SolarWinds CTO, Joel Dolisy, told Nextgov about his predictions for what the federal IT space will look like in the coming year.
From DevOps to cloud computing, the speed at which the technology sphere is currently evolving is only going to increase in the coming year. It is important for agencies to accept this and welcome it into their daily work.
That's according to Joel Dolisy, chief information officer and chief technology officer for technology company SolarWinds. Dolisy's advice for federal agencies navigating the IT space in 2016? Embrace the change.
At the same time, Dolisy cautions agencies against jumping in to every new technological advancement simply because it's new. New technology is not analogous to better technology, he said.
“It really needs to have the right amount of appeal and the right amount of value,” Dolisy said. “And sometimes there’s nothing wrong with just staying with old technology because it works.”
Nextgov spoke with Dolisy recently to get his predictions for next year’s federal government IT trends.
This interview has been edited for length and clarity.
NG: Tell me about your main predictions for federal IT in the coming year.
JD: I think the main themes for next year’s IT space is going to be DevOps, cloud, security and the Internet of Things.
I think there’s going to be more and more security. Whether it's an advanced persistent threat or regular cybersecurity issues, you see a lot of those popping up every day now, and so you'll see more in-depth security tools and implementation than we've ever seen. I think the stakes are way higher, and the barrier of entry to some extent for exploiting malware and whatnot has never been lower.
When it comes to the Internet of Things, it’s not just securing your network, but it's also making sure that you have all those sensors sending data. Whether it's FitBit or whatnot, you need to make sure the right devices are talking to your infrastructure. So, it's security of all the things. It's this merging of IoT and security and it needs to happen. Hopefully, we'll start seeing more of that.
I think that the other thing you see a lot is around containers, which is another type of virtualization. I think that’s the next wave of virtualization. That also has an impact on the cloud. It's another way of packaging applications. It makes a more efficient use of the infrastructure that you're using. I think that you see a much bigger adoption of those and you see companies like cloud providers, such Amazon and Google, are providing support for some of those container technology.
NG: Do you predict there will be more advancements next year than in years past?
JD: I think so. I was just reading some articles recently about HealthCare.gov and how it was run. I think that this has a lot of appeal because they can show a lot of success compared to how this was run before. And they see a lot of this success using cloud, DevOps and containers. A lot of those concepts have been piloted before on a large scale project like that. I think you've got a lot of different agencies who are looking at those and basically taking advantage of the lessons learned there and that there’s another way of doing things. I think the adoption within the federal space of a lot of those trends will actually accelerate over time.
NG: In terms of security threat predictions, do you see breaches getting more sophisticated next year?
JD: Yes, I think that’s what we can expect. I think it's getting more and more complex. With the variety of the systems that you are dealing with and the amount of progress and digitalization of what’s going on, there are always cracks that are being left behind and so there are people who are dedicated to exploiting those and they have plenty of time on their hands to do that.
I think it's going to continue on the trajectory that it’s on right now. And it's going to range from the single guy who's looking to make some extra bucks by trying to leverage some vulnerability in the system, to the guys who is looking to extract a lot more than a few extra bucks from a vulnerability.
I think we are going to see a lot more large scale attacks, but those large scale attacks, to some extent, are the tip of the iceberg. There’s a lot of one’s silently happening that nobody knows about and I think that’s going to continue for sure.
NG: What are some of the specific ways you predict agencies will fight against these breaches?
JD: You can't just count on the perimeter of your agency to be secure; you have to go in depth into the organization of your agency and really understand what can be a potential vulnerability source and figure out how to mitigate those. I think that’s going to be the primary goal.
Technology has definitely made huge progress over the last few years, but technology by itself is not enough. You really need to have a great understanding of what are the ways that people can get in and out of your system. That goes from just educating your people about what I would call social engineering, where people hackers or cyber thefts are sending phishing scams to try to get in. It only matters if one person clicks the link into the email. So, people need to be able to recognize those. And then you need to have the tools in case one of those was actually clicked on.
NG: Do you see the federal government increasing its collaboration with the private sector?
JD: Yes, I think so. Going back to HealthCare.gov, you saw there was a lot of people and things coming from the private sector to help. I think they started using a lot of components on the shelf and off the shelf applications to help them. I think that movement will continue because I think that there’s a realization that there’s a lot out there already. There’s more that can be gained by collaborating with the private sector. I believe there will be more interaction and collaboration with the private sector.
NG: Can you tell me about how you predict convergence to come into play next year in federal agencies?
JD: The Department of Defense, for instance, you've got some agency or department within the Department of Defense that is in charge of providing IT infrastructure for the rest of its departments. I think that’s where you see convergence at that level. Instead of every single department having to do things on their own, they can start leveraging things that have been done into one department.
NG: Do you think the federal government is prepared to handle proliferating cyberthreats?
JD: I think it's a mixed bag. Are we better prepared? Yes. But I think we will have surprises just like if you look on the private sector side, you've got JPMorgan and Home Depot -- both have been hacked. I think some of these situations will most likely happen also in the public sector.
I think what we need to do is not throw our hands in the air and say, "Oh my gosh, what we've done so far doesn't work." We have to go back and identify what are the other gaps that we have there and basically keep digging into that and get better. That’s what it's going to take. Don't lose focus of what the end goal is, but accept that there will be bumps in the road.
NG: Based on your predictions, what is one piece of advice you give the federal government?
JD: I think that the overall one is just embrace the change. I think we have a great opportunity right now of having a lot of technology innovation. The maturation of those technologies is going faster and faster.
But still stay true of what the original mission is for all of those agencies and make sure that you’re not necessarily jumping on the bandwagon of the latest technology just for the sake of it. It really needs to have the right amount of appeal and the right amount of value. Sometimes, there’s nothing wrong with just staying with old technology because it works.
NEXT STORY: Exploiting tactical cyber intelligence