Originally posted on http://www.vmware.com by Jeremiah Sanders

Change is intrinsic to the federal government. Leaders and employees must readily adapt to every shift in course, every new appointment, every new mandate. With the inauguration, the federal government is undergoing another change. However, there’s still one more shift that’s happening: Many federal agencies are undergoing digital transformation.

IT transformation is at the top of many federal agency agendas, at least partly driven by the global pandemic. Modernization goals include application portfolio modernization, cloud migration, network and infrastructure modernization, leveraging ML and AI, reducing CAPEX/OPEX through standard modernized services, and implementing operational constructs like DevSecOps or Zero Trust.

The work is underway, but still: A disparity lies between the applications government employees use while at work and the commercially available applications familiar to everyone in their daily lives. Citizens accessing federal government services also note the difference between modern software they know and the often twenty-year-old applications they must endure when navigating government services.

There’s a sense many federal agencies are running behind—and unfortunately, it’s happening at a critical moment. Because of the global pandemic, the federal government must serve their distributed workforces. The public is also demanding a better digital experience—and looming over it all: An increasingly complex cybersecurity environment with both nation-state actors and non-nation state actors coming after federal assets and data.

The mandate for transformation is there—and work is underway. According to findings from a study conducted by MIT Technology Review Insights (in association with VMware), more than eight in ten government respondents (84 percent) say they hope to stay the course—maintaining or growing annual IT spending levels. A full 69 percent report their 2020 IT budgets will be the same, while another 15 percent anticipate increases because of the pandemic.

Still, there’s a lag, and it doesn’t come from failing to harness new technologies. Instead, it comes from putting too much emphasis on new technologies and not understanding the requisite organizational culture competency that accompanies transformation.

In short: There is too much stress on implementing the latest tools without the equal consideration of the accompanying organizational process changes that will also have to occur.

Turn Off the Waterfall

Utilizing modern technologies to achieve better mission outcomes requires organizational change. The traditional IT development model employed by federal agencies is outmoded for the pace of modern software development.

Federal acquisition practices are typically marked by system development processes that employ deterministic program requirements and plans, and serialized process rigor, compliance and decision-making layers.

These procedures are intended to limit risk, and they may have been adequate for the older, monolithic paradigm. The modern IT and cybersecurity environment is, however, imbued with perpetual ambiguity and change. In effect, the deterministic waterfall model can add risk rather than mitigate it because it doesn’t move at the speed of the malefactor.

Leaders often support digital transformation, but in both the public and private sectors, they often seem to assume changes will occur at the lower echelons—and end there. I experienced transformation at the governmental level firsthand. Our Air Force program office had previously spent $430 million in ten years attempting to modernize a legacy system. The result? Not a single line of code.

After that program was scrapped, I became deputy commander of Kessel Run, a software startup inside the Air Force. Kessel Run is a mission-driven hybrid acquisition/operational unit that continuously delivers software to over 7,000 users on classified networks worldwide. It operates a multi-region cloud-based infrastructure and application platform environment and enables over 1,000 software developers and distributed operational resilience for over 75 modern mission applications.

Kessel Run has achieved 80+ percent operational efficiency gains and saved over $500M and 100K+ human hours while earning a software deployment frequency of 4.5 hours and active availability on par with commercial “as a service” providers.

Kessel Run didn’t achieve those gains by following old deterministic procedures and expecting new results. Instead: Change was embraced as being part of the organization itself.

Seek Guidance for Cultural Change

Achieving the productivity of Kessel Run won’t come with off-the-shelf technology purchases and then flipping a switch. It demands a culture shift. VMware can help federal agencies achieve the cultural transformation that allows agencies to leverage the new technologies that meet multifactor requirements of cybersecurity, employees, and citizens.

VMware Tanzu Labs environments can unify cross-functional teams with an enablement model that delivers the organizational, cultural, management practices, and technical competencies of government organizations and integrator counterparts to build and scale high-performing IT and software teams.

Our learn-by-doing enablement model cannot be matched with training or consultative approaches. It is not concerned with buying technology widgets and expecting legacy workforces to achieve true agility with them.

We instead help organizations manage their cultural transformation to enact real change.

Contend with the Hybrid IT Reality

Agency IT leaders don’t focus entirely on the modern applications in their stacks because most of their day-to-day missions are still completed by legacy systems. This hybrid IT model will likely dominate for quite some time, perhaps even a decade after initiating a transition.

Agency IT pros must contend with the complexities of parallel infrastructure stacks, hybrid and/or multi-cloud architectures, disparate IT operations models, and untenable cyberattack surface proliferation. There will additionally be external pressure to reduce the cost and complexity by leveraging the public cloud.

VMware simplifies operational complexity through seamless abstraction, orchestration, parallel operations of legacy, cloud-native, and containerized applications in a highly automated and tailorable application development and operations platform.

Seek Out a Single Pane of Glass

According to the MIT Technology Review study, an average of 10 percent of government applications was hosted in the public cloud before COVID-19. This number is expected to increase to 19 percent over the next 18 months. But cloud adoption has introduced new challenges, especially regarding compliance. Most government decision-makers (68 percent) cite maintaining governance and compliance regulations as a #1 app challenge.

VMware enables end-to-end hybrid cloud management from a single pane of glass. It provides fine-grained control and portability across public clouds, regional ops/data centers, and the tactical edge/end-user device environments.

Maintain Zero Trust

The MIT Technology Review study found that as federal, national, state and local organizations adjust to new risk realities, about half of the study’s respondents (51 percent) indicated they are allocating a “significant” share (defined as more than 25 percent) of their IT budgets to security and threat management. Almost half of the government respondents (47 percent) indicated they would emphasize defending against cyberattacks.

VMware builds security into the tech stack from bare metal up and into its applications. This makes it simpler to understand contextually what is going on from a security environment perspective across the hybrid cloud landscape.

We can help protect critical assets with end-to-end, zero trust-enabling security capabilities. These assets are integral to a cloud-based architecture and are proven to reduce complexity in enterprise security operations.

Remember the Journey is a Long One

According to the MIT Technology Review Insights study, global organizations saw a 148 percent spike in ransomware attacks early in the pandemic. Distributed workforces widen potential attack surfaces, and everyone must move to strengthen their security postures with zero-trust, least-privilege policies and controls across on-premises, cloud, and endpoint devices.

VMware delivers a best-in-class end-user digital workspace experience that ensures both workforce and user security and productivity. Users can work remotely, but the system is secure.

The journey to digital transformation is a long one. It requires a culture change and new technology that must reside alongside the legacy tech still in use. Digital transformation is necessary, but it’s best to seek guidance from services such as VMware’s Tanzu Labs.

To learn more on how federal government IT can securely drive digital transformation—and exceed mission and business outcomes—log into the VMware webinar, Bring Velocity to your Agency IT Modernization.

Jens Koegler

Jens Koegler is VMware's Healthcare Industry Director in EMEA. He is helping our healthcare customers develop and run modern applications to drive innovation and ensure better patient care through a digital foundation that includes data center, hybrid cloud, mobile, networking and security technologies. VMware plays a strategic role in the healthcare industry. Its leading innovations in enterprise software help ensure consistent patient care and reduce IT access time for healthcare professionals so they can spend more time with their patients. Jens plays a key role in helping customers understand how new applications, devices, the latest IT technologies and digital transformation are driving innovation in healthcare.