November 29, 2022


Fashion groove

The beauty of the beast: Why the pandemic & cybersecurity might actually improve procurement and IT collaboration


For well in excess of 10 years, IT professionals have mentioned cybersecurity as their selection one issue. Both equally the CompTIA Public Technological know-how Institute (PTI) and the Countrywide Association of Point out Info Officers (NASCIO) have been monitoring major trends in IT management, policy, governance and operational issues as they relate to condition and regional governing administration. Only just lately has “procurement” entered the leading 10 challenges domain—and it’s about time. Over the previous various many years, I have had the satisfaction to speak before a number of procurement officer occasions, as very well as a purchasing cooperative. What I discovered from these encounters was that buying managers have a genuine wish to discover additional about the IT enterprise. Also, IT professionals explained their marriage with procurement as considerably mixed, normally blaming out-of-date procedures, not folks. Both of those sides have voiced the need for better comprehension and cooperation. As we all know IT is really specialised, and apart from laptops and connected equipment, the rest is considerably from getting labeled as a “commodity product.”

The pandemic (the beast) could have been the significant and significant catalyst for alter. Under no circumstances in the background of community administration has town and county IT aid experienced to pivot to a remote workforce although continuing to provide citizens in this kind of a quick time period in time. Procedures were facet-stepped to make the fantastic change to distant operate achievable. Hundreds of 1000’s of laptops, monitors, cameras and headsets had to be acquired in record time. Considerably less noticeable was the massive procurement of VPN networks, collaboration program and cybersecurity checking units. The pandemic pressured every person to operate and shift in ways and velocity not considered possible. The pandemic compelled community governments to speed up ideas for the digitalization of govt. A lot of what experienced been considered temporary has now largely been taken care of and is most possible listed here to remain.

As extra government workforce were forced to operate remotely, cyber criminals sought (normally correctly) to exploit the new distant workforce landscape. Not only did ransomware assaults raise, but we also discovered of a new sort of assault referred to as a “supply-chain” attack where a cybercriminal would hack a vendor’s client databases so that when updates had been pushed out, so too was malicious malware.

The 2022 CompTIA General public Engineering Institute (PTI) State of Metropolis and County IT Nationwide Study experienced procurement enter its leading 10 area for the to start with time mentioning the will need to “streamline procurement procedures.” When in contrast to the other priorities on the annual study, there is a great deal of will need for purchasing selections that go outside of cybersecurity, this sort of as IT modernization, technique integration, amplified digital providers for citizens, and lastly, migrating systems/apps to the cloud. When NASCIO’s Annual CIO Top rated 10 Priorities doesn’t place out procurement instantly, procurement is mentioned in their fourth priority under Cloud Services—“cloud approach collection of service and deployment versions scalable and elastic expert services governance support administration security privacy procurement.”

Above the decades, cloud providers have developed in performance as perfectly as in the definition alone. Nowadays, an growing amount of point out and nearby governments are moving much more and extra of their operations to cloud perfectly as managed services vendors. For IT and procurement professionals alike, it is generally hard to evaluate the providers made available by this kind of distributors. The federal procurement sector can lean on FedRamp for cloud-protection associated assurances as a result of vendor certifications. Right until not long ago point out and nearby governments were left out of the process when hundreds of 1000’s of smaller regional and local assistance suppliers did not qualify less than FedRamp polices. Somewhat new to the scene is StateRamp, a nonprofit corporation whose mission is to present certifications for these community players. As StateRamp evolves, state and neighborhood governments will have a considerably-essential tool to better obtain their buying conclusions when it will come to cloud and managed solutions with a aim on cybersecurity.

Introducing to the immediacy of the dilemma, the Cybersecurity and Infrastructure Protection Company (CISA) has not long ago issued a international and country-large advisory aimed at protecting managed assistance companies and customers—often point out and neighborhood governments. Between the five tips is to “Understand and proactively deal with supply chain possibility throughout protection, legal, and procurement groups, utilizing threat assessments to identify and prioritize the allocation of methods.”

Current events have triggered a substantial improve in how we use, procure and work information and facts technological innovation. The listing of supplemental acquiring selections that should be produced pertaining to the invest in of IT gear and units, each hardware and software program selections will want to be viewed by means of numerous lenses these types of as authorized, cyber, financing, possibility evaluation, compatibility, aid and instruction, to name just a handful of. The pandemic, along with an increase in cybersecurity specifications, has developed a new path forward the place procurement has developed into a workforce activity, resulting in stronger information technology for all condition and neighborhood governments in particular and generating the course of action extra safe and successful. And that is the beauty of this beastly pandemic.

Dr. Alan R. Shark is the vice president general public sector and government director of the CompTIA Community Technological know-how Institute (PTI) in Washington, D.C., due to the fact 2004. He is a fellow of the National Academy for Public Administration and chair of the Standing Panel on Technology Management. He is as affiliate professor for the Schar Faculty of Coverage and Authorities, George Mason College, and is program developer/instructor at Rutgers University Centre for Government Expert services. Dr. Shark’s assumed management routines include keynote talking, running a blog and the bi-weekly podcast Sharkbytes. He also is the creator or co-writer of far more than 12 publications which include the nationally regarded textbook “Technology and Public Management,” as nicely as “CIO Management for Metropolitan areas and Counties.”


This posting initially appeared in the June 2022 concern of Government Procurement.


Resource url