Amid a rising tide of ransomware attacks against governments and schools nationwide accelerated by the COVID-19 pandemic, tech pros are prioritizing investments in core technologies to manage risk, including security and compliance, network infrastructure, and cloud computing.
But implementation is hampered by dwindling resources and access to personnel training, according to a new survey by SolarWinds. The report finds a lack of budget and resources are the top challenge to utilizing technology to mitigate and manage cyber risk.
Undoubtedly, the pandemic and resulting economic disruption have reshaped state economies and Federal budgets. What does this mean for agencies as they seek to build organizations that can withstand risk while transforming the delivery of government services?
Here are three interesting ways the pandemic altered Federal and state IT budget allocations and the corresponding implications for security and service delivery.
Nuanced Pandemic Budget Landscape
Many public sector organizations faced deep budget cuts during the pandemic, especially cities and counties who lost revenue sources such as parking fines, restaurant taxes, and tourism dollars, while simultaneously experiencing higher public health expenses.
For states, the picture was more nuanced. According to the Urban Institute, state tax revenue changes varied significantly during the pandemic depending on the prevalence of the coronavirus. Overall, 18 of 50 states reported lower revenue collections year-over-year, while 22 states saw tax revenues increase during the same period, some generating a budget surplus.
Technology Investments Recalibrated
Despite budget uncertainty and after a year on the frontlines of pandemic-driven crisis mode, in many cases, a lack of resources was not a hindrance to public sector innovation.
Indeed, necessity was the mother of invention. A study by Deloitte found the pandemic was more of an accelerator than an obstacle, with many proactive organizations using the crisis to recalibrate their technology investments – to get to a “safer and better normal.”
Areas transformed by pandemic technology spending include remote work and learning, automation, and new modes of service delivery and constituent interaction. Think online driver’s license renewals, vaccine sign-up portals, and chatbots connecting citizens to the services they need.
Federal IT Modernization Imperative
Although COVID-19 forced many agencies to pivot digitally, it also shone a spotlight on inefficiencies and deficiencies. For instance, the Federal government’s under-performing IT infrastructure led to delays in delivering essential services and information. In July 2020, the House Budget Committee issued a scathing report stating, despite the creation of emergency assistance programs through the CARES Act, “…many citizens were in limbo for weeks,” waiting on “…promised relief caused by antiquated information technology (IT) systems.”
Funding Challenges Remain
In response to budget shortfalls and recovery efforts, the American Rescue Plan provides much-needed funds for state and local government technology programs. The challenge for these agencies will be how to prioritize and allocate the $350 billion in the enormous rescue package – while addressing the backlog of technology infrastructure issues such as remote learning, cybersecurity, and deliberate cloud investments.
For instance, the rush to the cloud during the pandemic led many states and municipalities to cut corners and introduce risk into their deployments. To put this right, IT teams must have visibility into cloud performance and security – even in hybrid environments (nearly 40 percent of those surveyed by SolarWinds say they lack this capability).
Federal government agencies face a similar challenge – albeit their spending priorities are more prescribed and are intended to address the federal IT modernization deficit. For instance, the American Rescue Plan allocates an additional $1 billion to the Technology Modernization Fund to bolster cybersecurity maturity, improve public-facing digital services, and modernize high priority systems with a significant impact on longstanding security issues.
Smart Spending Decisions
To get the full benefit of new funding, smart decisions must be made about how taxpayer dollars are allocated.
Federal, state, and local officials have different missions and priorities. But most agencies agree it’s a case of “when” not “if” they will fall victim to a cyberattack, and it’s the IT team’s job to know exactly where risk management investments should go.
Technology alone is not the answer. Investments must also be made in upskilling and training, especially in the face of competition for cyber talent from the private sector.
As the SolarWinds survey shows, tech skills development is front and center as a key focus area for public sector technology practitioners, managers, and directors – particularly as it pertains to managing and mitigating security risks.
Furthermore, agencies shouldn’t prioritize skills development just for training’s sake. Too often, tech pros are required to complete numerous certifications by their organizations each year, many of which don’t align with or support larger strategies and initiatives. To succeed in a future built for risk, agencies must prioritize training that maps to the agency’s priorities and brings value to the mission.
2022 and Beyond
Looking ahead, there’s much work to be done. But government IT leaders have the budgets and the opportunity to make lasting changes in how they approach technology investments, optimize operations, and prioritize skills development. Changes will enable them to better manage, mitigate, and prevent risk in the future – while rethinking service delivery.