New technologies will only continue making their way into government IT shops, and CISOs cannot always be the ones to say “no.” A smart management approach will ensure smooth adoption with cybermeasures in place.
As we head into the 2020s, emerging technologies are both exciting and a bit scary at the same time.
On the positive side, the definition of “government service” is changing before our eyes. From artificial intelligence and the Internet of Things to 5G apps and autonomous vehicles, the list of startup opportunities promises to revolutionize government (again) over the next decade. Plus, the smartphones in our pockets have the power to enable digital transformation in government on a scale that seemed like a far-fetched fantasy at the beginning of the millennium.
But, if history has taught us anything over the past two decades, the Achilles’ heel to these advances in technology will continue to be cybersecurity. The Internet is an accelerator for both wonderful ideas for good but also bad actors, data breaches and privacy violations.
So what can be done? Here are tips to help enable the good and disable the bad.
1. Stop saying “no” when you are approached with innovative tools to improve customer service. Instead, security and technology professionals should strive to:
2. Mandate cybersecurity at the start. Executives need to build security into government solutions from the beginning of projects and throughout the entire life cycle. Cybersecurity is a tool that enables new possibilities to break down old barriers and you must provide resources to ensure security is done right. While security is a part of everyone’s role, cybersecurity ambassadors need to be included on key strategic project teams. Oftentimes, cyberprotections are an afterthought for major projects, or security is added only after a data breach. This must change.
3. Embrace new tech, like IoT, inside security shops. Too many organizations are leaving new technologies to business areas and/or “shadow IT” groups. They see these areas as not central to the mission.
For example, they don’t see IoT deployments as part of their job. But according to a 2019 Microsoft study of more than 3,000 private-sector executives across the globe, IoT adoption is expected to accelerate with 94 percent of public- and private-sector organizations by 2021. Consequently, the top three security concerns on the minds of leaders are:
4. Partner with the private sector. Perhaps you’re thinking that you just don’t have the expertise to implement a new technology securely. There are plenty of innovative companies who would love to help and guide you, but who can you trust?
Most governments are not the first to deploy these new tech products and services. Look for case studies from other successful implementations and watch for success stories from groups like the National Association of State Chief Information Officers or Federal CIO Council.
5. Good security is all about the people. It’s tempting to always run to the latest and greatest new solution. But whether you are implementing a $150 million tax system, a $25,000 security appliance or a cloud-based server, most security problems come from people-related issues or processes that are inadequate or not regularly secured, updated or tested properly.
Ensure that your cybersecurity automation is implemented with people, process and technology in mind. Go back and double-check assumptions with your team.
The 2020s promise to be a decade filled with amazing new technologies that make government even more accessible to the masses in new ways. But cyber is left out of these projects at your peril.