Local and national government departments are becoming increasingly dependent on technology in delivering their services via the channels of citizens’ choosing, while ensuring these services are secure.
However, with government budgets and resources becoming ever tighter, public sector bodies should move away from more traditional formulaic, silo-based, methods of IT purchasing, and should instead consider taking a more strategic approach to digitising and securing their IT procurement processes.
Collaborative approaches to IT purchasing, in which resources are more widely shared between different departments, may not have a huge impact on the day to day running of an authority’s IT operation, but they will provide government service users with a more seamless overall experience and will ultimately drive down costs.
Launched in 2011 as a shared, standardised platform, for example, the Government Digital Service was designed to replace the costly individual IT services deployed by individual government departments, while Government as a Platform was launched in 2015 with the aim of bringing an end to the siloed approach to IT services generally favoured by local government.
The introduction of Government as a Platform was met with a large degree of resistance, however, resulting in a level of adoption so poor that a former Cabinet Office minister declared the initiative ‘dead’ just two years after it was launched.
Unfortunately, formulaic approaches to IT purchasing have become a legacy so firmly ingrained within local government that moving away from them can represent something of a challenge, even for those organisations that see the transformative value of taking a more collaborative approach. Considering the cost savings and overall service benefits such an approach can offer, however, local authorities should be encouraged to adopt it rather than abandon it in favour of simply continuing down the road well-trodden.
A beacon of best practices
Almost 60% of Scottish councils were targeted with cyberattacks since 2014, with Shetland, Dundee City and City of Edinburgh all suffering data breaches or losses as a result of cybersecurity incidents.
To support the adoption of effective defences against the evolving threat landscape, the Scottish Government worked with the National Cyber Resilience Leaders’ Board to develop the Cyber Resilience Learning and Skills Action Plan. Designed to promote greater cyber resilience in Scotland’s digital public services, the report recommends that the country’s public sector bodies take a more dynamic approach to purchasing cyber security solutions and services, and provides a list of cyber resilient specialist suppliers, which they are able to access to help bolster their cyber security efforts.
While the guidance it offers is clearly helpful, however, and can only improve the security stance of local government, the report misses a significant opportunity by neglecting to highlight the potential for Scotland to serve as a beacon of best practice in the UK when it comes to taking a collaborative approach to security IT procurement.
Consider, for example, the fact that Scotland has just 32 local councils, in comparison to the 353 in England. With fewer stakeholders to answer to, and with less red tape to contend with, there is greater potential for shared services and collaboration between local government offices.
Here then is the perfect opportunity for Scotland to demonstrate to the rest of the UK the benefits that taking such an approach can offer to the government’s overall cybersecurity, as well as to the tax payer’s wallet. Scotland’s digital office could engage each of these 32 councils and persuade them how “one common infrastructure” could offer them the cost and efficiency savings so sorely needed in the current economic climate, thereby quickly and effectively building a convincing case for a collaborative approach to the procurement of cybersecurity technology.
When it comes to changing their IT procurement processes, most local authorities remain somewhat resistant, largely out of a desire to remain autonomous. Some, however, are now beginning to consider taking a more centralised, common, collaborative approach. By persuading its local councils to reconsider their IT procurement, Scotland’s digital office could become a flagship across the UK, changing hearts and minds and, in turn, changing the way local government purchases its technology.
Paul Heath is regional director, UK&I public sector, at McAfee
