While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
For federal agencies, 2016 was a year of digital transformation, as the march toward IT modernization and data center consolidation continued at a steady pace.
In response, federal IT administrators began seriously embracing flexible, agile and virtualized solutions that could help them run their current networks more efficiently and securely, while avoiding decisions that lock them into proprietary or antiquated systems and networks in the future.
Going forward, we’re going to continue to see agencies invest in and deploy solutions and services enabled by network functions virtualization (NFV) and software-defined networking (SDN). These solutions and services will allow administrators to manage their increasingly complex networks more cost-effectively and easily than ever before.
We’ll also see continued movement toward an “open first” approach that emphasizes use of open standards over locked-down, proprietary technologies.
However, a more intriguing path lies ahead for agencies’ IT environments, and encompasses three key trends that I see emerging in 2017.
In 2015, I wrote about government’s risk-averse approach to procurement, which led to rigid acquisition models driven by sunk costs and constrained by past decisions.
These models caused government IT professionals to accept certain self-limiting trade-offs — staying within budget vs. providing whatever it takes to achieve mission-critical success, for example. They also led to wasteful spending; I’ve known organizations that have spent millions of dollars in back-end processes just to acquire and deploy a small number of network devices or platforms.
Thankfully, things are changing. The move to the cloud, combined with the desire for more scalability and agility in networks and systems supporting high-performance computing, Big Data and artificial intelligence, is causing a large shift to flexibility and creativity in the federal acquisition process. Agencies are looking to implement new technology faster and in different ways than currently possible under the traditional procurement methods. Government executives are also concerned about total cost of ownership and long-term value, rather than just upfront costs.
As a result, I expect that “as-a-service” or “financed” procurement models will continue to gain popularity in 2017. Agency administrators will invest in solutions that can be paid for over time, in flat payments, so that they’re not paying more in year three of an aging solution’s lifecycle than they were in year one, when the solution was new and fresh.
Agency administrators will also acquire innovative and flexible managed services, which will run the gamut of the technology spectrum and cover cybersecurity services, lab-as-a-service, virtualized routing and switching, application development, risk assessment and network management services.
In the past, agency IT leaders focused on buying cost-effective products. Now, administrators are wondering about whether all of the products in their network or system collectively offer the protections and security needed to avoid major vulnerabilities or breaches.
As the government moves toward embracing open standards that favor greater interoperability over being locked in to using certain vendors, proprietary product certifications will become less important. Instead, the focus will shift toward a need for trusted platforms. Agency personnel will want to ensure that their supply chains and code development efforts remain secure, and that there is integrity in the manufacturing process.
Some of this is the result of programs like the National Institute for Standards and Technology’s Risk Management Framework security process, which is designed to protect information systems from potential harm. After all, what good is a product certification if the development process itself is not protected and risk-free?
According to the Government Accountability Office, the number of cyberattacks against the federal government has risen a staggering 1,303 percent over the past decade. Given this trend, agencies will try to leverage their network intelligence to better protect against internal and external threats.
However, while agency IT managers want and need network intelligence to prevent bad actors from doing bad things, they also want to gain knowledge to produce for better collaboration and greater efficiencies.
Therefore, in 2017 we’ll see network administrators use available network intelligence to not only maintain lockdown security, but also accomplish missions more efficiently. Call it the year of cybersecurity and cyberoperations.
The digital transformation that has taken hold over the past two years will continue to accelerate in 2017 — but its impact will go beyond technology. Acquisition processes and approaches to security and operations will also be significantly transformed, creating a government that is poised to achieve value and interoperability through trust, open standards, and better intelligence.