Governments are like cars – the faster agencies go, the more risks facing their operations. And like customers avoid poor automobiles, constituents will shun agencies providing a subpar customer experience (CX). To create a quality CX, today’s agencies must balance security with launching products and services.
Agencies looking to innovate while avoiding security accidents should consider DevSecOps. DevSecOps is a business methodology fusing software development, operations and security. Using DevSecOps, agencies at every level can rapidly serve the public without security dangers rising.
On Wednesday, during GovLoop’s latest online training, two government leaders talked about collaboration’s role in DevSecOps. The pair featured:
- Cindy Good, Management and Program Analyst at the Office of Financial Information and Transformation (FIT) in the Treasury Department’s (USDT) Bureau of the Fiscal Service.
- Kevin Bocek, Vice President, Ecosystem and Threat Intelligence at Venafi, Inc., a cybersecurity software provider.
Wednesday’s speakers explained how DevSecOps can fuel CX, mission and security wins for agencies:
1. Seek common goals
Software developers and security personnel may have few similarities, so organizational goals can get everyone on the same page during modernization projects like adopting cloud computing.
“Alignment is very important,” Good said. “What is the shared vision and goal we have? We can all understand not just the ‘how,’ but the ‘why.’”
Aligning modernization projects with agencies’ missions ensures every team’s contributions go toward the same targets.
2. Build buy-in
Buy-in is perhaps the biggest force behind modernization. Without investment from agencies’ people and processes, even the most useful technologies cannot take root.
“When you don’t understand or don’t know about a technology, you tend to have the most resistance or not wanting to move forward,” Good said. “Change management is a big thing. In most instances, people want to feel like they’re part of something.”
Good cited blockchain as one tool that currently lacks the commitment to meet its potential. Blockchain is a distributed, secure digital ledger that could revolutionize financial transactions. Despite this, blockchain has not yet made a big splash in the public sector as many employees do not understand it.
3. Improve workers and workflows
Like it or not, technology cannot solve every government problem. To make modernizations stick, agencies need to focus on how their people and processes fit into DevSecOps.
“It doesn’t have to be code – it can be management and techniques,” Bocek said of modernization best practices. “As security professionals, we have to step it up on communications. You can tell a story if you make it understandable.”
The heart of DevSecOps
Collaboration anchors both DevSecOps and modernizations. Without harmony between their people, processes and technologies, agencies will not deliver strong CX to constituents.
“I see more cross-functional teams coming where we break down the silos and have open teams and open data,” Good said. “The more advanced a technology or software is, the more integrated an organization needs to be.”
This online training was brought to you by:
Leave a Reply
You must be logged in to post a comment.