The mass pivot to telework was the first, and probably most visible weather front of “the perfect storm” that state and local governments had to face as part of their need to adapt to the pandemic—and which is likely to hit the Federal government with increasing severity after the next Fiscal Year:
When resources get scarce, ‘support elements’ like IT, security, and HR historically take extra budget cuts as organizations try to preserve their core mission functions. But the recent mass pivot to telework has showcased IT and security as key enablers for ensuring the continuity of critical government functions and services.
IT teams were given resources they needed to make this transition possible since it was recognized as mission critical and key to enabling government services to continue to operate after their employees were sent home. And IT responded by doing yeoman’s work to enable new functions, such as accelerating deployment of Robotic Process Automation “chat bots’ that have now become first line of engagement for many citizen services during lockdown. And extended security functions have allowed some classes of information (medical, financial, etc.) that had previously been precluded from use outside of the traditional enterprise network and facility to be accessed by remote users.
The challenge is that short-term flexibility IT and security staffs had are likely to vanish as resource competition grows. It’s useful to note that, along with the kudos they received for enabling the successful pivot to telework, many IT and security departments were also given budget cuts as a result of cuts across the board. 2021 is likely to bring an even bleaker fiscal climate to state and local governments nationwide.
In other words, many in IT have been put into a ‘do more with less’ situation as they try to keep their agencies and teams afloat in the midst of this perfect storm. And in these situations, security is frequently a place to impose cuts and absorb risk without apparent impact—until a major breach occurs and the finger pointing begins.
IT and security leaders need to identify and champion transformational technologies and consider changes to their organizational behavior. And since teams can’t count on being able to spend more to meet the growing demand for digital services, they will need to do this by spending smarter—and that begins by building and tightening the partnership between IT and Security.
Government typically lags behind the private sector in the implementation of digital transformation, often by several years, due to the nature of its procurement, policy, and processes. Governments work in funding and program development cycles that can stretch to as long as six years—an approach that doesn’t really have a private sector equivalent, and a timeframe in which many companies will have gone through multiple generations of technology. The current need to keep agencies running in spite of the pandemic and its likely long-term effect on resources and demand for services is an opportunity to close that gap. Rather than following every step of the private sector’s implementation and refinement of technology, however, the government can skip a few steps and adopt—or adapt—state of the art technologies.
I recommend you consider adopting and implementing technologies such as multi-cloud and Software Defined Networking that:
We often talk about ‘the need to get security a seat at the table’ in programmatic decision-making, and to avoid the “Dr. No” situation of security weighing in to shape—or even trying to veto—a fully baked initiative. These problems can be obviated by shaping options for the ‘digital the art of the possible’ for an organization through dialogue between IT and Security. Once a menu of viable options has been framed, the dialogue can broaden to include other stakeholders within the organization.
There are also ways to tighten collaboration with stakeholders such as finance and other mission critical partners ranging from holding periodic and focused meetings (‘that which gets on the agenda gets attention—and often makes progress’) to forward-deploying staff (embedded personnel) in these organizations or evaluating managers on progress against specific measures of collaboration and teamwork. The private sector has lessons learned in this area from the field of Enterprise Risk Management that government should look at.
This issue is that important—and if you are trying to change the way your organization operates by fostering cross-functional partnerships, it is imperative to lead by example. I am reminded of the Peter Drucker quote. “Culture eats strategy for breakfast”—meaning organizational culture and its inertia can sabotage any novel idea, no matter how important. So in this case, leaders need to set the tone and demonstrate ‘the new normal’ for collaboration.
Fortunately, many state and local governments already have a degree of collaboration and synergy between IT and security. But in many cases, it will need to be brought to the next level. Such collaboration will be increasingly necessary for success, not just a ‘nice to have’ feature. Leaders may need to focus on transforming their organizational culture and behaviors as well as their technology if they are to provide the expanded and secure digital services that citizens need, especially in the face of uncertainty and diminishing resources.
Organizations that had to shift their workforce to a work-from-home posture due to COVID-19 are now grappling with their options for what work patterns and physical footprints will look like going forward under ‘the new normal.’ Entrenched cultural notions of the necessity of physical work location were overturned almost overnight. Now, most organizations are considering continuing telework to some extent, with many starting to examine the implications in terms of the number, size, and function of their physical offices.
What will the ‘new normal’ for organizations look like in terms of:
FOOTPRINT: Rethinking the size, number, and location of physical offices.
FUNCTION: Considering the advantage of hoteling vs. the continuation of dedicated desks for designated staff, and the use of locations as warehouses of resources or functions (e.g., materials, training, or collaboration hubs) that can’t be readily provided to remote workers
An alternative option to choosing between continued telework or a full return to the office is a hybrid solution.
These and similar issues are all under consideration in both the public and private sector. These issues can be either a challenge or an opportunity, depending on how local leaders choose to address them. For forward-thinking leaders, this recent sea change represents an opportunity to break free of the current planning, procurement, and innovation cycles that prevent governments and agencies from keeping abreast of rapid digital transformation. When technology innovation proceeded at a slower and more predictable pace, current policies and procedures made good sense. But in today’s world, where breakthrough technologies and cultural shifts are happening at a breakneck pace, opportunities to change the system need to be seized. Many in government say ‘never let a good crisis go to waste’, and the transformational changes wrought by COVID bring the opportunity to innovate and find new ways for governments to meet the needs of their employees and the citizens they support.
Learn how public and private sector CISOs can leverage Zero-Trust to secure their networks as their workforces work remotely in the podcast below.