Government agencies and contractors should embrace the cloud and its ability to save money and increase security but culture resistance remains high.
Every day, American consumers enjoy the benefits of cloud computing. From streaming music to online shopping to social media, our daily lives are shaped by cloud-driven technologies that enable virtually unlimited information and content to be more securely stored and accessed from any location.
These advances came from innovative companies that were unafraid to take risks and pushed forward new initiatives that have redefined how we interact with our friends, families, business associates and others.
Unfortunately, such innovation has not been replicated in the public sector. While pockets of success have emerged, such as the CIA’s private cloud for the intelligence community, dubbed Commercial Cloud Services (C2S), too many agencies have failed to fully utilize these more secure, cloud-based technologies.
Entrenched resistance to change
Many federal officials, to their credit, are now recognizing this situation and making strides to rectify it. In a report to Congress explaining its need for cloud computing, the Department of Defense summed up its current legacy information technology environment as, in a nutshell, “not optimized for the 21st century” – and the same can be said of much of civilian agency IT as well.
This lag by government agencies to modernize can be attributed to a host of factors, including rigid and often prohibitive technology acquisition rules, a “how-we’ve-always-done-it” culture within the federal bureaucracy, and the desperate pressure applied by the “Old Guard” providers of legacy IT to convince government customers to hold on to outdated systems.
In addition, a lack of understanding of the benefits of cloud computing also plays a part in emboldening some decision-makers to resist cloud migration and other innovative changes.
Infrastructure modernization researchers determined in 2016 that federal spending on IT per employee is almost $40,000, nearly four times the average per employee spend rate in other industries.
Other experts have quantified the “old technology” deficit – that is the share of technology that will need to be replaced because it is approaching its end of life. They have found that an estimated $60 billion is spent each year by the federal government simply to maintain legacy IT systems – and this problem is compounded by a younger federal workforce that increasingly is not trained to maintain half-century-old systems using COBOL or other dated programming languages.
While the reluctance of our government to modernize imposes huge costs that are ultimately borne by taxpayers, the security threat posed by this late-to-the-game approach to cloud technology is real.
We should not be sending our warfighters into harm’s way without the absolute best possible threat information sharing and communications systems, nor should we leave our non-military assets vulnerable to attack.
To this end, we must take strong action to modernize and better protect our military systems and personnel, and our civilian systems and data.
To illustrate the point, look no further than the 2015 Chinese espionage operation that compromised the background investigation files of 22 million federal employees and contractors. Government officials later admitted that these OPM files were not encrypted because the systems were simply too old. This is an unacceptable security risk.
President Trump and Congress agree that government IT systems must be modernized. The President issued an executive order in May 2017 that said, "The executive branch has for too long accepted antiquated and difficult-to-defend IT," and that, "effective immediately, it is the policy of the executive branch to build and maintain a modern, secure, and more resilient executive branch IT architecture."
To achieve this, the President directed that each agency head use the NIST Cybersecurity Framework (CSF) to better manage cybersecurity risk, and to "show preference in their procurement for shared IT services, to the extent permitted by law, including email, cloud, and cybersecurity services." The President’s actions represent an aggressive move to revolutionize the federal government and provide better and more efficient services to the American taxpayer.
Congress has also signaled its strong support for this effort through passage last November of the Modernizing Government Technology (MGT) Act. This new law authorized federal agencies to reprogram unused IT budget allocations to fund future modernization efforts and established a separate, government-wide fund to further support modernization.
The American consumer is already enjoying the benefits of commercial cloud computing and shared services. If the president and Congress agree, then moving the government in the same direction is a no brainer. Taxpayers should demand that their government stop wasting money on ineffective, inefficient, and unsecure systems.
A move toward shared IT infrastructure is not only the obvious path forward, it’s essential, and should be pursued expeditiously before billions more tax dollars are wasted and additional security breaches occur. Government officials should no longer heed the entrenched forces of resistance to innovation and instead deliver the best possible and most secure services to the American taxpayer.