Dec 19 2017

The 4 Largest Federal IT Trends to Watch for in 2018

Expect to see movement on IT modernization, cybersecurity enhancements and data center optimization, with agencies laying groundwork for new networks.

Federal IT modernization has already built a great deal of momentum heading into 2018. But how will that manifest itself by the end of the year?

The Modernizing Government Technology Act is now law and the White House has released its vision for IT modernization. It’s unclear exactly how those twin signals from Congress and the executive branch will play out on the ground in 2018, but there is a sense that agencies will upgrade key technology on several fronts next year, according to federal IT officials and industry experts.

Agencies are likely going to move toward more cloud-based architectures as they jettison legacy IT.

They will make cybersecurity investments that revolve around protecting assets critical to their mission, especially data.

There will likely be a push toward virtualization as agencies aim to shutter data centers and optimize the ones that remain.

Finally, while there will likely not be a significant amount of progress on deploying new networks under the General Services Administration’s $50 billion Enterprise Infrastructure Solutions contract, agencies will start preparing to transition to modernized networks.

Here are four key themes to watch in 2018:

SIGN UP: Get more news from the FedTech newsletter in your inbox every two weeks!

1. IT Modernization Gets Underway Inside Agencies

The MGT Act authorizes the creation of a centralized fund for IT modernization in the Treasury Department that will be managed by the GSA, as well as working capital funds inside agencies that they can use to fund IT modernization projects.

Alan Balutis, distinguished fellow and director of the Internet Solutions Business Group at Cisco Systems, notes that Congress needs to actually appropriate the money for the centralized fund and the working capital funds will need to be set up inside numerous agencies.

“It may be a little bit of time before we actually begin to see real implications, real changes, real investments happening, until we get a sense of what monies are actually going to be appropriate and set aside in those working capital funds to devote to modernization,” he says.

Nonetheless, Balutis thinks the working capital funds, which can be accessed for up to three years, could be used for “longer-term, and I hope better-thought-out investments.” The centralized fund will likely be used for cross-government IT modernizations or ones that two or three agencies can share, he says.

Cameron Chehreh, COO and CTO for Dell EMC Federal, says he thinks the MGT Act and the White House report will spur experimentation with modernized IT and cloud migrations. They offer agencies contemplating modernization the “opportunity to say, ‘It’s OK to go do this.’ And more importantly, ‘It’s OK to have lessons learned along the way.’”

Every agency will respond in its own way, Chehreh says, but the MGT Act and the White House’s directions will offer agencies the opportunity to lay the groundwork for artificial intelligence and IT infrastructure adoption.

2. Cybersecurity Evolves to Protect High-Value Assets

One of the defining themes of federal IT in 2017 was the emphasis around a risk-based approach to cybersecurity, which was at the center of protecting federal networks in President Donald Trump’s executive order on cybersecurity.

The White House’s final report on IT modernization specifically notes that agencies must focus on protecting high-value assets, or HVAs, and “prioritize modernization of legacy IT by focusing on enhancement of security and privacy controls for those assets that are essential for federal agencies to serve the American people and whose security posture is most vulnerable.”

“You will hear a lot about HVAs over the next year,” Barry West, acting deputy CIO and the senior accountable official for risk management at the Department of Homeland Security, said last week at an Association For Federal Information Resources Management luncheon. “What are your systems that can’t be down?”

In the past, cybersecurity was mainly focused on protecting networks, Chehreh says, and that is still important and agencies will need to invest in firewalls and authentication technologies. Now, however, the emphasis has shifted to protecting assets — data especially — that are critical for agencies to carry out their missions, he says.

Agencies will start to use cyberthreat intelligence — real, unclassified intelligence tradecraft that can perform situational awareness of threats. “It’s not just about, someone is attacking,” Chehreh says. “Who is that person, what are they doing and what are they going after? So, our IQ about cyber is increasing.” That will allow agencies to reposition cybersecurity around their mission needs, he says.

3. Data Centers Get Even More Virtualized

Agencies are going to have to push hard next year to meet the goals set out for them in the Data Center Optimization Initiative. The DCOI is designed to get agencies to consolidate data centers and improve their efficiency, and agencies are required to close at least 25 percent of tiered data centers and 60 percent of nontiered data centers by Sept. 30.

DCOI also pushes agencies to increase their server virtualization, and to house at least four virtual servers per physical server. That will likely push agencies to adopt cloud services and hyperconverged infrastructure (HCI) solutions. HCI combines virtualized computing, storage and networking capabilities into a single appliance, all pre-integrated and controlled by one management layer.

Kirit Amin, outgoing CIO of the International Trade Commission, said last week at the AFFIRM event that he sees a great deal of opportunity for data center optimization and consolidation in 2018.

“I can’t afford to keep my data center. Why should I?” he said, expressing the thinking at many small agencies. Amin said the Office of Management and Budget and the GSA should “incentivize larger agencies to bring smaller and independent agencies” into their data centers to give access as a shared service. That would boost efficiency and save money he argued.

Chehreh says that “without question, hyperconverged is absolutely one of the fastest growing sectors within our business,” and that Dell EMC is seeing adoption “all over the place” in the federal market. However, HCI paradoxically can lower an agency’s DCOI score on the Federal IT Acquisition Reform Act scorecard since it allows agencies to make more efficient use of existing data center space rather than shut down data centers altogether. He says Dell EMC will work with Congress and policymakers to try to tweak that so that HCI adoption is not penalized.

4. Agencies Plan for the Networks of the Future

The GSA’s EIS contact, which was awarded this summer, requires agencies to transition away from the Networx contracting vehicle by the spring of 2020.

The GSA has been working diligently with agencies on their transition plans, and it’s been keen to avoid the years-long delay that muddied the transition to Networx after that contract was awarded a decade ago. EIS will enable agencies to modernize their network infrastructures and embrace new architectures, including software-defined networking (SDN).

Davis Johnson, vice president of the public sector at Riverbed Technology, says he expects agencies to take “baby steps” in 2018 as they plan for the transition. “It always takes a long time for new contracting vehicles to kick in,” he says. “And when it does, are they going to do like for like or do transformational changes?”

Chehreh says that there will be “an appropriate level of projecting planning to set up for 2019 to make sure this is a very safe transition for the government.”

Both Johnson and Chehreh expect agencies to adopt SDN. Networks built using SDN will be more agile and secure, Chehreh argues, since they can be commissioned and decommissioned on the fly, making it harder for adversaries to attack them and access classified information, for example.

rarrarorro/Getty Images

Zero Trust–Ready?

Answer 3 questions on how your organization is implementing zero trust.