“We need to think about transformation as a journey, not a destination”
Stephen Twynam has spent years helping public sector organisations meet their biggest tech objectives and improve their employees’ digital experience. The technology strategist from Citrix sits down with PublicTechnology to discuss the challenges that are unique to government and the ‘technical debt’ that it has built up over the years
Can you tell us about your role at Citrix?
I sit within our public sector team, which works with some of the UK's largest government departments on their digital transformation. My role is to understand the organisational challenges so that government can unlock their employees’ full potential through digital technology. We want to empower people to do their very best work.
How do you think UK Government compares to other verticals and industries? Do they have their own unique challenges?
There are lots of similarities that government has with large enterprises going through digital transformation. At Citrix we have over 400,000 customers and 100 million people using our technology, so we get a lot of insights. Some of the larger departments - such as DWP, HMRC, MOJ - have challenges around size and scale. They have many employees and a wide range of technology that's grown over time. There’s also mergers, acquisitions and divestitures… and the challenges that come with bringing two large, disparate organisations together, for instance the ongoing FCDO merger. Government shares challenges with global banks and utility companies around security and compliance, including how to keep very sensitive citizen data safe yet allow AI and machine learning to gain new insights.
Where government and other industries differ is in building business cases for their digital transformations, especially when they are not a profit-making organisation. If you're a large enterprise that can put a business case together, you may go and ask for additional investment, but government’s not in the business of making money and it can be a lot harder to justify that investment. Government is looking at cutting costs and saving money. In digital investments that won't see a return for a few years, it can be quite challenging.
With the desire and necessity to modernise, how do you bridge the gap between yesterday’s investments and tomorrow’s requirements?
We need to stop thinking about transformation as a destination and think about it more as a journey. IT is constantly changing and there’s always a new destination to be reached. Cloud, for example, is a very big driver in government. Yet it’s not really Cloud as a destination that government is after, it’s about getting the value that cloud brings.
A ‘journey not destination’ approach means you can be more agile, it means you can make small, impactful changes and then iterate on that. Which in turn means a faster time to value and even a better acceptance of change - important for providing a better employee experience.
What do you see as some of the challenges?
I think the five-year budget cycles are a challenge, because departments are expected to have all their asks upfront. They need to determine a goal for the next five years which leads them to thinking about the destination again. They then set down a path for those five years that becomes very hard to change. Perhaps you need direction changes. Unseen events happen; technology changes. It's really hard for departments to alter their course.
One way to think about it is like leasing a car. You lease a car for five years, and at the start you've got something that's new, with the latest technology. But at the end of those five years when you’re about to hand the car back, you've got old kit that doesn’t work for you anymore and the cycle starts again.
Do you think this explains why government has such a big challenge with regards to legacy technology?
I'd like to challenge the term “legacy.” It's commonly used, but it has negative connotations. Legacy technology is often thought of as old, obsolete, and not fit for purpose. Many organisations and enterprises, including government, are trying to solve that legacy problem without really understanding what they're looking to fix.
You’ve got to think about the why: why is an application still used? Is it doing a process or a function that is still required? We see that a lot with our government customers today. They’re very process driven, they have different applications with specific purposes and these are still required. The question is, do you really need to re-engineer that at great cost to the taxpayer?
There are also security concerns. Systems designed a long time ago don't have modern security methods and integration with newer systems being brought in. Government on the whole focuses their end-user compute strategy around a device-centric approach- “how do we get this app working on that device?” - and when the number of apps stretches into the hundreds, the cost of re-engineering can be immense. It comes down to risk. Can you de-risk legacy technology enough to keep it for longer?
Whether we call it legacy or not, government has a big challenge regarding their technical debt built up over the years. With more of a spotlight on this now and the need to cut costs, increase productivity and “do more with less”, how can government start addressing this challenge in a manageable way?
Why not write a business case to actually maintain legacy, but bring it up to date in a more modern way? Legacy transformation costs a lot of money. But if it's going to be more cost effective, an approach that should be considered is to keep the application but modernise parts of it. If you have the right technology and the right approach, you can de-risk your legacy investments.
Then, you can invest time and effort into stuff that does really need to be re-engineered and redesigned and make better use of taxpayer money. Don’t forget: there are other cost factors, including staff training and lost productivity if you don’t provide a better user experience.
Can you give some examples of how you make legacy apps more modern, bringing them up to date and making them fit for purpose?
What if you could make provisioning of an application easier? If you could decouple the app from the endpoint, you allow rapid change and rollback through centralised management with minimal interruption to your employees. Host that app in the cloud and now you have your own SaaS delivery model. That's going to bring benefits.
What if you could provide additional security functionality such as single sign-on and multi-factor authentication? You can even go as far as biometrics to give a frictionless, consumer-like experience. Plus, when you when you go down this route, you can start gathering more data. You can apply analytics, gain insights and have a real data-driven approach to contextualize access to your applications and data. Now you’re bringing the value of modern architecture without needing expensive rewrites and re-engineering efforts.
Yes, but is this the right approach?
I think the right approach is one that's going to be the most cost effective, the most time efficient, and gives you the outcome you want: a better employee experience. The approaches that I've mentioned here are outcomes-based approaches that will allow you to focus your time and effort in the right place for that best outcome.
With this approach of modernising legacy, is there any opportunity to drive innovation?
Yes, absolutely. We've talked about de-risking legacy so that you can continue to run it in a cost-effective way. There are a lot of tasks and applications in government that are very process driven. What would it mean to an organisation if they could free up a person doing these kinds of repetitive tasks with Robotic Processing Automation? When that task still requires a person to carry it out, why not streamline it with intelligent workflows that don’t get in the way? This allows your staff to focus on the important things and can give better outcomes to the citizens they serve.
Any closing comments?
We’ve talked a lot about the technical challenges and how we can try to solve those. But we need to be thinking about this in the context of our people. There are big gains to be made around boosting employee productivity and output by making sure technology is not getting in the way. You can remove repetitive tasks and streamline the arduous. Ultimately, this will give your people time back.
It will give time back to Environment Officers doing key work around flood defences and making sure there is enough water to go around, to tax collectors and fraud investigators generating revenue for the government, to benefits administrators helping citizens back into work rather than processing data, to prisons staff helping to rehabilitate prisoners.
That’s the ultimate end-goal.
2020 was a cyber security wake up call for many organisations. Attempting to provide secure remote access and device flexibility quickly exposed the flaws in legacy systems and processes. As we...
Mariana Pereira, director of Email Security Products at Darktrace, looks at four new tactics by hackers and how security teams can react to defend against these developments
One Trust breaks down the modular approach of the new SCCs
In 2020 public sector organisations have been tested to a degree never experienced before. According to CrowdStrike, increasing cybersecurity attacks are an additional complication they must...