As digital transformation changes the face of entire industries; the government is next on the list. Companies are taking advantage of real-time analytics, automation, machine learning and cloud-based IT services, which enables them to reduce costs, minimize risks, and gain control of costly IT sprawl.
Currently, governments all over the world are bogged down with legacy spend - it has been reported that US federal agencies currently spend more than $80 billion on information technology, with some agencies still spending an astounding 90 percent of their IT budget on maintaining legacy systems.
Re-thinking cyber security
According to data from Juniper Research, the average cost of a data breach will exceed $150 million by 2020 — and by 2019, cybercrime will cost businesses over $2 trillion — a four-fold increase from 2015.
As cyber crimes happen more intently every day, governments should look towards updating their outdated software. With most of the supporting framework being legacy software and applications, governmental IT is susceptible to malware and cyber attacks. Older systems cost a lot of money to maintain and continuously put the user at risk. Every company holding on to legacy systems has their reason for doing so, often because their legacy software has been heavily customized, and upgrading would lose a lot of pertinent information. Still, hanging on to legacy information is extremely costly in the long run.
Using Unsupported Legacy Systems
Companies are famously bad at retiring legacy software. For example, Windows XP support ended in 2014, yet according to Netmarketshare.com, it is still the third most popular operating system in the world. The out-of-date and vulnerable Windows XP is still running on 7.04% of the world's computers, and even some governments'. The operating system was exploited by the WannaCry ransomware which hit the NHS and went on to infect computers in 150 other countries.
Due to the rapidly changing technological environment, different skills are needed to protect the information and processes of the government. The same code written in 2002 should not be trusted to support a network that houses critical infrastructure in the financial and medical industries. Sensitive information including biometric data should not be housed on legacy systems.
How current IT solutions can help:
The US administration created an initiative Technology Modernization Fund (TMF) with a budget request of $228 million to replace and retire antiquated IT. The goal of the fund is to move government IT to more modern infrastructures. There are many IT solutions that are spearheading digital transformation in corporate enterprises. The same companies could advise governmental agencies on modernizing governmental IT.
Companies to watch:
- CyberArk - helps companies find instances of overused passwords in their legacy systems.
- LeanIX - enables companies to have a transparent overview of their IT landscape, which often uncovers potential risk areas.
- Forescout - provides continuous monitoring of network solutions. Government agencies can see every device connected to their network, control their access, and mitigate threats.
- Sailpoint - the largest dedicated identity and access management for federal agencies.
Figure 1: LeanIX dashboard highlighting potential risk areas.
The future is now
There is a significant deficit of technical talent in the federal government and, if it continues, we will see more cyber attacks every day. As the digital age progresses and technology advances and the professional world gets more comfortable with cloud computing, big data, and artificial intelligence, there is an equal effort to spur IT modernization inside of government.