Running UK Gov Digital Org?

Who is controlling the business?

UK Govt
Adam Woolhouse
Written by Adam Woolhouse
Adam Woolhouse has worked in IT network monitoring and cyber security for 22 years and is now Regional Director at NETSCOUT currently managing the sales team for UK government and the Nordics.

Of course, the answer to the title question is that you are, but let’s consider some of the challenges you face.

Public expectations for quick and convenient Government services, plus the projected savings of £1.7-1.8B2, means a digital strategy is an absolute imperative. Going forward, more and more Government business will be digital business. As promised policy roll-outs are beset with delays, the pressing question becomes, how is this new digital business being measured and protected? Any drop-in service level or an attack on Government computers means a loss of government business - either through slower adoption or user delays and a subsequent loss of productivity. No doubt this would hurt the Government brand, leading to questions raised in the House, and offering detractors and naysayers a way of attacking the professionalism of the services affected. To avoid this fate, effective monitoring of these important services, from a service assurance and cyber security perspective, is needed to help mitigate against service outages and performance issues.

So, what is the best way to achieve service assurance and cyber security? In the past, your Systems Integrator (SI) handled much of the service-level monitoring and security of your digital system. This meant you had one port of call whenever any issues with the service levels arose, and the SI’s fortress-like data centers protected your business from attacks - both domestic and foreign. With the demand from Central Government to disaggregate1 these SI contracts, things will no longer be as simple now. As more suppliers offer smaller subsets of the services, UK Government departments and agencies need to have a strategy to monitor the service levels and cyber security across multiple systems and towers, or at the very least, outsource to a supplier who will be dedicated in this role. This will enable a cross-supplier monitoring infrastructure that measures the services and delivers the required business outcomes.

Factoring in the Cloud

Central Government’s Cloud-first Policy3 states that government departments must consider the cloud or demonstrate that the alternative is less expensive. This means that a cyber security and service assurance strategy must be able to monitor both on-premise, cloud and hybrid situations. It is easy to rattle off the benefits from cloud, such as reduced build-out costs, elasticity of resources and rapid provisioning. However, when we surveyed our customers, the top three challenges listed were: security not in an IT organizations control; lack of control over service quality; and performance and lack of visibility throughout the service stack.

It is no secret that there is a lack of skilled cyber security and cross-discipline, level-three technicians available to the UK Government who can hunt down security and performance problems4. This is a major barrier to digital transformation. Having an overarching strategy for security and service assurance across the digital government estate, instead of relying on different tools for different purposes, is a highly effective way to upskill staff. A good analogy here is when you take your car to the garage to be serviced. Instead of turning to an old-school mechanic, who strictly listen to the sound of the engine to solve the problem, you choose a young, cutting-edge technician, who plugs in a computer to show the error codes. This allows the technician to pin-point the precise problem and quickly make repairs, returning your car to peak performance.

Cyber Security Should be Top of Mind

We have been skirting around the subject of cyber security, but a recent report by the National Audit office5 says that the WannaCry outbreak could have been prevented by taking some simple steps. The office goes on to say, "There are more sophisticated cyber threats out there than WannaCry, so the Department and the NHS need to get their act together to ensure the NHS is better protected against future attacks."

As promising new initiatives are put in place, such as GovWIFI6, which is designed to improve access and increase productivity, it is vital that these programs be carefully managed, or else risk exposure to another attack vector.

This is where NETSCOUT can make a difference. We help our UK Government customers in several ways. We enable a large NHS organization to manage its network and defend itself against WannaCry with our nGenius Service Assurance solution. Another large UK agency uses nGenius to monitor and manage its networks and applications. A second large UK agency uses our Smart Data Core to direct traffic for security and performance management from its on-premise, cloud and hybrid cloud to offer a cross-platform and cross-discipline view of its digital business. Analyzing the data using our nGenius service assurance solution turns war rooms into situation rooms. A UK security agency uses the NETSCOUT AirMagnet solution to secure its WiFi borders, closing down this particular threat vector.

Business Assurance is comprised of Service Assurance and Security Assurance. NETSCOUT’s competitors either focus on performance or security. Relying on NETSCOUT’s Smart Data Core, customers can gather data from across their digital business, and across suppliers, whether in-house, in multi-cloud environments or both, leveraging our service and security assurance solutions, nGenius and Arbor Spectrum, to achieve total business assurance for the UK government digital business. We would like you to look at our solutions and be your partner of choice in this complex and ever-changing environment.

Given all that we have discussed here, it is time to ask yourself again, who is controlling your business? Make sure it is you and that your organization is not vulnerable to attack by an unscrupulous foreign agency or falls victim to misfortune.

For event information: NETSCOUT Digital Transformation in Government Networking, December 5, 2017 in London, England https://www.netscout.com/events

References

  1. The disaggregation of contracts; https://www.theregister.co.uk/2016/03/22/gov_will_hand_more_it_biz_to_smes/
  2. Digital by default - https://www.gov.uk/government/publications/government-digital-strategy/government-digital-strategy
  3. Cloud First strategy - https://www.gov.uk/guidance/government-cloud-first-policy
  4. Lack of trained and skilled staff in UK government - https://www.theregister.co.uk/2016/11/14/ukgov_has_18k_it_contractors_on_its_books/
  5. Desire to protect IT assets and therefore business more securely - https://www.theregister.co.uk/2017/10/27/nhs_could_have_fended_off_wannacry_says_nao_report/
  6. GovWifi - https://www.gov.uk/guidance/set-up-govwifi-on-your-infrastructure