Despite challenges from budget cycles, regulations and outdated procurement processes, state and local government agencies urgently need cyber solutions that improve operations and cut costs, a recent report says.
As state and local agencies rush to improve cybersecurity operations and reduce costs through technology and management upgrades, they have opportunities to work with partners that can support changes with services and software, according to a new report.
Five factors are driving agencies’ push for progress, according to the “2022 ISG Provider Lens Cybersecurity—Solutions and Services” report, customized by Atos. One is cost and constituent pressures. “The public sector has reached a tipping point where a critical mass of citizens, suppliers and other constituencies increasingly expect digital experience and engagement with elected officials and governmental institutions. Cybersecurity, a critical enabler and element of this digital demand, has struggled to keep pace.”
Another is that many IT systems and solutions are reaching the end of their useful life, paving the way for agencies to replace them with modern, cloud-based options.
Third is the stabilization of remote or digital operational environments. Now that the shift to hybrid or remote work is evening out after the COVID-fueled rush to digitize, agencies can “better conceive and develop suitable strategies and solutions. As the workforce and workplace become clearer, public agencies are looking to engage with providers for effective implementation and management of cybersecurity services and tools.”
Fourth, agencies want to be able to use data better—and to protect it. “As older systems were continually patched and as more users were connected from more locations in different ways, risk and inefficiencies grew, further pushing the need for newer, more capable, more secure and less operationally expensive options.”
Lastly, agencies are looking to technology to attract workers and to offset a shortage of skilled labor after the public sector saw a sharp increase in job vacancies in 2021.
This environment is ripe for software vendors and service providers, especially those that have “dedicated resources, robust partnerships and solutions tailored to sector requirements,” the report states. That’s because despite the urgency to improve, both sides face challenges such as budget cycles, regulatory processes and outdated procurement processes.
“Even those providers with robust presence in U.S. federal government sector are often challenged to compete at the state and municipal levels,” the report states. “They lack needed market intelligence, contracting experience and support resources, which tend to differ significantly from the federal government.”
The report looks at five quadrants on cyber software solutions and services. The first is identity and access management, largely in the form of multifactor authentication and single sign-on, but which is expanding in need and use.
The second is data leakage and loss prevention and data security, which are influenced by the growth in cloud use and privacy regulations. The most effective solutions, the report states, enable classifying data by content and context, classifying risk by context and location, monitoring data behavior, and developing controls, training, adapting and communicating.
Third is technical security services, which the report defines as “integration, maintenance and support for IT security products or solutions.” It predicts demand for these services to grow rapidly along with the expectation of solution and platform adoption.
The fourth quadrant is strategic security services, which the report calls “the most important cybersecurity-related services over the long term.” It recommends companies “demonstrate in-depth technical expertise, backed by dedicated internal cybersecurity resources and an extensive network of technology partners.”
The fifth is managed security services, or the outsourcing of IT security management—an uncommon public-sector practice that the report states is changing out of “economic necessity.” The result will be agencies that need help with transforming IT security management and providers that must be able to offer services that can scale along with agencies’ needs.
ISG expects four main conditions to influence the state and local cybersecurity market in 2023. Two are the leapfrogging from legacy to next-generation technology and an increase in integrative platforms. Third is a slow but steady move toward outsourcing business processes, “a sensitive concept, especially for those in municipal governments,” the report notes.
The final area is about change management more than technology. “Regulations and accepted practices with perpetuate core organizational, cultural and functional silos, which, in turn, will reduce operational and functional point costs while increasing long-term costs, inhibit data standardization and sharing and system interoperability, and feed long-term and growing needs for systems integration, security and master data management.
As a result, the market in 2024 will likely see a surge in demand for systems, services, and data integration and management in addition to strategic consulting and training, the report states.
Stephanie Kanowitz is a freelance writer based in northern Virginia.