Monster Magnificence: Why Pandemic and Cybersecurity Can Actually Enhance IT Procurement and Collaboration

For greater than a decade, IT managers have known as cybersecurity their primary drawback. Each the CompTIA Institute of Public Know-how (PTI) and the Nationwide Affiliation of Public Info Staff (NASCIO) monitor main traits in IT governance, coverage, governance, and operational points affecting state and native governments. Solely not too long ago, “procurement” has turn out to be one of many 10 largest issues – and it is time. Over the previous couple of years, I’ve had the pleasure of talking at a number of procurement specialist occasions in addition to at a procurement cooperative. From this expertise, I discovered that procurement managers have an actual want to be taught extra about IT. Equally, IT managers described their procurement relationships as considerably blended, typically blaming outdated procedures slightly than people. Each side said the necessity for better understanding and cooperation. As everyone knows, IT is sort of specialised, and aside from laptops and associated gear, the remaining is way from being described as a “commodity”.

A pandemic may very well be an essential and significant catalyst for change. At no time within the historical past of public administration has the IT assist of town and county needed to transfer to a distant workforce, persevering with to serve residents for such a brief time period. The principles have been rejected to permit for a serious shift to distant work. Lots of of 1000’s of laptops, screens, cameras and headsets needed to be bought in document time. Much less apparent was the mass buy of VPNs, collaboration software program, and cybersecurity monitoring gadgets. The pandemic has pressured everybody to behave and transfer in not possible methods and at velocity. The pandemic has pressured native governments to hurry up plans to digitize energy. A lot of what was thought-about non permanent is now largely preserved and is prone to stay right here.

As an increasing number of civil servants have been pressured to work remotely, cybercriminals tried (typically efficiently) to use the brand new distant workforce panorama. Not solely have ransomware assaults intensified, however we have discovered a few new kind of assault known as the provision chain assault, during which a cybercriminal hacks right into a vendor’s buyer database in order that malicious software program can be launched when updates are downloaded.

In 2022, the CompTIA Nationwide Institute of Public Know-how (PTI) State Survey of the Metropolis and County IT Nationwide Survey ranked the highest ten for the primary time; recalling the necessity to “streamline procurement processes”. In comparison with different priorities of the annual survey, there’s a nice want for procurement choices that transcend cybersecurity, similar to IT upgrades, system integration, growing digital providers for residents, and eventually migrating techniques / functions to the cloud. Though NASCIO’s 10 annual CIO priorities don’t immediately deal with procurement, procurement is talked about as their fourth precedence within the Cloud Providers part – Cloud Technique; selection of service and deployment fashions; scalable and versatile providers; administration; service administration; safety; confidentiality; procurement “.

Over time, cloud providers have grown each in performance and in definition. Right this moment, an increasing number of state and native governments are shifting an increasing number of of their operations to cloud and managed service suppliers. IT and procurement managers typically discover it tough to judge the providers supplied by such distributors. The federal procurement market can depend on FedRamp to acquire cloud safety ensures via vendor certification. Till not too long ago, state and native governments have been unnoticed of the method when tons of of 1000’s of small regional and native service suppliers didn’t meet FedRamp necessities. One thing new on the scene is StateRamp, a non-profit group whose mission is to supply certificates to such native gamers. As StateRamp evolves, state and native governments may have a much-needed instrument to raised entry buying choices in the case of cloud and managed providers with a deal with cybersecurity.

Including to the urgency of the issue, the Cybersecurity and Infrastructure Safety Company (CISA) has not too long ago revealed world and nationwide tips to guard managed service suppliers and prospects – typically state and native governments. Among the many 5 suggestions – “Perceive provide chain dangers and actively handle them in safety teams, authorized entities and procurement, utilizing threat evaluation to find out and prioritize useful resource allocation.”

Current developments have led to vital adjustments in the best way we use, buy and use info know-how. The listing of further procurement choices that should be made relating to the procurement of IT gear and techniques, choices on each {hardware} and software program will should be thought-about from completely different views, similar to authorized, cyber, monetary, threat evaluation, compatibility, assist and coaching. to call just some. The pandemic, together with growing cybersecurity, has paved the best way for procurement to turn out to be a staff sport, strengthening info know-how for all state and native governments, together with making the method safer and extra environment friendly. And that is the great thing about this horrible pandemic.

Dr. Alan R. Shark has been the Vice President of the Public Sector and Govt Director of the CompTIA Institute of Public Know-how (PTI) in Washington, DC, since 2004. He’s an worker of the Nationwide Academy of Public Administration and the chairman of the Standing Committee on Technological Management. He’s an Affiliate Professor of Shar College of Politics and Authorities at George Mason College and a course developer / lecturer on the Rutgers College Public Providers Heart. Dr. Shark’s thought management actions embody keynote speeches, running a blog, and biweekly podcasts. Sharkbytes. He’s additionally the creator or co-author of greater than 12 books, together with the nationally acknowledged textbook Know-how and Public Administration and the Metropolis and County Info Know-how Information.

This text first appeared within the June 2022 difficulty Authorities Procurement.

Leave a Comment

A note to our visitors

This website has updated its privacy policy in compliance with changes to European Union data protection law, for all members globally. We’ve also updated our Privacy Policy to give you more information about your rights and responsibilities with respect to your privacy and personal information. Please read this to review the updates about which cookies we use and what information we collect on our site. By continuing to use this site, you are agreeing to our updated privacy policy.