Starting in the 1980s, the federal government began to convert its vast secretarial pool from IBM electric typewriters to desktop computers. It took years. Simple desk monitors connected to clumsy mainframe systems eventually gave way to networked personal computers. Regular hardware and software advances turned the conversion into a continuing sequence of upgrades into the early 2000s.
Looking back three decades, it’s easy to see how quickly technology changes everything, and how slow government often has been to adapt. Even today, in a post-PC world where smart phones rule the day, cultural resistance to change and innovation remains alive and well.
The productivity gains and the cost savings of abandoning typewriters were not fully evident or accepted at the time, and the cultural changes necessary to end a century of mechanical machine use were profound. The older the workers, the more senior the managers, the greater the reluctance to embrace new technology. That cultural resistance in government has slowed down adoption of every advance from typewriters to mainframes, from mainframes to PCs, from PCs to laptops, and from laptops to smart phones and notebooks.
Fast forward a quarter century and once again the federal government and much of the professional world is moving very slowly or hardly moving at all from in-house legacy IT operations to the cloud and its efficiencies, cost savings, and security.
When the shift to the cloud does occur – and it will occur as surely as typewriters eventually were abandoned for computing systems – the implications for cloud service providers will be game changing. Tens of billions of dollars in federal dollars will shift to the cloud that are now being spent to keep legacy systems alive that are neither efficient nor secure.
San Antonio is poised to play an important role in ushering in the transition to the cloud and the building of the security that must accompany that shift.
That inevitability of the cloud was abundantly evident in the testimony of several industry experts who appeared Tuesday before the U.S. House Committee on Oversight and Government Reform’s Information Technology Subcommittee, chaired by U.S. Rep. Will Hurd (R-San Antonio) accompanied by the subcommittee’s ranking Democrat, U.S. Rep. Robin Kelly (D-Illinois).
The field briefing titled “The State of the Cloud” was held at the H-E-B University Center on the UTSA main campus and drew an audience of cyber industry and other tech leaders, active duty military, academics from UTSA’s College of Engineering and Open Cloud Institute, and media.
“It’s an honor to hold this hearing right here in my hometown,” Hurd said at the outset. “I am especially grateful to Pres. Romo and the University of Texas at San Antonio for hosting us to discuss such a critical topic, and one that this university is intimately engaged on. It’s especially important for (Congressional) members to travel across the country and talk face to face with local leaders to get a firsthand glimpse at what is working across the country in places like San Antonio.”
Hurd convened the field briefing at UTSA to underscore the importance of the cloud’s rapid development and the critical importance of cloud security as the federal government, private sector companies of all sizes, and just about everyone else contemplates a move from in-house data storage and management to cloud service providers such as Rackspace and Amazon, both of which sent senior company executives to testify.
Hurd also chose his hometown to showcase the largest concentration of military and civilian cybersecurity operations outside of Washington D.C.
The federal government declared its commitment to migrating agency data to the cloud five years ago, but relatively little has been done. Cloud service providers estimate that 75% of all private sector companies also still manage data in-house. A reluctance to embrace change, difficulty understanding the rapid development of new technologies, and the presence of older decision-makers slow to develop digital literacy are cited as reasons for slow progress.
“I often note that the federal government spends nearly 80% of over $80 billion dollars on legacy systems, $80 billion, that’s a big number, and 80% of that is on legacy systems that we think are old and outdated,” Hurd said in his opening remarks. “Legacy systems are often expensive to maintain and are vulnerable to cyber attacks.”
Hurd made it clear Tuesday that he is seeking to accelerate change as both a national security imperative and a practical cost savings measure. Bipartisan support for that change, Hurd said, is key. Kelly seemed to agree.
“In 2011 the Obama administration published a federal cloud computing strategy that provided information to help agencies modify their IT portfolios, to take full advantage and realize the benefits of cloud computing,” Kelly said. “We are all aware of the importance of information security in light of the recent data breaches in both the private and public sector. Therefore, it is essential that agencies have the ability to assess the security of new technologies.”
The subcommittee then asked each witness to deliver opening statements. Readers interested in the full written testimonies of the five key witnesses can click on the individual links below. Click here to view the NOWCastSA video of the hearing.
Dr. Mauli Agrawal, Vice President of Research, University of Texas at San Antonio
Agrawal, the first to testify, underscored UTSA’s growing reputation as a cybersecurity and cloud research university.
“In 2014, UTSA was named #1 in the country for cybersecurity education and outreach by the Ponemon Institute in a survey sponsored by Hewlett-Packard,” Agrawal said. “UTSA is also a National Center of Academic Excellence in Information Assurance and Cyber Defense, as designated by the National Security Agency and the Department of Homeland Security.”
He then spoke about UTSA’s drive toward Tier One status as a research university.
“UTSA is committed to becoming a nationally recognized research university to benefit our local and regional communities while also having global relevance and impact. To achieve the vision of becoming a Tier I research institution, UTSA is capitalizing on its research strengths in strategic cluster areas,” Agrawal said. “One of the most important and exciting clusters is cloud, cyber, computing, and analytics (C3&A). The link between these four areas cannot be overstated as they are intricately intertwined.
“While some may see cloud computing simply as a tool for storing, managing, and sharing data, cloud computing environments are increasingly used to host business and research applications and to enable the execution of advanced computation for analytics to understand big data and drive decisions,” Agrawal said. “Underpinning the success of all of these areas is the security of data. This is why UTSA has decided to invest significantly in the C3&A cluster and provide leadership for the nation.”
Agrawal discussed the establishment of the Open Cloud Institute at UTSA and the university’s major cloud research projects in collaboration with Rackspace, Intel, AMD and others.
“This past February, UTSA announced the creation of the Open Cloud Institute (OCI), an initiative to develop certificate programs and spur research in cloud computing and to foster collaboration with industry,” Agrawal said. “The OCI was founded with over $9 million n donations from industry leaders such as Rackspace, AMD, and Intel. The OCI Cloud test bed consists of 500+ multi-core heterogeneous OpenCompute servers – the largest OpenCompute based cloud in academia, with 2-3 petabytes of total disk space.
“To further illustrate the need for technical talent, Rackspace and Intel Corporation recently announced the opening of the OpenStack Innovation Center in San Antonio,” Agrawal noted. “This collaborative center of excellence will scale the number of programmers working on OpenStack. UTSA is collaborating with Rackspace and Intel to build a talent pipeline for the new center.”
Turning to cybersecurity threats, Agrawal said UTSA is ideally suited to establish the first nationwide research institute dedicated to bringing together government and the military, industry and academia.
“This could be in the form of a University Affiliated Research Center (UARC) created at UTSA,” Agrawal suggested.
Mr. Mark Kneidinger, director, Federal Network Resilience Division, Office of Cybersecurity & Communications, Department of Homeland Security
Kneidinger cited multiple “primary drivers” for the federal government to adopt cloud computing: mission alignment, agility, reduced costs, security, economies of scale, and limited resources. And yet, most federal agencies have been slow to comply with the federal mandate, excepting intelligence agencies, which have seen the cloud as a tool.
Those policy imperatives are formalized in Cloud First and Shared First policies. A key challenge for agency managers, Kneidinger said, is “the paradigm shift” of transferring responsibility for data management and protection to private sector cloud service providers. Whereas federal agencies have traditionally relied on civilian subcontractors to perform outsourced work, the shift now is to treat companies like Rackspace and Amazon as partners with specific expertise the companies themselves direct and manage rather than operating as subcontractors carrying out tasked mandates.
For many in government, that’s a hugely uncomfortable shift compounded by leadership’s lack of technical understanding of exactly how their private sector partners get the job done.
“It’s a cultural shift, sometimes you have to force change,” Hurd said after the hearing. “There is no reason, for example, to suggest that security concerns are a reason to delay our move to the cloud. Intelligence agencies have made the move because they are more nimble. They are looking to use whatever tools they can find that help solve problems or protect lives.”
Mr. John Engates, Chief Technology Officer, Rackspace
Engates, a native San Antonian and UTSA graduate, said Rackspace, which serves more than 300,000 business customers and two-thirds of the Fortune 100, “wants to help federal officials improve the performance of their IT operations. I was honored, for example, to be invited to the White House to advise it on ways to fix the broken website that was preventing Americans from signing up for health insurance under the Affordable Care Act. And I’m especially honored to talk with you today about ‘The State of the Cloud.’ You’ve chosen an excellent venue here at UTSA, which we at Rackspace are proud to have helped to become a national leader in cloud computing and cybersecurity, through our sponsorship of the Open Cloud Institute. The timing of your hearing is excellent, given the rising cost of federal IT, and the growing number of performance and security issues with its old-school systems. Cloud providers like Rackspace can, I believe, help the federal government achieve greater cost-efficiency, better constituent service, and better security.”
Engates then did something almost no tech executive ever does: He explained his subject in simple terms of a general audience:
“Let me start by briefly defining what I mean by cloud computing. I think of it simply as the use of computing and storage as a service, via the Internet. You don’t have to buy any hardware or software. You just access computing power via the Internet, and pay for what you use, in much the same way you consume electricity.”
Engates compared that shift to the cloud from in-house data management to “the late 1800s, when businesses and governments first started using electricity, most of them built and operated their own power plants. As the electric grid developed, with great economies of scale, new companies went immediately to the grid. Older companies and agencies with their own legacy power plants gradually followed, and focused on their core business, rather than on generating electricity.
“Cloud computing today is like the early electric grid,” Engates continued. “Almost every new company today starts on the cloud, rather than by purchasing its own servers. Established companies are rapidly moving out of their own data centers and onto the cloud. The industry analysts at IDC report that spending on cloud computing hit $64 billion last year, and will double by 2018. But the U.S. government is still figuratively running its own power plants, instead of just buying electricity. As a result, it’s falling behind in three main ways.”
Those three areas are cost efficiency, performance and constituent service, and security.
Engates later said the future of the cloud is evident simply by looking at where graduating programmers are headed.
“The federal government won’t be able to recruit the best and brightest unless they move to the cloud,” Engates said. “College graduates are developing on the cloud and they certainly don’t want to come out of school and go to work on some stodgy legacy stuff. They see no future in that work. How is our government going to meet Chinese hackers head on without the very best talent?
“That’s why at Rackspace we are developing new teams with the necessary expertise to deliver that cloud security,” h said.
Mr. Mark Ryland, Director, Solutions Architecture and Chief Architect, Amazon Web Services
“Amazon.com opened for business on the World Wide Web in July 1995 in Seattle and 20 years later offers Earth’s Biggest Selection,” Ryland said, turning heads with his planetary perspective. “Amazon seeks to be Earth’s most customer-centric company.”
Ryland said Amazon Web Services launched in 2006 to offer what has grown to be one million-plus customers, including 1,700 government agencies and 4,500 education institutions, “access to in-the-cloud infrastructure services based on Amazon’s own back-end technology platform.
“Previously, organizations only had an option of either making massive capital investments to build their own infrastructure or of entering into long-term contracts with a vendor for a fixed amount of data center capacity that they might or might not use,” Ryland said. “This choice meant either paying for wasted capacity or worrying about shortages, i.e., that the capacity they forecasted was insufficient to keep pace with their growth. Businesses and government agencies spent a lot of time and money managing their own data centers and co-location facilities, which meant time not spent on their core organizational missions of providing products and services for their customers and citizens.”
Ryland talked about the value of “utility computing” or “public cloud computing” as “defined by the National Institute of Standards and Technology (NIST) in its seminal cloud definition document that was published in October 2011.”
Ryland echoed Hurd’s opening statement lamenting the vast government agency spending keeping legacy IT systems operating rather than directing the resources to migration to the cloud.
“As this Subcommittee stated in the Hearing Announcement for this field briefing today, the U.S. federal government spends more than $80 billion annually for IT purposes, with over 70 percent of that estimated to be spent on legacy systems,” Ryland said. “That’s a lot of money – over one half trillion in the last decade – that has been spent on technologies and services that are geared toward maintaining or preserving legacy systems rather than spent on new applications to tackle pressing challenges in areas such as public health and education. In today’s federal budget environment, it is no longer acceptable to spend the vast bulk of federal IT dollars on maintaining legacy systems, and we applaud the efforts by the House Oversight and Government Reform Committee and this Subcommittee to highlight this as a major issue that needs to be resolved.”
Mr. Alan Boissy, Product Line Manager, VMware vCloud Government Service
VMware might not be as well-known as other Silicon Valley tech giants, but here is the company’s dominant customer profile: VMware is the fourth largest software company in the world with 2014 revenues of more than $6 billion and more than 18,000 employees. VMware has more than 500,000 customers and 75,000 partners, including 100 percent of the Fortune 100. VMware serves all sectors of the U.S. Federal Government, the Civilian agencies, the Department of Defense, and the Intelligence Community as well as state and local governments.
“As the Committee has noted in their request for this important hearing, the federal government is currently under several mandates that dictate the movement to the cloud,” Boissy said, noting that 90% of all federal agencies now operating on the cloud in some form do so with VMware software. “The growing adoption of cloud is driven by the need to respond faster and with more agility in an effort to increase bottom-line efficiency. Although just 30% of data center workloads are cloud-based today, IT managers expect that number to rise to more than 50% within two years.”
Boissy reviewed five reasons why federal government’s embrace of the cloud has not occurred with greater rapidity: meeting security requirements; agencies that lack the necessary expertise; incompatible infrastructure; IT cultural barriers to change; and ensuring data portability.
It was the cultural barriers that caught the subcommittee’s attention.
“Due to long standing processes, frameworks and tools, many IT staff are culturally resistant to change due to unfamiliarity with many cloud provider platforms,” Boissy said. “IT staff may be culturally resistant to change as they look at cloud as an unnecessary disruption to best practices that are currently successful in supporting short-term strategies. Cloud migrations represent a disruptive shift in platform and technology, requiring agency workforce to learn new skill sets, new operational models and new design expertise.”
Hurd’s hearing at UTSA in San Antonio served as a sort of exclamation point to the growing momentum of the long-overlooked cybersecurity sector of the city’s tech economy. The potential for growth seems unlimited, and unlike the price of a barrel of oil, the demand for secure and reliable services seems far less subject to market cycles. The question now will be how effective San Antonio leverages its military and civilian assets to attract talent and grow the business.
*Top image: Illinois Congresswoman Robin Kelly and Texas Congressman Will Hurd chat before a tour of the Rackspace Headquarters. Photo by Scott Ball.