Having worked directly with local governments for over 15 years, I have concluded that it’s time for public managers to take a deeper dive into their technology systems and people as it relates to current threats and ever-growing deficiencies.
Indeed, the above headline is as much an attention-grabbing device as it is a call to action.
Recent ransomware attacks have brought to light many deficiencies in digital hygiene that have exposed system deficiencies regarding system recovery let alone preventing the attack in the first place. Certainly there are cities and counties that are performing extremely well in meeting the growing challenges of security, modernization, innovation, and lending edge applications, however far too many are living with serious deficiencies; both known and unknown.
Given the growing complexities of planning and maintaining technology as well as having the right staff, many local governments might be much better off outsourcing some or all of their IT operations.
Public managers can no longer accept the rationale from their direct reports that “I am doing the best job I can.” In way too many cases this is simply not enough and today’s demands for technology leadership goes far beyond dedication, duty, and countless hours trying to keep things going. It must include competencies as well. We must delve deeper and actively assess what vulnerabilities lie within our systems, as well as looking more closely at staff competencies and expertise. To be clear, it is not my intention to cast any shadow of a doubt regarding their hard work and dedication. Today’s technology comes with a greater price and this will be paid one way or another -- be it investments or damages.
Just as important, one cannot ignore the fact that outsourcing to any degree does not absolve the jurisdiction’s responsibility regarding issues of compliance and security. Someone will still need to manage any contract in terms of performance and outcomes.
What follows then are 10 factors that require further exploration and action.
1 Retirement of senior staff. We are witnessing the largest retirement boom in recent history, leaving many jurisdictions short of talented staff, institutional knowledge and areas of needed expertise. This alone is presents a challenge to fill positions requiring a great deal of expertise - however when coupled with the rest of the list it becomes dire.
2 Staff turnover. This is certainly related to the above but at the same time different. Younger staff are generally not staying at one place for a lengthy period of time as did their predecessors. While this provides opportunities that can benefit the organization – new people bring new perspectives and skills – a tremendous amount of knowledge and experience is (also) walking out the door.
3 Reduced incentives. Governments were traditionally known for their generous health and retirement benefits. But ever since the Great Recession in the 2000s, benefit packages have shrunken in all categories. Add to this the fact that government service has been cast in negative terms – mostly by politicians who have other agendas in mind - makes it even more difficult to recruit qualified staff. This is especially true with technology professionals. This of course leads to increased turnover and poor morale within the organization.
4 Inability to pay higher salaries. The private sector has traditionally recognized the need to pay competitive salaries based on supply and demand. Government, on the other hand, has been stuck in time and in most instances adheres to rather inflexible pay scales that are more focused on treating everyone similarly as opposed to addressing the reality of market forces. Highly-trained technology staff can command much higher salaries in the private sector thus making it quite difficult to recruit and maintain a stable tech workforce.
5 Lack of training and resources. All too often technology staff find it difficult to attend conferences and seminars. While in some cases tech staff feel they are too busy and don’t have the time – more often than not they are told there is no or little money for training and travel to meetings. When one realizes the many millions of dollars in hardware, software and program budgets that staff are asked to maintain and manage, it is almost negligent not to insist that staff stay abreast of the latest trends and developments by participating in professional/technical programming and events - beyond the use of online resources and tools.
Added to the list is the lack of certified CIOs were the need has never been greater. Any recognized professional certification program requires the obligation of recertification as there are always changes going on impacting all levels of hardware and software systems. If local government are unwilling or unable to invest in the required competencies then they should seriously consider outsourcing. I am always disheartened to learn how few staff are certified in network and cybersecurity.
6 Career development indifference. Local governments by tradition and civic service regulations are often rooted in principals dating back a hundred years. It is not unusual for technology staff to be classified with non-transferable classifications such as “technician” 1, 2, etc. The issue here is not how staff are classified internally – it is having public titles that more closely reflect one’s real responsibilities. According to numerous interviews with seasoned public technology managers, this is important and the solution need not cost a penny! Studies show that titles do matter to staff and contribute to staff self-esteem and perceived value. When you add it all up, lack of career development opportunities and recognition, non-competitive salaries and declining benefits, and lack of training and development opportunities, the enterprise is left with a less than motivated and enthusiastic employee in a critical area of need.
7 Lack of realistic strategic planning. Approximately one third of local government CIOs still report through a finance official and far fewer are routinely invited to sit at the head table when key plans, policies or decisions are being made. Most public managers view the IT shop as a support function only, which is problematic in many ways. If the local government technology manager is not involved in every step of program development and planning, how can they be expected to support any program or service without adequate information? For technology to be fully optimized the IT operations and infrastructure must be continuously reviewed and with senior staff tasked with seeking ways to align technology with that of the business needs of the all departments and agencies.
8 Aging infrastructure. Too many local governments are beginning to realize that deferred equipment upgrades turn out to be costlier in the long run. The notion that “if it isn’t broke why fix it?” is no longer valid. In fact, that statement was never a reflection of effective reasoning – even if it sounded good and was what people wanted to hear.
Aging equipment has become a huge problem and it goes beyond the technology staff.
Many public managers worry about how legacy equipment will impact their ability to hire new staff that are most certainly going to be turned off to equipment they are completely unfamiliar with. Finally, aging infrastructure is always a step closer to failure. Finding parts and expertise to attempt repairs could also be a great challenge in terms of time and money. Today more than ever when a vendor declares a software or hardware system as no longer supported, one needs to understand the implications as well as the consequences.
9 Cybersecurity challenges. Even with local government, there are state and federally mandated compliance regulations. However, compliance alone cannot solve the ever-growing threats governments face – and failure to comply due to ignorance only amplifies the risk. While some jurisdictions have recognized the need to designate a senior staff member in charge of cyber security, most do not. Reasons most often sited are that it would be too expensive, or “we are too small” to have to worry about cyber beyond what we are currently doing. Meanwhile malware and ransomware threats continue to grow. The expense to recover is far greater exponentially then the price to adequately staff, train, and invest in the latest threat protection systems that have come to market.
10 Failures in scope and scale. Perhaps the most pressing and overriding issue facing local governments when it comes to technology is scope, scale and staff competencies. Technology can be expensive to operate and maintain and one must question whether it makes sense for every government entity to own its own systems and equipment? Moving forward, can this be a sustainable approach? If cities and counties are unable to adequately maintain their systems, attract and keep talent, what is the risk to the public?As one searches for alternatives one will find there are many. This could take the form of outsourcing the network, major applications, email systems, and more. Other alternatives include shared services among neighboring jurisdictions, or simply seeking managed cloud solutions.
Small local governments may benefit the most from outsourcing their IT as they are more likely found to be lacking in-house expertise/resources. But one can also argue that some mid to larger jurisdictions may also benefit outsourcing if they too find they do not have the staff leadership and are facing aging equipment replacement.
Of course, the theory is that a larger entity that certifies people and equipment -- be it from the private sector or a larger government entity -- can maintain and deliver better results because of more efficient use of people and systems. Larger entities hold the promise of better maintaining smaller systems more efficiently and attract strong tech talent. Economies of scale can be maximized because they have the economic incentive to invest in and maintain the best systems where the cost can be spread among a growing pool of local government of customers.
As local governments continue to “do the very best they can” -- it is no longer enough. In the end, IT performance is critical to every aspect of government operations and service delivery. The outsourcing of IT is one such option that must be considered.
Public Technology Institute (PTI) a U.S. based nonprofit organization actively supports local government executives and elected officials to more effectively navigate technology leading edge policies and practices through research, education, professional development, executive-level consulting services, and national recognition programs. In 2019, PTI became part of the Computing Technology Industry Association (CompTIA) – the world’s largest independent technology certification body.
