{"id":56179,"date":"2020-05-27T06:00:00","date_gmt":"2020-05-26T20:00:00","guid":{"rendered":"https:\/\/www.aspistrategist.ru\/?p=56179"},"modified":"2020-05-26T19:17:26","modified_gmt":"2020-05-26T09:17:26","slug":"cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/","title":{"rendered":"Cloud computing transformation must be led by ministers and agency heads"},"content":{"rendered":"
<\/figure>\n

National security agencies can be surprisingly risk-averse organisations and have been historically slow to adopt new technologies outside times of crisis.<\/p>\n

Within these agencies, chief information and technology officers may be less effective champions of change, partly because they can be stuck making incremental adjustments within budgetary constraints and focused on the day-to-day demands of keeping existing systems running.<\/p>\n

When it comes to cloud computing, this creates a problem. The cloud offers new technological capabilities, although its adoption by the national security community has so far been protracted and fragmented. Ministers and agency heads need to drive the transition to the cloud as a matter of sheer capability advantage for Australia.<\/p>\n

Our new ASPI special report, National security agencies and the cloud: An urgent capability issue for Australia<\/em><\/a>, <\/em>released today, argues for rapid, large-scale investment in secure cloud infrastructure for Australia\u2019s national security community, with the intelligence agencies an early focus. The report seeks to shift perceptions of new technology as capabilities, rather than as business enablers, and calls on agency executives to drive the required change.<\/p>\n

In 2014, Australia announced the \u2018cloud first\u2019 policy, which evolved into the secure cloud strategy<\/a>. These were positive first steps, but the policies haven\u2019t sufficiently managed the take-up of and spending on cloud services and infrastructure in the public sector.<\/p>\n

Under existing policy, agencies are expected to develop their own cloud strategies and risk assessments. This siloed approach is unlikely to maximise the government\u2019s purchasing power or encourage agency cooperation in an area in which a critical mass of investment is likely to be necessary.<\/p>\n

The policy also suggests public clouds as the preferred deployment model, but many global cloud providers are based offshore and public clouds involve organisations\u2019 data and cloud applications being managed for them on providers\u2019 systems alongside those of myriad other customers with which they have no working relationships.<\/p>\n

So, when determining what type of cloud system to adopt, decision-makers have to seriously consider issues of data sovereignty, trust, risk and supply-chain resilience with providers. As an example, government research<\/a> shows that 93% of Australians are concerned about organisations sending their personal information overseas. Reliance on undersea cables connecting to offshore servers may also leave core government services and systems vulnerable to sabotage and disruption unless the risks are assessed and mitigated.<\/p>\n

In the world of intelligence and national security, public cloud solutions seem less viable. Agencies should consider a range of alternatives such as hybrid cloud, community cloud or private cloud to maintain the level of control over data and functionality they need. But choices that maximise capability outcomes don\u2019t include a set of separate \u2018agency clouds\u2019 without interoperability as a defining design principle to maximise the power of the datasets that the Australian national security community holds.<\/p>\n

Regardless of which provider agencies choose, the paradigm shift in computing has occurred. Many businesses and organisations know that the powerful processing, big-data analytics and versatile resource configurations that cloud systems provide are simply essential to their success. They have already shifted from traditional on-premises computing to on-demand cloud services or to private cloud systems that give them more control. The industry is also designing new applications and software that take advantage of the technical power of cloud infrastructure.<\/p>\n

If change doesn\u2019t occur rapidly and comprehensively within Australian national security agencies, they will fall behind and be stuck with platforms that vendors only support as legacy activities (think Windows 7). Meanwhile, allies and adversaries will continue to take advantage of the new technology to scale up their operations and analysis and get the capability advantages from cloud systems.<\/p>\n

US national security agencies already have at least five years\u2019 lead time over their Australian partner agencies. Decisions in the US now are not about whether to adopt cloud infrastructure and functionality, but how best to orchestrate and manage what has become a reasonably crowded and chaotic multi-cloud environment.<\/p>\n

A major investment in secure national cloud capabilities must be made by at least the intelligence organisations, with big defence and other less agile agencies following suit. Our report identifies four obstacles that agencies will need to overcome.<\/p>\n

First, they haven\u2019t planned or budgeted for a move like this. Treasurer Josh Frydenberg said he has already kicked in to raise the defence budget and is hesitant to increase government spending further.<\/p>\n

Second, agencies usually function independently. Cloud infrastructure, however, will be most effective as a joint initiative, at least between the intelligence agencies and defence organisations. This will require massive organisational and cultural shifts to greater collaboration and interdependence. In addition, by leveraging the purchasing power across the national security community, Australia can get the best bang for its buck and share the responsibility for security.<\/p>\n

Third, there\u2019s a lack of knowledge and skills in cloud computing in Australia\u2014part of a broader shortage of skills in science, technology, engineering and maths. To be able to operate cloud infrastructure efficiently and effectively in the long term, agencies will need to be able to build and retain expertise in the area.<\/p>\n

Last, establishing trust and assessing risk will be key issues. The number of providers that could work with the Australian national security community to build a cloud foundation is relatively limited. This includes global providers, as well as credible Australian cloud providers that have designed their approaches with security and sovereignty in mind.<\/p>\n

To succeed, organisational and cultural changes to overcome these obstacles need to be driven by ministers and agency heads. Chief information and technology officers and security staff have important and useful internal roles to keep systems and services running and identify new risks. Security, however, is merely one important factor in the decision-making process. The capability benefits of cloud infrastructure and services that we all understand when looking at the world\u2019s tech giants must weigh heavily in the decision-making.<\/p>\n

This shift requires looking beyond current technical security standards and rules to achieve the capability benefit that cloud computing can bring to Australia\u2019s national security.<\/p>\n

Not acting wouldn\u2019t avoid risk; it would simply mean that the information advantage that comes from the most capable systems and analytical tools wouldn\u2019t be available to Australian national security agencies\u2014and that\u2019s not the future we need.<\/p>\n","protected":false},"excerpt":{"rendered":"

National security agencies can be surprisingly risk-averse organisations and have been historically slow to adopt new technologies outside times of crisis. Within these agencies, chief information and technology officers may be less effective champions of …<\/p>\n","protected":false},"author":310,"featured_media":56181,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1],"tags":[17,483,301,332],"class_list":["post-56179","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-australia","tag-cloud-computing","tag-national-security-2","tag-technology"],"acf":[],"yoast_head":"\nCloud computing transformation must be led by ministers and agency heads | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cloud computing transformation must be led by ministers and agency heads | The Strategist\" \/>\n<meta property=\"og:description\" content=\"National security agencies can be surprisingly risk-averse organisations and have been historically slow to adopt new technologies outside times of crisis. Within these agencies, chief information and technology officers may be less effective champions of ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-26T20:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-26T09:17:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/05\/Cloud-computing-report-cover.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"663\" \/>\n\t<meta property=\"og:image:height\" content=\"443\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"John Coyne\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"John Coyne\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI's analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/05\/Cloud-computing-report-cover.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/05\/Cloud-computing-report-cover.jpg\",\"width\":663,\"height\":443},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/\",\"name\":\"Cloud computing transformation must be led by ministers and agency heads | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/#primaryimage\"},\"datePublished\":\"2020-05-26T20:00:00+00:00\",\"dateModified\":\"2020-05-26T09:17:26+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/a67980596297e3db4ad0b3fde70aa778\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cloud computing transformation must be led by ministers and agency heads\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/a67980596297e3db4ad0b3fde70aa778\",\"name\":\"John Coyne\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e84af569f04d25615d1447d4fe1908a9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e84af569f04d25615d1447d4fe1908a9?s=96&d=mm&r=g\",\"caption\":\"John Coyne\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/john-coyne\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cloud computing transformation must be led by ministers and agency heads | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/","og_locale":"en_US","og_type":"article","og_title":"Cloud computing transformation must be led by ministers and agency heads | The Strategist","og_description":"National security agencies can be surprisingly risk-averse organisations and have been historically slow to adopt new technologies outside times of crisis. Within these agencies, chief information and technology officers may be less effective champions of ...","og_url":"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2020-05-26T20:00:00+00:00","article_modified_time":"2020-05-26T09:17:26+00:00","og_image":[{"width":663,"height":443,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/05\/Cloud-computing-report-cover.jpg","type":"image\/jpeg"}],"author":"John Coyne","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"John Coyne","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI's analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/05\/Cloud-computing-report-cover.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/05\/Cloud-computing-report-cover.jpg","width":663,"height":443},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/","url":"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/","name":"Cloud computing transformation must be led by ministers and agency heads | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/#primaryimage"},"datePublished":"2020-05-26T20:00:00+00:00","dateModified":"2020-05-26T09:17:26+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/a67980596297e3db4ad0b3fde70aa778"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/cloud-computing-transformation-must-be-led-by-ministers-and-agency-heads\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"Cloud computing transformation must be led by ministers and agency heads"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/a67980596297e3db4ad0b3fde70aa778","name":"John Coyne","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e84af569f04d25615d1447d4fe1908a9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e84af569f04d25615d1447d4fe1908a9?s=96&d=mm&r=g","caption":"John Coyne"},"url":"https:\/\/www.aspistrategist.ru\/author\/john-coyne\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/56179"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/310"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=56179"}],"version-history":[{"count":5,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/56179\/revisions"}],"predecessor-version":[{"id":56186,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/56179\/revisions\/56186"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/56181"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=56179"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=56179"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=56179"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}