PublicTechnology talks to Whitehall’s recently appointed chief technology officer David Knott about tackling legacy IT, exploring generative AI, diversiyfing the cloud landscape – and his return to government after 35 years
For government’s recently appointed chief technology officer David Knott, his new job is something of a homecoming.
Over the course of a career that started in 1986, Knott has worked for a number of the world’s biggest financial services providers, consultancies, and tech firms. But it all began an office in his home town of Southend where, after completing his A-levels, he got a job writing code for mainframe computers operated by what was then known as HM Customs and Excise.
Returning after 35 years, Knott tells PublicTechnology that he was pleased to find the sleek east London headquarters of the Central Digital and Data Office are a significant upgrade on his previous civil service digs – in which much of the furniture appeared to be twice as old as him.
But, even after such a long time away, some things about working in government have not changed.
“The thing that is recognisable is the very strong sense of values: people do civil service jobs because they want to make a contribution, and they have a strong sense of the purpose and mission of what they’re doing,” he says. “I saw that when I was doing my job years and years ago – when I was a very small part of a cog in the Customs and Excise wheel, helping produce the tariffs that went out to ports. Decades later – in a very different role, at a different level – I still see people whose reason to be here is to is to align to those values, and deliver their particular mission or purpose. That’s the same.”
“We will be looking at all the usual questions about something as early in its maturity cycle as generative AI; what does it mean for us? How do we use it responsibly and effectively? Where are there going to use cases and benefits?”
Knott’s second posting in the civil service is a government-wide role at the head of a team of 40 people that sits within CDDO, the Cabinet Office unit created in 2021 – as a sister agency of the Government Digital Service – to take on leadership of the digital, data and technology function, as well as set cross-government strategy and standards and overseeing their implementation.
The role of the CTO’s team is to work from the centre to foster a collective approach to some of government’s biggest technological challenges and priorities – including tackling legacy IT, implementing secure-by-design approaches, and getting the most out of emerging tech, such as artificial intelligence.
As well as leading his team, Knott will also chair the Chief Technology Officer Council, which convenes IT leaders from various departments – and reflects the kind of cooperative approach he wants to pursue more broadly.
“The key thing here is that we’re not going to try and do anything in isolation,” he says. “Everything we do is in collaboration with my counterparts in departments and other organisations, where we’ll strive to collaborate on figuring out what the right answer is, and then figure out how to adopt that across government.”
A lasting legacy
CDDO last year created a framework for assessing the risks of legacy IT systems in use across government and the guidelines have since been used to identify 153 key assets that are priorities for remedial work. Departments will be supported in tackling these ageing systems and reducing cyber vulnerabilities by a cross-government funding package of £2.6bn announced in the three-year spending review of 2021.
Addressing the going prevalence of legacy tech is perhaps the most striking challenge facing the new government CTO. But it is not an unfamiliar one for someone whose career to date has been largely comprised of roles at major corporations.
“The number-one thing I’ll say is the problem is not unique,” Knott (pictured right) says. “Most enterprises who’ve been operating technology for more than a decade or two have legacy – today’s release is tomorrow’s legacy. I don’t think the legacy challenge within government is any more daunting than what I’ve seen in the private sector.”
He adds: “There are multiple approaches to fixing legacy; one is the sticking-plaster approach, where you just bring things up to [date] and remediate immediate risk – which can be absolutely essential, but doesn’t actually tend to change very much in terms of the quality of service being delivered to end users. A more transformational approach can combine both improvements in the quality of service and remediating risk from underlying infrastructure. I’ve been a big advocate for some time of the public cloud, and I think one of the attractions is it helps people address legacy infrastructure challenges.”
Knott’s comments are made a few days before the CDDO issued a revamped version of government’s long-standing Cloud First Policy.
The updated guidance represents the biggest overhaul of the guidelines in their 10-year existence, including the introduction of nine core “cloud principles”. The central tenets of the policy have also been strengthened, with departments now instructed that they must “default to public cloud first, using other solutions only where this is not possible”, and that those “who do not deploy in public cloud should ensure they can evidence the decision, business case and value for money behind their choice”.
Additional encouragement to consider a variety of potential suppliers is also included, with public bodies advised that they “should always challenge themselves on the selection of a specific vendor… and government wants to be users of a range of vendors”.
With the Whitehall cloud landscape having seemingly become increasingly dominated by Amazon Web Services in recent years, PublicTechnology asks Knott whether greater diversity of suppliers could benefit government.
“My personal perspective – and I’m still figuring this out… but, in the finance sector, having a thoughtful multi-cloud strategy was pretty much standard across the industry,” he says. “Partly for reasons of competition, but also reasons of resilience as well.”
Knott adds that he and his team would give consideration to the question of “what’s the right multi-cloud strategy for government”.
This will include examination through “two lenses” – addressing both “what’s the right diversity of supply and deployment for a department… [and] what’s the right ecosystem across government”.
With plenty of infrastructure yet to make the move to cloud, the government CTO indicates that there should be plenty of opportunity for a variety of players to work with departments.
“There’s plenty for everybody in the stuff that’s not claimed yet,” he says. “And I think there’s room for all the all the industry players to make have come to some kind of meaningful role.”
1986
Year that Knott began his career as a computer programmer in the-then HM Customs and Excise
40
Number of people in the government CTO’s team
2013
Year of introduction of Cloud First guidance – which now instructs departments to use public cloud unless it is ‘not possible’
153
Number of legacy assets across government identified by CDDO as priorities for remediation
10
Number of Secure by Design principles departments are encouraged to adopt
Complementing this work to update computing infrastructure, the CTO’s team also has a key role in the transformation of front-end citizen services by supporting the use of secure-by-design approaches, in which cyber resilience is embedding throughout the development process.
The CDDO recently published a set of 10 principles that embody such approaches, including maxims such as “design flexible architectures”, “minimise the attack surface”, and “build and embed continuous assurance”.
The implementation of secure-by-design is currently in its early stages and will focus initially on new services, Knott says, but may be brought to bear on existing tools as this work matures.
“We are working with different departments to pilot the approach, and there will be a feedback loop of improving and iterating as we go forward. And, as that feedback loop progresses, one thing we will look at is: how do we retrospectively apply this? My instinct is that.. if a department is making major changes to an existing system, then that’s a good candidate for applying these standards. I think the thing we haven’t addressed yet is how it could be fitted retrospectively to applications that might not have any major change coming.”
In fulfilling his horizon-scanning remit for emerging technologies, it is perhaps unsurprising that Knott says his primary focus in the near-term is likely to be on generative AI – a category which includes the likes of large language models Google Bard and the ChatGPT platform from OpenAI.
“A lot of the things we have published are good guidance for how civil servants should deploy and use technology, but bringing that together as a coherent product set is one thing I’d like to achieve”
The government CTO says that it is too early to speculate on potential specific use cases, but that initial explorations may consider “work that is being done in sense-making of a body of language… [as] a broad area of applicability”.
“We will be looking at all the usual questions about something as early in its maturity cycle as generative AI,” he adds. “What does it mean for us? How do we use it responsibly and effectively? Where are there going to be actual practical use cases and benefits? Who do we partner with? What capabilities and skills do we need?”
Productive work
Asked what he would like to achieve during his first year in the job, Knott says that he wants to foster an iterative approach of “product-style thinking” for the guidance, standards and policies issued by CDDO to departments.
“Which means having all the things you’d associate with a product lifecycle, [such as] a really strong connection with the people who consume them; and a really strong feedback loop, and I would love those products to be valued and respected,” he says. “Right now, I think a lot of the things we have published are good guidance for how civil servants should deploy and use technology. But bringing that together as a coherent product set is one thing I’d like to achieve over the next 12 months, alongside configuring the team so that we are doing everything that goes with being that kind of very internal customer-oriented, and citizen-oriented product organisation.”
Knott adds: “I would also like that team to be seen as a place where people would like to be – whether they come from industry or come from other parts of government, and also a place where spending time in the team will be an accelerator to their career and give them experiences they couldn’t get elsewhere.”
The government tech chief’s experiences may have led him back to where to where he started almost 40 years ago. But he concludes our conversation with an assertion that his energy and motivation remains undimmed.
“One of the things I want to bring to this role is enthusiasm and curiosity about technology,” he says. “There are a lot of people out there who rely on technology that, as technologists, we have a duty to explain – and we have not necessarily done a great job in explaining it to date. And part of our job should be making this stuff – firstly approachable and accessible. And then, if we can do that, maybe we can generate some of that excitement and curiosity that we as technologists feel.”
