How can governments balance security and innovation in the cloud?

By ServiceNow

Mitch Young, President, APJ, ServiceNow, discusses how governments can get the best of both worlds.

Back in November 2014, daredevil Nik Wallenda walked a tightrope between three of Chicago’s skyscrapers without any safety harness or net. He carried out one attempt blindfolded, and the other at a 19 degree incline.

Such acts always bring a sense of thrill and danger - one wrong move, and things would go awry. Governments are facing a similar balancing act now between security and innovation as they move to the cloud.

“Too much focus on one can either lead to higher security risks, or adversely affect innovation,” says Mitch Young, APJ President at ServiceNow. He discusses how governments can get the best of both worlds.

Transform legacy systems

When Covid-19 hit, the UK Department for Environment, Food & Rural Affairs needed to ensure six of its citizen-facing applications were still up and running. It worked with ServiceNow to  connect different cloud-based reporting systems, departments and processes together to ensure services are still delivered smoothly during the pandemic.

Governments should look at connecting workflows between different departments, Young says. IT, risk and security teams often work in silos, and not necessarily on the same systems.

Technologies that connect disparate processes will allow teams across different departments to share information and collaborate easily to provide responsive, agile services.

For organisations looking to migrate systems to the cloud, moving away from legacy systems can be a “daunting task”, says Young. Limited budgets and resources are some obstacles standing in the way of a smooth and speedy transition.

Many governments are investing in cloud services that help to integrate data across legacy systems and services, he adds. This would allow for greater flexibility and new systems to be set up quickly.

Prioritise and automate threat response

To confidently transition to a cloud environment, governments need to deliver the same level of control, security and governance found in their on-premise and private cloud networks, Young says.

Governments must prioritise and automate their security threat response to double down on their security efforts without compromising on innovation, he adds.

AI can help security teams proactively identify and respond to vulnerabilities; while machine learning can determine if any department has responded to a similar situation before and execute the same response quickly.

ServiceNow’s Now Platform helps organisations automate tasks such as prioritising threats and providing better context on the threat, Young says. Once a security incident is resolved, it generates an automatic review to help teams better assess their security health.

Australian financial services company AMP reduced its security incident response times by 60 per cent with the help of ServiceNow. It automated manual processes and helped the company determine the most pressing threats to respond to.

The best of both worlds

Is it possible for governments to strike a balance between security and innovation? With ServiceNow’s platform hosted on Microsoft Azure cloud, Young believes it’s possible.

Governments and players in highly regulated industries “will be able to use ServiceNow to power their digital transformation efforts, while tapping into Microsoft’s deep expertise in data protection, security and privacy”.

The Now Platform on Microsoft Azure also allows agencies to meet data residency requirements, he explains. They can keep at-rest data secure inside the country, and have the flexibility to use the cloud to scale and innovate quickly.

Governments don’t have to make a compromise between security and innovation in the cloud. With the right tools, organisations can indeed get the best of both worlds.