The Federal Government Buckles Up for IT Modernization

Like so many industries worldwide, federal governments are growing more dependent on technologies to grow, evolve, and survive. However, with the rise in ransomware attacks, it is increasingly risky to run government agencies on aging information technology infrastructure, software, and services. 

The Office of Budget Management and the General Services Administration could spark much-needed change through the Technology Modernization Fund. An announcement by the OBM and GSA in June 2022 indicates that $100 million of the Fund will improve IT modernization in the federal government and streamline digital services throughout the nation.

In March 2022, President Biden signed an Executive Order to modernize the federal government’s development of digital assets. It included:

• Acknowledging the risks created by digital assets
• Expanding safe and affordable access to financial services through digital assets
• Identifying financial stability risks
• Addressing of ransomware and other cybercrime by the Department of State and other key federal agencies
• Expressing a willingness to cooperate internationally to innovate and modernize in the field of digital assets
• Reducing the cost of access to governmental financial services
• Ensuring the responsible implementation of digital asset technologies

President Biden’s Budget of The U.S. Government Fiscal Year 2022 specifies $9.8 billion for cybersecurity and $500 million for technology modernization, and mandates to reskill and upskill a workforce that can build, run, and secure federal data and IT systems.

These big investments are needed because the status quo of using outdated systems is inviting attacks on America every second of every day, according to a 2020 report by the Cyberspace Solarium Commission. 

The Stagnant Status Quo of IT Modernization in the Federal Government

“The status quo is a slow surrender of American power and responsibility,” the CSC warned.

Federal agencies oversee a complex web of technology with myriad nodes safeguarding national secrets; organizing precious human, natural, and fiscal resources; providing essential services to citizens; and securing critical assets for American energy, transportation, and defense. Unfortunately, this web has become as vulnerable as it is vital to essential services.

Case in point: The January 2022 cyberattack against Bernalillo County, NM, caused several county departments and government offices to close. The fact that cybercriminals could so easily shut down these essential services rang serious alarm bells in Washington, where investment in federal government IT modernization lags behind many private sector organizations.

As cyberthreats mature and multiply, there are fewer reasons to keep kicking the can down the road when it comes to modernization. However, the number of fast-moving parts and shifting paradigms in the enterprise computing world can be mind-boggling. Policymakers are turning to IT experts to understand new capabilities, especially from emerging hybrid multicloud IT operations, so they can map out investment strategies that will help government agencies succeed now and in the future. 

The Department of Defense’s July 2021 cancellation of the Joint Enterprise Defense Infrastructure contract – a 10-year deal with Microsoft – signaled it was time to embrace a variety of new cloud computing technologies and services rather than rely primarily on one provider. 

“With the shifting technology environment, it has become clear that the JEDI cloud contract, which has been long delayed, no longer meets the requirements to fill the D.O.D.’s capability gaps,’’ the Pentagon said in an announcement reported in The New York Times.

The Role of Hybrid Cloud Infrastructure in IT Modernization

Source: Microsoft

IT modernization trends in the federal government and other organizations

Many private sector industry leaders shifted to a hybrid cloud IT operation because it gives them scalability, flexibility, efficiencies, quick access to innovations, and layers of security, according to Kanuj Behl, Cloud Architect of Nutanix.

“With the agility and stability that the cloud provides them, they get completely out of the business of managing hardware,” Behl said. “This allows them to rely on software that doesn’t lock them into any one particular provider. Adding the flexibility of multiple clouds gives them the freedom of choice to move applications and workloads where it makes sense, both fiscally and operationally.”

According to Nextgov, President Biden requested $58.4 billion (up from 54.2 billion allocated for 2021) to support IT at civilian agencies in full-year 2022. It “will be used to deliver critical citizen services, keep sensitive data and systems secure, and further the vision of digital government,” according to budget documents released in late May 2021. This funding would support a move away from customized IT tools, systems, and services toward the IT modernization that the federal government requires in its platforms and systems.

In July 2021, the Biden administration introduced a ransomware task force and Stop Ransomware, a federal website to help businesses and government agencies improve their cybersecurity. These efforts continue to bear fruit, as seen in August 2022 when the FBI was able to advise compromised U.S. entities on the activities of Cuba ransomware actors.

The Need To Update Legacy Systems

Among federal agencies operating the 10 most critically aged IT systems, only two have fully developed plans to modernize, according to the Government Accountability Office. These older legacy systems present a dangerous challenge for cybersecurity and the nation as a whole.

“Legacy systems are hard to secure because the support for them is going out and the computational capability isn’t up there. So when you adopt modern security techniques, it’s harder to [apply] them,” said Ning Zhang, a professor at Washington University in St. Louis who researches vulnerabilities in cybersecurity.

Not surprisingly, the federal government is a consistent target for cyberattacks and sabotage, whether by nation-states or nefarious individual bad actors. This makes IT modernizations of federal government systems a crucial part of America’s defense.

The GAO reports that legacy systems are “operating with known security vulnerabilities and unsupported hardware and software.”

In the absence of thoughtful change, some of these systems may become susceptible to crippling hacks, making it harder for citizens to access critical government services and federal agencies to execute their missions.

Source: IR.com

Comparison of the advantages and disadvantages of keeping legacy systems within an organization

“It’s difficult to embrace new paradigms and modernize since these systems often run mission-critical applications or processes,” according to The Four Pillar of Government IT, a report by data management firm Splunk. 

“The cost and risk associated with replacing, retraining, management overhead, budget constraints, and a fear of reputational damage associated with any prolonged interruptions has driven agencies to maintain these legacy systems long after official support has expired,” the Splunk report stated. 

Without regular updates that keep them current or the ability to integrate with newer software and hardware, legacy systems are costly to maintain – and these mounting bills get passed along to the American taxpayer.

Ongoing Modernization Efforts in the Government

However, there is good news: The GAO has identified at least 94 examples of successful IT modernization in federal government agencies within the last five years.

“When you modernize, things get resolved much better,” Zhang said. “For example, if you have an intrusion detection system with modernized infrastructure, you know what’s happening, how to get people there and how to keep track of it. I think that can be helpful, particularly for complex infrastructures.”

Cloud computing is a core component of the public sector’s plans to modernize its systems. Even though the federal government has had a longstanding directive for all of its agencies to adopt cloud computing, only 56% of federal government offices have cloud-based government IT solutions, according to a survey of government personnel by Maximus and Genesys.

This lack of adoption inspired U.S. Federal Chief Innovation Officer Suzette Kent to propose in 2019 a new, cloud-first approach to government IT based on three pillars: security, procurement, and workforce.

“Collectively, these elements embody the interdisciplinary approach to IT modernization that the federal enterprise needs in order to provide improved return on its investments, enhanced security, and higher-quality services to the American people,” Kent states in her Federal Cloud Computing Strategy.

Government IT Strengthens the Edge

State and local governments are in a constant state of data gathering – as much as terabytes per day – as they implement new smart government technologies, according to State Tech Magazine. Increasingly, agencies are finding ways to analyze data efficiently to make decisions on the spot where action can be taken, whether that’s around traffic control, emergency alerts and response or surveillance to name a few. To leverage real-time data, they’re building more digital capabilities across cities, counties and wherever citizens benefit from government services.

“Edge computing is part of a broader story where you’re replicating data center architectures everywhere, from central locations to retail and department of motor vehicle branches, offices and emergency services,” said Larry Lunetta, vice president of wireless LAN and security solutions marketing at Aruba, an HPE company.

“We’re now able to put very economic compute storage and networking resources in local places to do the edge computing that’s required.”

State Tech Magazine reported that one of the challenges that many state and local governments face with an edge computing framework is figuring out what to do with the high volume of data they collect. Management is also a challenge; infrastructure is spread out, with devices gathering data in many locations.

Without some sort of centralized management solution, organizations may not have the proper visibility to keep the flow of data running smoothly, according to the magazine. These challenges could be abated with the help of strategies and best practices from federal government IT agencies.

Empowering Peace of Mind With IT Modernization in the Federal Government

Although the financial and operational benefits of private and public cloud IT are widely known, security is a serious and sensitive aspect of cloud implementation in the government, which could explain its slow adoption. There are smart ways to go about it, according to Kent.

“Given the distributed nature of cloud and the growing number of discrete capabilities and deployment models available to choose from, agencies might consider moving or adding security and privacy controls to the data layer itself, improving their overall security and privacy posture, empowering them to fully embrace cloud technologies while granting them peace of mind that the confidentiality and integrity of their data are intact,” Kent stated in the Federal Cloud Computing Strategy.

“The use of automated and assistive technologies such as artificial intelligence and machine learning can help agencies to further improve security.”

Beyond the cloud, another part of the federal government’s IT modernization plan is the Data Center Consolidation Initiative, which compels agencies to consolidate their data centers and optimize their operations for more efficient data management.

Splunk’s report points out that agency systems often reside and operate in silos without end-to-end visibility. 

“IT administrators need to know how all their cloud solutions are performing and interacting, but it can be difficult to get a clear view of disparate workloads,” stated the Splunk report. “Without clear visibility, one cloud solution may be unnecessarily scaled to provide significant computing or storage, while another solution goes underused.”

By discarding more costly or unnecessary government IT systems and optimizing newer applications, instead, these strategies can help government agencies improve citizen services, secure sensitive systems, and save precious taxpayer money.

A strong business case exists for IT modernization in the federal government. All that’s needed now are the funds and strategies to achieve it. Going forward, federal government IT teams will need to maintain a continuous improvement mindset to stay ahead of fast-moving cyberattackers.

This is an updated version of the article originally published on July 27, 2021.

Editor’s note: learn more about the Nutanix Cloud Platform, Nutanix Cloud Clusters (NC2) and other ways Nutanix helps government agencies and enteprrises power hybrid multicloud IT capabilities.

Chase Guttman is a technology writer. He’s also an award-winning travel photographer, drone cinematographer, author, lecturer and instructor. His book, The Handbook of Drone Photography, was one of the first written on the topic and received critical acclaim. Find him at chaseguttman.com or @chaseguttman.

© 2023 Nutanix, Inc. All rights reserved. For additional legal information, please go here.