Charting the course to cloud-first public sector

Balancing the transformation of government services while at the same time protecting citizen security is a key challenge facing public sector leaders. Digital Transformation programs that include security from the beginning are far and few in between and this severely impacts an agency’s cybersecurity capabilities. Learn why ‘secure by design’ is the only true defence against the war on cyber crime.

When COVID-19 forced social distancing restrictions upon the nation — while exponentially increasing the demand for government assistance — the only way to deliver vital public services was to do so digitally.

Consider Coviu, the telehealth platform spun out of CSIRO. In just one week, traffic on the platform surged 10,000% as Australians flocked to book doctor’s appointments via videoconference.

While just one example of the shift taking place, across all levels of government there is strong impetus for change.

In recognising the rapid acceleration of digital transformation initiatives, and the cloud technologies underpinning them, Government Services Minister Stuart Robert tasked the Digital Transformation Agency with refreshing its digital strategy.

“The pandemic brought millions of Australians into contact with government, and due to social distancing restrictions, it became a necessity for people to access the services they needed through digital channels,” Minister Robert said. “The settings, expectations and needs of businesses and individuals have dramatically changed over the last 12 months.”

So as public sector agencies across Australia transition from legacy approaches to the cloud-based, data-driven, digital infrastructures that will transform them entirely, it is important to consider three key milestones along the journey to a cloud-first public sector.

Starting the journey

Two key elements underpin any digital transformation: People and Culture.

Next-generation infrastructure enables agencies to gain real-time, actionable insights from their data to help them better serve citizens and inform key decisions such as which new services to deliver, how to deliver them, and where they’re needed most.

Organisations with the size and scale of government departments have immensely large data sets, so the insights waiting to be discovered are potentially limitless.

Key to this approach is first recognising the enormous value data can bring when harnessed correctly. Consider the experience of Redland City Council which has embarked on its own transformation journey in a bid to democratise its data while improving internal systems and processes to best serve its constituents.

“Becoming a data-driven organisation was an absolute priority for us,” said Glynn Henderson, CIO at Redland City Council. “By using our data effectively, the possibilities are endless — we can improve internal efficiency, deliver strategic benefits, or drive greater economic, community, and environmental value.”

While still early in its cloud journey, the council is laying the foundations with a strategy that puts data at the centre of its roadmap. Importantly, Redland City Council sought to partner with vendors that understood its desired future state and had roadmaps that aligned with its vision of becoming a data-driven organisation.

So, the first fundamental step in kickstarting a digital transformation is understanding the data an agency owns, the value it can bring, and how it can be harnessed to empower both its own people and the citizens it serves every day.

Minimising risks

In a recent survey, Perceptions of Cloud Computing in Government, security concerns were the biggest impediment to public sector cloud adoption.

While frameworks such as the Digital Transformation Agency’s Secure Cloud Strategy aim to support agencies as they move towards next-generation infrastructure, many initiatives stall due to this fear of cyber threats.

According to the Australian Cyber Security Centre’s (ACSC) latest Annual Threat Report, ransomware had become one of the most significant threats facing Australian businesses and governments. As more Government processes come online, ransomware poses perhaps the biggest risk to business continuity.

Earlier this year, we released research — Building Business Resiliency in Australia and New Zealand — exploring ransomware’s impact on public and private sector organisations.

It found 83% of government respondents agreed ransomware remediation and recovery was just as important as prevention, and 33% of recent ransomware attacks had impacted backup data.

These findings are important to understanding how to minimise risk — in the words of the ACSC report highlighted earlier; “recovering from ransomware is almost impossible without comprehensive backups.”

Backups are crucial to digital transformation as this data becomes an ‘insurance policy’ against ransomware, allowing an organisation to simply refresh its environment from a point-in-time before the infection.

Again, consider Redland City Council and how it has minimised the risk of ransomware.

“We’re witnessing an unprecedented level of ransomware attacks targeting our organisation which I chalk up to attackers thinking councils are too preoccupied with COVID-19 to mount an effective defence. While a cryptolocker attack would have severe consequences from a regulatory and reputational point of view, Rubrik’s immutable backups and the ability to rapidly restore if an attack were successful, make me feel a lot more comfortable — it’s like an insurance policy against ransomware.” Glynn Henderson, CIO, Redland City Council.

Rather than increase risk to the business, as is the perception of some government IT leaders, when undertaken thoughtfully, digital transformation actually serves to improve an organisation’s risk profile. With new technologies in their corner, government agencies can increase business resilience and allow IT teams to focus their attention on where it’s needed most.

Realising the benefits

When it comes to cloud there is a prevailing idea the majority of government data is people’s personal information and there’s a strong apprehension around losing control of that data once it ‘leaves the building’.

This is the most significant hurdle to public sector cloud adoption.

Despite this fear of the unknown, agencies have much to gain. This includes accelerating the delivery of new platforms, improving access to services, and reducing the effort and cost of maintenance while allowing agencies to focus on improving service delivery.

For example, with improvements in data integrity, Glynn Henderson at Redland City Council said a culture of data-driven decision making had blossomed.

“Across the council, proactive use of data to drive decisions has become the first port of call,” he said. “Rubrik ensures that wherever our data is, in whatever form it is, it is at our fingertips when we need it. It’s created excitement in the business, and it all comes back to data integrity.”

“With the data now at our fingertips, we’re on the front foot creating open data sets and ideating internally around what data we can proactively provide the community.”

Ultimately, a mature approach built upon the knowledge of what data an agency holds, the value it can bring, and how it should be protected, can enable any department to confidently pursue digital transformation initiatives and reap the benefits of next-generation digital infrastructure.

Image credit: ©stock.adobe.com/au/mirexon