Federal government needs to embrace the cloud or fall behind

There have been a number of stories over the past year about how the federal government is moving at a glacial pace in its journey to the cloud. Much of the reporting has left me shaking my head and wondering if those reporting really understand what cloud technology is all about and why the cloud is so critically important from a global technology leadership perspective.

Applying the Law of Parsimony, I’d like to explain what the cloud is and highlight what I believe gives the cloud the catalytic potential to transform and boost our entire government — civilian and military — by taking advantage of this key component of the digital revolution.{mosads}

The cloud simply refers to someone else’s infrastructure on the internet where you access your applications, store your data, and/or utilize software as a service (SaaS), rather than in your local data center or on your local computer. It’s really just a globally distributed and connected network of virtual servers that operate seamlessly and can be accessed from any internet connected device in real-time, whenever you wish.

Flexibility is one of the hallmarks of the cloud and since every organization is different and utilizes technology in diverse ways, the cloud offers a variety of public cloud, private cloud and hybrid cloud solutions — which are exactly what they sound like.

The benefits of the cloud are numerous and here are three clear examples:

• Less dependency on legacy software and systems. Cloud service providers are in an incredibly competitive market, and they need to stay aggressive with the best technology available. The commercial cloud can vastly increase the ease and speed of development and deployment of new applications and platforms which is very appealing to customers. There can be huge cost and security savings associated with eliminating old technology that requires constant maintenance and patching.
• Cloud service providers are highly incentivized to deliver the best security available because a bad day can impact thousands (or millions) of their customers. They spend and allocate whatever resources necessary to prevent a security incident, something very few private companies or government organizations have the luxury of doing. A recent MeriTalk report states that, “96 percent of DOD managers say their organization’s current technology solutions are in need of IT modernization, with the majority saying at least half of their systems are outdated.”
• Using a cloud provider can decrease the physical data center and carbon footprint resulting in significant manpower, real estate and environmental (electricity and HVAC) savings. Cloud service providers almost universally use virtualized technologies which allow them to exponentially scale technology and gives users the flexibility to purchase technology by the bite, instead of buying the entire farm.

If the cloud is so wonderfully efficient and offers so much in the form of cost savings and security, why is the federal government lagging so far behind private industry in the adoption of cloud technologies?{mossecondads}

Here’s a serious and radical question that I don’t think has been sufficiently explored: Are the government’s security concerns and requirements really all that different than those of the private sector? I obviously don’t mean classified information — but in general, is routine information from any civilian federal agency, or even the Department of Defense, any more important than the routine information of a Fortune 500 company? Discounting the irrational notion that government departments and agencies typically think everything is sensitive and critical, I propose that any private sector CEO worthy of the title is equally apprehensive and protective of his or her organization’s security posture, intellectual property, and employee and customer information.

According to a recent Gartner report, “By 2023, 50 percent of enterprise security buyers will treat Tier 1 cloud providers (such as Microsoft, Amazon, and Google) as key security vendors/suppliers, up from less than 5 percent in 2018.”

Will the federal government be part of this wave of cloud technology innovation or will vendor and lobbyist politics continue to muddy up the awarding of contracts? We live in a world of imperfect choices and trying to find a perfect solution where technology moves at the velocity of Moore’s Law is an ignorant exercise in futility.

The private sector long ago realized that long-range technology planning cycles have less and less value and almost always result in short-term provisional solutions for long-term technology issues. Perhaps this is what led Secretary of Defense James Mattis to write in the 2018 National Defense Strategy about delivering performance at the speed of relevance and that DOD would deliver performance by shedding “outdated management practices and structures while integrating insights from business innovation.” This isn’t idle language – the status quo is unacceptable and General Mattis is very specifically calling it out.

The federal government needs to get on board with the cloud, or the nation will continue to fall behind the innovation curve.

Mark Weatherford is the Chief Cybersecurity Strategist at vArmour and the former Deputy Under Secretary for Cybersecurity at the US Department of Homeland Security