Connect with us

Hi, what are you looking for?


Management & Strategy

The U.S. Government: IT Laggard or Vanguard?

Vivek Kundra's Push to Cloud Computing and Innovation

Has the U.S. Government Landed itself on the Cutting Edge of Technology?

Vivek Kundra's Push to Cloud Computing and Innovation

Has the U.S. Government Landed itself on the Cutting Edge of Technology?

The private sector usually leads the way in technological advancement, but might we be witnessing a shift, where the government could begin to outpace the private sector? Has the U.S. Government landed itself on the cutting edge of technology?

In March 2009, Vivek Kundra was named the first-ever United States chief information officer. Though he’s recently announced his impending departure from Washington to accept a fellowship at Harvard University, Kundra is no doubt still leaving behind a legacy of IT reform. When brought on as CIO, Kundra was tasked with improving efficiency while also making government data more available and useful to the public. In his eyes, there were four immediate opportunities for bringing about positive change:

• Reviewing the U.S. Government’s $80 billion yearly spend on IT and working to ensure that taxpayer dollars aren’t wasted on non-dividend-producing investments

• Reducing costs by cracking down on inefficient infrastructure (e.g., billions of dollars worth of data centers) and promoting the use of green IT

• Enhancing the overall IT security posture and addressing the very real cybersecurity risk

• Tapping into the ingenuity of the American people and shifting to more efficient computing platforms

Advertisement. Scroll to continue reading.

Game-Changing Approach

To start, Kundra and team certainly looked to and followed the lead of the private business sector in terms of adopting new technologies to meet their end goal of delivering more efficient government services. What’s interesting, however, is that a tipping point may be occurring—with the U.S. Government starting to up its pace to overtake the private sector in terms of the breadth and speed of the adoption of new and innovative technologies.

Kundra’s visionary plan for transforming federal IT management included a cloud-first policy in order to get away from wasteful spending on infrastructure. In the first four months of 2011, the U.S. government closed 39 of its more than 2,100 data centers. Now, moving along faster than ever expected, it hopes to close 156 more by December and maintains a lofty goal of shutting down a total of 800 by 2015. This project is part of the Obama administration’s effort to reduce waste, improve efficiency, and save $18.8 billion through data center consolidation. The workloads, including mailboxes and email systems, will be moved to some type of cloud computing platform. In all likelihood, the government would support the idea of private or hybrid clouds over public clouds.

Standards—Key to Cloud Computing Success

Vivek Kundra Cloud ComputingWhere Kundra (Right) adopted game-changing approaches, it’s in part due to (and thanks to) game-changing technologies. One of these is virtualization. Next up is virtualization security.

As a cloud-enabling technology, virtualization has ascended to the top of IT priority lists. And security, while formerly and too often an afterthought, is finally starting to get its day in the sun. Long-time virtualization customers—including the U.S. Government—are realizing the significance of virtual machine (VM) security and are now turning to find better security alternatives. And by better, we mean solutions that have been specifically designed for virtual environments—ones that are dynamic and provide protections in lockstep with VM creation, movement, and change. But with cutting-edge technology comes the need for an amalgamation of expertise and experience in the form of best practice guidelines. And certainly, to drive the U.S. Government’s transition to cloud computing, there is a need for standards—with regards to security, interoperability, and data portability. These standards will ensure greater efficiencies, as well as the protection of information—including citizen data.

In July, the National Institute of Standards and Technology (NIST), for example, released its Guide to Security for Full Virtualization Technologies for public comment. The guide discusses security concerns associated with virtualization technologies and offers recommendations for addressing those concerns. Similarly, the Federal Risk and Authorization Management Program (FedRAMP), which is a multiagency initiative, provides services to certify that information systems used in cloud environments meet federal security guidelines, including continuous network monitoring. This is a task easier said than done in virtualized environments, where traditional network monitoring devices are “blind” to traffic. Again, these initiatives cumulate into the greater effort by the government to realize savings faster and encourage the adoption of cloud while ensuring that the data housed in the federal government’s clouds is as secure as it can be.

This is certainly a trend worth keeping an eye on. As the federal government moves to broadly adopt cloud computing and legislate or at least lead with thinking on cloud security, those businesses and organizations that have already addressed it will be in great shape to interoperate with the new fed data centers, while those who haven’t will have some pretty clear precedents to follow. Either way, with a cloud-first strategy, the U.S. Government is looking much more the vanguard than laggard—which is good news for all.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.