Originally published at VMware Blogs

Though we hear about it almost every day, our industry should still take a moment to pause and ask: What is business resilience, exactly, and what does it mean for my organization?

City and state leaders and CIOs across public higher education are gunning to stay up to speed with the latest trends and challenges in our digital age. But industry reports vary widely when it comes to strategic IT planning for the future, including the best cloud, AI, and cybersecurity measures. 

In our view, there are three foundational pillars that should be embedded in every business to help public institutions and educational organizations prepare for the next waves of unforeseeable changes. Every organization needs to establish a secure digital platform that allows for agility, the right applications to quickly swap service models as needed, and teams of people that have the resilience to adapt to change.

This was one of several key topics at VMware Explore 2002 in San Francisco, where thousands of attendees joined in person and online to share their insights on the latest trends and solutions in the tech space.

During our panel “Business Resilience,” three industry experts discussed the many ways public institutions can use technology to fortify their operations and proactively tackle future challenges. VMware SLED Senior Strategist Herbert Thompson, CA Department of Technology Deputy Chief State Technology Officer Scott MacDonald, and University of Texas System Chief Technology Officer Rama Dhuwaraha spoke about the biggest needs and best practices as 2023 approaches.

“Covid really pointed out that no matter how much planning we do, we have to make sure we’re able to pivot when the next mega change hits.”

Herbert Thompson VMware SLED Senior Strategist

VMware is heavily engaged in helping create new digital systems and tools for state and local governments and higher education institutions looking to get ahead in today’s rapidly changing climate. For organizations that want to embed cybersecurity into their business models, don’t miss our whitepaper on the “3 Tactics for Strengthening Cybersecurity in Education.”

Here are some of the highlights from our discussion on better business resilience in government and public higher education:

Aim for the Best and Always Prepare for the Worst

Many organizations in the thick of the pandemic were severely backlogged with vital services. In some very disheartening cases that included child welfare and unemployment insurance, Thompson noted. “Call centers were overwhelmed. Tax systems couldn’t keep up with the [latest] business rules,” he said. Going forward, the public sector will need to create new models for delivering essential resources. Within public higher education, where remote learning quickly became the only option during lockdown orders, many organizations lacked the digital infrastructure for extensive online classes. Some public institutions are still grappling with legacy systems. UT System’s Dhuwaraha said that while his organization has long had the technology resilience, security became a big focus as everyone was suddenly accessing the school’s system from the outside. With more than a dozen campuses and healthcare institutions, security management is no small feat, he noted.

Take a Holistic Approach to IT and Remote Operations

Most departments rely heavily on IT for daily operations and maintenance services, said MacDonald of California’s Department of Technology. “To support the state, as a whole, we really had to build out our networks,” he said. “We had to have the security safeguards in place to make sure the right people were coming in and we were not exposing the state’s resources.” When it comes to remote work in the public sector, there’s often friction between workforce and management teams over flexibility and accountability, MacDonald added. Governance is a top priority for the University of Texas System. Remote operations had long been avoided for academic integrity, Dhuwaraha said. But that had to change due to COVID. Organizations will need to find proactive resolutions for these kinds of situations while ensuring secure and stable digital frameworks. Some changes that the IT sector had been promoting for decades happened almost overnight, Dhuwaraha noted. Going forward, institutions will need to also closely govern their use of analytics and AI to better support their educational practices.

“We had to have the security safeguards in place to make sure the right people were coming in and we were not exposing the state’s resources.”


Keep Your Feet on the Ground and Your Head in the Multi-Cloud

Device management and internal network needs are quickly evolving as well. Maintenance windows have almost completely been replaced by around-the-clock support, for instance. “Our citizens and our students are online 24/7,” Thompson maintained. Multi-cloud services will remain the primary model for digital operations for at least the next two decades, according to industry projections. With that comes careful data management planning and the need to build security into every digital framework across the public sector. “We had lessons learned pre-pandemic with the California wildfires,” MacDonald said. “We worked with the public and private-owned utilities and they were struggling to keep their systems up.” A lot of those utilities had to be moved to the cloud very quickly, requiring diligent stress testing, MacDonald added. 

Never Underestimate the Rising Threat of Cyberterrorism

From National Institute of Standards and Technology (NIST) protocols to development, security, and operations (DevSecOps) frameworks, there are many ways that public institutions can crack down on cyberthreats. Government agencies, in fact, will increasingly need to follow stricter software guidelines as mandated by the White House and several states. At UT System, “it’s very complicated in the sense that there is a lot of need to keep the systems open,” Dhuwaraha noted. One of the biggest threats the university faces is research data theft, which can lead to billions of dollars in damage, he said. Cloud-based security at UT System takes four data centers and multiple operation centers involving both the university and state agencies. A reported 5.8 million malware attacks targeted educational organizations between August 14th and September 12th of last year, while the average cost of ransomware attacks on educational institutions has exceeded that of virtually every other industry, our research shows. 

Against that backdrop, VMware took a close look at the best practices in cybersecurity, including network micro-segmentation and the latest security-related recruitment, retention, and training strategies.