The federal government’s effort to digitally transform is a constant work in progress.
Whether it’s the ever changing cyber threat or new technologies from cloud to artificial intelligence to advanced data analytics, agencies are facing a never-ending set of opportunities and challenges.
The problem agencies, and really all organizations, face is budgets are tight and priorities must be clear in order to make real progress in how they serve citizens.
But it’s not only about technologies and money. It’s also about culture change, of course.
The IT and Innovation Foundation (ITIF) said this digital transformation must also include federal leaders promoting a culture of change to combat the “that’s how it’s always been done” mindset. ITIF says this means cultivating talent, team dynamics and work environments that actively foster collaboration, communication, curiosity and flexibility.
Bill Rowan, the vice president of public sector at Splunk, said all of these requirements and opportunities are driving agencies toward a digital future that must include multi-cloud, software-as-a-service and an innovative mindset.
“One of the keys is that we understand that when analyzing the landscape and ensuring the safety and security that, while before we used to watch just one or two things like firewalls or load balancing or whatever, now we have to be looking for anomalies in what is going on today because of that transformation and because of all these different systems,” Rowan said on the Innovation in Government show sponsored by Carahsoft. “We now have to gather even more data and the time to analyze that data has gotten even more compressed. We need it as close to real time as possible.”
While the big data challenge is constant and can overwhelm some organizations, Rowan said data also can drive innovation.
“How do we take in that data and start to compare and contrast it to the rest of the environment? Those type of activities and that type of predictive analytics is what’s leading us to have a much better perspective on where the threat actors are, or for that matter, where we are just making mistakes in the way we operationalize these environments,” he said. “The question becomes how quickly can we recognize those threats? How quickly can we heal those them or fix those potential errors that we’ve made, and make sure that we’re continuing the mission of the agency?”
Ensuring secure, online apps
One of the benefits of the cloud and SaaS platforms is the sharing of new or modernized applications.
Rowan said Splunk has more than 2,800 applications in its store that were developed internally or by their customers, and most of which are free to use.
“We are starting to see modern applications now come online where we can start to put some of these security parameters in the applications as micro-services as they’re built,” he said. “How does that redefine the way we actually manage some of these environments? Can we build some of the automation, some of the observability of what’s going on in the environment? Can we actually build those into services that are part of modern applications that have the ability to help redefine the way we actually operationalize security across the board? To me, that is going to be one of the great challenges.”
Agencies can take advantage of the benefits of automation to build those secure environments. Rowan said while agencies still are in the early stages of applying these tools to their environments, over the long-term given the amount of data their environments continue to produce, automation will be their only path forward.
“We’ve got to be able to get through all the various alerts and issues that are coming across the operators’ desk. Automation is a great way to do that and help automate some of the tasks that are just a part of the course of normal operations, this is going to free up time to be able to look at what are the real issues we got to go after,” he said. “When agencies look at this particular opportunity or they look at the problem they’re trying to solve, one of the things they typically underestimate is the amount of data that is actually coming from these systems. They think, ‘well, we can handle that,’ and what they find is when they really start to collect from all these various organizations, it may be two times or three times what they thought they collected, and all of a sudden there becomes the realization, that they cannot manage this in the same way they have typically managed it in the past. And that’s where automation then comes in.”
JCDC and information sharing
Automation also will become more important as the workforce challenges continue. Agencies and the private sector recognize the constant need for more cyber expertise that is getting more difficult to find.
Along with automation, Rowan said the continued evolution of industry and government collaboration will help address the ever-changing cyber threats. He said the Joint Cyber Defense Collaborative (JCDC) from the Cybersecurity and Infrastructure Security Agency at the Homeland Security Department has helped usher in a new era of information sharing.
“How do we continue to work in a loop that we continue to strive to improve our processes and share information, not just with one company, but in the case that we’re talking about with DHS, it’s a collaboration of multiple corporations looking at this challenge,” he said. “There are certainly a lot more openness and a lot more willingness to not only identify the problems we’re struggling with and what can industry do, but how can DHS and other agencies help. I think that we’re learning more about how to do this in a broader scale than maybe initially anticipated.”