After a year of IT successes and challenges, 2019 holds a lot of opportunity in store for federal CIOs and CISOs. We talked with Patrick Hubbard, Head Geek for SolarWinds, to find out what we can expect, as well as what to watch out for.
(No time to read but still want to hear Patrick’s insights? You can find his podcast on the topic here.)
Government Technology Insider (GTI): 2018 was a volatile year for government IT, with budget surprises, new tech and direction, and a number of high profile cyber attacks. What new and upgraded technologies are agencies looking to implement in the coming year?
Patrick Hubbard, SolarWinds (PH): I think you hit it when you are talking about cyberattacks. Security, in particular network security and network architecture, is something that’s really beginning to get a focus in 2019 in a way that it hasn’t in the past. And, unfortunately, you know the way it always works in technology is, if you look at this sort of spending curve of initial budget and time burndown, you always start off with the application and then infrastructure to run it on. And then way down the curve, eventually you get to monitoring, maybe, and if there’s anything left over, it ends up being security.
But, to your point, the profile of recent breaches and cyberattacks have been high enough that it really is allowing a lot of managers to push that forward, whether it’s take advantage of dedicated funding or at least raise the specter of something truly awful happening to data. And so, it really is helping a lot of organizations move forward focusing on security.
GTI: Of course, the government is rife with legacy technology and that is a security risk as well as an operational issue. So, what could delay technology modernization for some agencies? Is it just the legacy issue? Are there other issues that they’re coming up against, such as agency priorities or congressional or presidential priorities?
PH: The challenge with a budget that is in flux is that that is disruptive. You have initiatives, they need to be completed, some of those initiatives are large, requiring multi-quarter or even maybe multi-year investment to get off the ground. But, the larger those initiatives are, the more there is an effect of a pressure on budget.
And so, when you look at something like digital transformation — certainly, that’s got to be one of the most overloaded marketing terms on the planet, maybe next only to DevOps — but if you look at real transformation, if you look at modernization, these are projects that don’t happen over a six month period.
They take a while, especially if you’re trying to get agile or you’re trying to take advantage of new continuous integration and delivery technologies. If you’re adopting containers, if you’re trying to focus on finally identifying security weaknesses in a multilevel distributed application with a lot of APIs, like securing a lot more moving parts — all these initiatives require focus, discipline and so having a budget in flux really does complicate those initiatives.
GTI: Is the funding — and the direction — even there for these upgrades and how will the Technology Modernization Fund factor into it?
PH: TMF funding should help, especially in those cases where it’s earmarked for specific projects. You know, when you look at, say, the Energy Department, one of their projects is 15 million dollars to simply move e-mail into the cloud. And I know it sounds like, “Oh, that’s not a huge project, you just go Office 365 like any commercial organization would, and that’s a piece of cake. But, that’s not true.
Email for a lot of federal agencies has a lot of customized processes around it, a lot of integrations and so having that money specifically earmarked as a part of the Technology Modernization Fund (TMF) is really helpful. Housing and Urban Development has 20 million dollars earmarked for mainframe migration. That is extremely helpful. That’s one of those things where you say, “We’re going to migrate away from mainframes.” How long will that take? I don’t know, three years, five years? But having earmarked budgets specifically for this project is really helpful, especially when modernizing.
GTI: Any final thoughts or recommendations for strategic investments for 2019?
PH: One of the advantages in not being an early adopter of cloud technologies is that it has let a lot of organizations really think about what they’re trying to accomplish. So, if you’re going to lift and shift, if you’re going to take an application that’s running in your on-premises data center and you’re going to push it up into a cloud, whether it’s public or private, you’re not really transforming. You’re moving the infrastructure but it’s not all that different than maybe going from bare metal to virtualization.
But if on the other hand you’re looking at that application and you truly intend to transform it, you’re going to take it apart, you’re going to look at it, you’re going to maybe break down some of its constituent components into distributed components. You have an opportunity to take advantage of truly new technology.
And so, for 2019, federal agencies, in a lot of cases, are in a sweet spot between great new technology, best practices that have been proven by the industry and now, finally, some time and actual earmarked budgets to see that transformation/modernization happen. Because if you’re going to take an application apart, not just move it from one data center to another, but really break it down and think about how to modernize it, you might go to completely cloud-native services. Or you might break it down into containers, or you might go serverless. There’s a whole lot of technologies that really can dramatically transform the effectiveness of that application while also reducing its costs, because simply lifting and shifting to the cloud does not meet the budget requirements for most organizations.
So the fact that we’ve waited a couple of years to get to 2019, to really begin this modernization effort in earnest allows us to make sure that we have the tools in place to have effective application migrations — whether it’s a full deconstruction of a monolithic application of the cloud-native services, or is simply adopting a better set of technologies and deployment methodologies to improve overall quality of service for that delivered application and to reduce the headcount or at least be more honest about the fact that reduced headcount is the way that IT will be managed going forward — and allows admins to really have time to be more proactive and to be more strategic.