workflow resilience

Feds look to secure common workflows

As the saying goes in cybersecurity, it’s not a question of whether a network will be hacked, but when. For many agencies, that means the right approach to security is resiliency -- the ability to be able to rapidly respond to and recover from a hack, intrusion or attack. 

One way to increase resiliency is to focus more on shared networks and shared applications, U.S. CIO Tony Scott said.   

Agencies have many common functions and workflow processes, and there’s “no reason every agency has to run its own email system,” he told GCN after a Feb. 11 New America Foundation event on cybersecurity.

A better model would be one based on generalized workflows.  “Think about a world where you had some more generalized workflow engines -- cloud based -- that do the heavy lifting of the things that most agencies do. Then you can build on top of that generalized engine the very specific agency things that you need to do,” he explained.  “That’s the model that we’re going to try to move to,” Scott said,  adding that his office is currently trying to identify what the most common workflows might be and then find the pilot agencies to conduct the first tests.   

Systems built on common processes would also enable the retirement, replacement and modernization of legacy IT, as called for by the White House’s new Cybersecurity National Action Plan. Legacy systems suffer from a multitude of shortcomings, Scott said. They can be expensive to operate, they’re hard to secure and the talent to continue to operate them is not available.

Scott said one of the big challenges is determining exactly what should be used to replace legacy systems  -- noting that the right answer almost never is simply rewriting the old Cobol in a more modern language.

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected