A real-time snapshot of the most frequently made comments by federal IT executives, some of which may come as a surprise.
Why is being the director of research at GTRA the coolest job for anyone interested in Federal IT? For me, it is because you get to speak candidly and off the record with countless executives from Defense, Intelligence and Civilian agencies who share what they REALLY care about, not what mandates and initiatives tell them to focus on. Since I am currently neck-deep in research for our June 2012 Council Meeting, I thought this is a perfect time to share some of the most frequently uttered comments I've received over the past few months which may or may-not come as a surprise.
#1: "Doing More with Less" is so 2011... now I am all about Efficiency - As we all know, the Federal IT community loves its buzzwords. The funny things is that while terminology may change frequently the underlying problems and solutions being talked about do not, which is exactly what is going on right now with all the talk of efficiency. It took most of 2011 for executives to go through the emotional rollercoaster related to reduced budgets: shock, anger, frustration, venting (lots and lots of venting...) and finally, acceptance. Thankfully, executives are now looking forward and taking a more positive spin on the problem by focusing on how to create a more efficient government through technology. Rightfully so, OMB is working hard to push this trend by focusing on how cloud, mobility, shared services and collaboration can help achieve this. I've even heard more than one person tell me that budget cuts were a good thing because without them there was not enough self-motivation to focus on efficiency, a view I completely agree with.
#2: How do I know I can Trust my Vendors with my Data? - With executives becoming more familiar with the Cloud and deepening their understanding of how it works, the sophistication with which they are discussing cloud security has also increased. The most savvy CXOs I speak with voice concern about the security of their cloud vendors as it relates to Data: Where is it stored? How is that data center secured? Who has access to that data and where are they located? How would a breach be handled in the event the data and/or perpetrators are located outside of the US? FedRAMP is a phenomenal first step in the effort to identify and qualify trusted vendors but many in the community are already asking for more sophisticated tools and resources to address this concern as mission critical applications like email (which often carries extremely sensitive data) move to the Cloud.
#3 Big Data sounds cool, but.... - Almost on cue, Big Data is the latest word everyone likes to throw around to show how cutting edge they are, but very few executives I speak with truly understand it and even fewer are using it. What's even more interesting is the number of times I've been told "Well to be honest, there is no mandate to use it so it's not big on my radar". As I said in last month's blog, except guidance and initiatives to start rolling out over the next few quarters, but right now only the earliest of early adopters in Federal IT are digging into the benefits and uses of Big Data. (That said, Big Data will bring big value in the near future so if you want to differentiate yourself from the pack this is a great way to do it!)
#4 I Hate BYOD - 'Bring your own device' initiatives across the government are the one area where I see the biggest gap between implementation and genuine support. Since I am from the 'don't fight it, manage it' school of thought as it relates to the ever-changing culture and demand of employees, I personally am a fan of BYOD. However, a surprisingly large number of executives I speak with say that while they understand why it's being done, they feel security is being compromised by the rush to implement BYOD. Phones are not as big of a concern as tablets, which many say should only be used as remote terminals and nothing more. I don't see the BYOD trend going away, but I do think it will take some more convincing before executives are fully comfortable with the idea.
#5: I finally get it... Security is about People and Culture, not Technology - Perhaps one of the most gratifying trends I have noticed is that an increasing number of executives are not simply uttering the word "security" and "risk management", but seem to be maturing in their understanding of what it takes to build a truly secure organization. It seems the masses have begun to understand (and vocalize) that technology alone will not solve the problem. More than ever before I see IT modernization strategies which include significant focus on people, training, education, collaboration and culture as keys to security. Over the past several decades technology has been adopted without the proper due diligence on security issues, but as agencies move to the cloud they are proactively asking smart questions balancing technology, people and governance. I have several theories on why this is the case, but what's most important is that this shift is finally happening to the delight (and relief) of many
What are YOUR thoughts on some of the most important and talked about issues in the Federal IT community? Do you agree with the points above? Please share your thoughts with the author here or on TWITTER.
The Government Technology Research Alliance (GTRA) is a 510(c)3 non-profit organization comprised of public and private sector leaders dedicated to the development and success of the government IT community. With over 10,000 members, GTRA provides multiple forum to collaborate, strategize and create innovative solutions for the common challenges facing the civilian, defense, and intelligence communities in areas including Infrastructure, Cyber Security, Cloud Computing, Enterprise Architecture, IT Reform, Sustainability, Health IT, Acquisition and Leadership. By sharing best practices and lessons-learned, knowledge at the executive-level is exchanged among peers and results in actionable government-wide strategic plans to meet OMB, White House, DoD and agency-specific objectives/mandates.