Do IT modernization efforts increase security challenges?
Most government IT executives believe that IT modernization projects increase security challenges as opposed to alleviate them, according to a new study from Unisys.
A large percentage of respondents to the study also reported concern about the excessive length of the procurement process and effectiveness of regulatory mandates – which they said lead to a “check-the-box” approach to compliance.
The blind survey of 200 federal IT executives, performed by research company Market Connections, asked about modernization priorities at defense and civilian federal agencies. Respondents included decision makers who develop requirements for federal modernization projects, project managers and contracting officials.
While nearly two-thirds of respondents (62 percent) rated cybersecurity as the top priority for agency modernization projects over the next year, nearly the same percentage (59 percent) reported that they think their agency’s IT modernization efforts have resulted in an increase in the IT security challenges they face. And when asked to grade their agencies’ modernization efforts, 43 percent graded those efforts at “satisfactory” or lower when it comes to improving cybersecurity.
“The results of this survey tell us that many federal agencies may not have adequate staff and resources to manage security challenges in today’s more complex and modernized IT environments, which in our view explains the feedback about modernization efforts exacerbating security challenges,” said Venkatapathi “PV” Puvvada, president of Unisys Federal. “To achieve successful digital transformation, agencies must make security a priority and embark on projects that enhance security at the core, as well as boost operational efficiency to meet mission-critical goals.”
The survey asked respondents about a broad range of facets of IT modernization and asked them to rate their agencies’ performance. When presented with a list of process and technology factors of modernization projects, only 10-16 percent of respondents graded their agencies with the top grade of “A” in any area.
Despite reporting that modernization makes security more challenging, cybersecurity was one of the areas graded highest by respondents, with 57 percent grading their agencies’ efforts as “A” or “B.”
They were less generous when rating their agencies’ on technologies like “streamlined systems development” and “leveraging the cloud,” with 36 percent and 34 percent respectively, grading those efforts as “A” or “B.”
Elsewhere in the survey, respondents registered concern about challenges such as mandates and lengthy procurement cycles. When asked what concerns they have as their agencies move forward with their efforts at IT modernization, the most often-cited concern was that the federal procurement process will add time and over-complicate the modernization effort – with 47 percent of respondents citing this as a concern.
Also, when asked whether they thought mandates and deadlines lead to tasks being performed merely to “check a box,” 46 percent strongly or somewhat agreed.
“The results of this survey show that government decision makers understand the importance of embracing the cloud to help achieve their modernization goals,” said Puvvada. “But it also showed that nearly two-thirds are encountering unanticipated difficulties as they move to the cloud. Fortunately, those respondents who are actively working with industry partners to facilitate their cloud transitions reported a much easier road to cloud adoption by a two-to-one margin.”