing IT teams to focus on higher-value tasks.”

To add to the complexity, there are multiple teams and groups beyond IT that must be part of the process, from congressional funding committees and senior leadership to acquisition and line of business leaders, said Tony Celeste, executive director and general manager for Ingram Micro Public Sector.

“There’s so much technology that’s available that being able to take a step back, look at it holistically and be able to link innovation and technological capabilities to delivering on mission outcomes is where the real challenge comes in,” he said.

Federal News Network talked with Keating and Celeste about the interconnected challenges that government agencies face now on the technology front but also about how technology simultaneously can power digital transformation to help address those challenges.

Challenge 1: Addressing personnel needs and training

Although consuming technology as a service is increasingly an approach taken by organizations in both the public and private sectors, “we also recognize the importance of ensuring our customers have the right skills and knowledge to effectively manage complex demands,” Keating said.

There admittedly are “a heck of a lot of demands on the federal workforce,” Celeste agreed. The ability of industry to help augment government teams with expert personnel and staffing, and to provide a wide range of managed services is therefore critical. Agencies also need industry to rapidly prototype viable solutions that they can evaluate, he said.

“Those are the kinds of things that they’re looking for industry to help them with,” Celeste said. “When push comes to shove, they also have a very strong desire to consume IT either as a utility or through a consumption or subscription model.”

That said, the cloud will not be the answer for everything, some local infrastructure will always be necessary, which is why the ability to hire, retain and upskill IT talent have become increasingly important, he added.

Celeste pointed to the Workplace Innovation Lab at the General Services Administration as having the potential to help improve retention. “The innovation lab, conceptually, could start to make working for the government much more attractive,” he said. “The ability to retain employees because now maybe individuals don’t have to be bound to a specific office or a city — they can live and work from other places, other locations — that dynamic may create an opportunity inside of the federal government workforce that didn’t exist.”

Challenge 2: Reimagining technology for a hybrid workforce

Cisco has been involved in supporting the GSA lab and its technology infrastructure. Keating noted that the Workplace Innovation Lab is helping agencies envision how to create a thriving hybrid workforce, where employees may work in the agency but also may not.

“We say 98% of meetings will have at least one remote attendee,” she said. “And you need to make sure the experience for the person who’s not in the room is the same or as close to it as everybody that’s in the room.”

The lab at GSA’s headquarters in Washington, D.C., showcases the latest innovations in office design — everything from collaboration spaces and furniture to technology. There are shared collaboration spaces, conference rooms and office spaces, divided up into six suites. Each suite has a different workspace, furniture and technology layout.

“Our CEO Chuck Robbins has said this multiple times: The office should be a magnet not a mandate,” Keating said. “The lab is an opportunity for federal agencies to try new technology and furniture options before they make any purchasing decisions.”

The emphasis is on types of products that enhance the hybrid experience, promote health and wellness, and support the government’s commitment to achieving net zero carbon emissions, she added.

Where the government lands on its final definition of what a hybrid workforce looks like for federal employees still remains to be determined, Celeste said. But it seems unlikely that all employees will be working in offices all — perhaps even a majority — of the time, so GSA leading the way with the lab is necessary, he said.

“One of the things that the pandemic did was it took down barriers, including the idea that it’s a necessity to have to physically go to the office,” Celeste said. “Unfortunately, because governments are large and bureaucratic in nature, sometimes shifts in policy tend to be very complicated.”

Challenge 3: Ensuring security of data, systems in a hybrid world

The COVID-19 pandemic also jumpstarted the move to multicloud environments, which in turn created new attack surfaces.

“People have an expectation now that they can access their information anytime, anywhere, any place. The network essentially enables that,” Celeste said. “There was a point in time when traditional perimeter security methods would have worked to keep bad actors or adversaries from gaining access to agency information. But now, to really be effective, you have to move into a zero trust model, which pushes that security all the way out to the edge.”

What’s happening and must continue to happen is that agencies will need to take advantage of location information and telemetry information of people’s devices and then apply high-level logic, like artificial intelligence and machine learning, to be able to assess the security factors in real time, he said.

“Cisco is already doing those things today with advanced analytics and machine learning — to be able to look very closely in the network and look for any anomalies,” Keating said. “These could be the physical signatures of devices. They could be packets moving in an unusual way or flow. And then, anomaly detection gets elevated and raised so that it can be investigated in near real time.”

Frankly, cybersecurity is one of the most critical issues facing the federal government or any company or anyone anywhere, she added. That’s why research into intelligent AI capabilities continues.

The potential is tremendous, but adversaries will also be looking to use these same technologies for nefarious purposes, Celeste said. “That’s why we’re looking at AI with a very measured approach: how to unlock the power that AI and machine learning has but in a way that restricts the improper use of these tools, so that we can really be effective as we go forward.”

Keating agreed and pointed to Cisco’s Talos threat intelligence platform, which helps give organizations real-time insights into emerging threats and vulnerabilities. “That’s exactly what we need as we learn more about AI and what risks exist for us, for our customers and partners.”

To read more articles in The Power of Technology series, click here.

How evolution of supply chain risk management affects supporting federal IT needs

As partners in supplying technology products to agencies, Cisco and Ingram Micro work closely with one another — and other partners — to ensure the security of the components of the products that they provide.

“Given that Cisco is the largest global network supplier and the rapid increase in demand for its technological solutions, nefarious actors try to take advantage of the supply chain to insert gray market technologies as a way of getting backdoor access into networks,” Ingram Micro’s Tony Celeste said.

It’s an admittedly complex challenge, Cisco’s Jennifer Keating added. “But we have a really important role to play in ensuring the overall security of the supply chain.”

Celeste said that Ingram Micro works closely with Cisco to inventory all items and components — particularly products in high demand or that support unique needs — so that they are readily available to agencies.

“That’s a chief reason why it’s really important to always purchase from an authorized distributor,” Celeste said.

Cisco meanwhile has implemented additional controls to verify the integrity of its software and hardware components, Keating said.

“We’ve increased our monitoring and testing of products throughout the supply chain,” she said. “We use advanced analytics and machine learning to identify potential risks and anomalies in our supply chain data. And we employ state of the art encryption and authentication technologies to protect our products from unauthorized access.”

As agencies increasingly seek software bills of materials and ask vendors for self-attestations and more, such supply chain risk management practices will prove essential for federal contractors, Celeste said.

“When we look at things like NIST 800-171 or CMMC, the Cybersecurity Maturity Model Certification, what the government is really looking to do is make sure that the transportation systems are secure, logistically that there’s resilience, that they’re able to identify where all of the components that make up a solution come from.”

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.