Accelerating Public Cloud Services

Similar documents
Purpose. Executive summary

Accelerating Cloud Adoption

ICT FUNCTIONAL LEADERSHIP: PROGRESS REPORT OCTOBER 2016 TO MARCH 2017

Proactively released by the Minister of Internal Affairs

Proactively released by the Minister of Internal Affairs IN-CONFIDENCE. Office of the Minister of Internal Affairs

B.29[18a] Infrastructure as a Service: Are the benefits being achieved?

This qualification has been reviewed. The last date to meet the requirements is 31 December 2018.

Protecting information across government

NZQF Ref 1499 Version 3 Page 1 of 14. This qualification has been reviewed. The last date to meet the requirements is 31 December 2019.

Government IT Modernization and the Adoption of Hybrid Cloud

Up in the Air: The state of cloud adoption in local government in 2016

U.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

Digital government toolkit

Cloud First: Policy Not Aspiration. A techuk Paper April 2017

The Defence Nuclear Enterprise: a landscape review

EY Norwegian Cloud Maturity Survey 2018

ehealth Ministerial Conference 2013 Dublin May 2013 Irish Presidency Declaration

Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017

Architecture and Standards Development Lifecycle

Update on the Government of Canada s Information Technology Transformation Plan

Managing Jurisdictional Risks for Public Cloud Services

The Government IT Profession: Embedding IT Professionalism in Your Organisation

NATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES

Director, Major Projects and Resilience. To: Planning and Performance Committee 6 November 2014

ACE Corporate Plan. Mission. Vision

RESPONSE TO 2016 DEFENCE WHITE PAPER APRIL 2016

AUSTRALIA Building Digital Trust with Australian Healthcare Consumers

GOVERNMENT IT: FOCUSING ON 5 TECHNOLOGY PRIORITIES

THE TRUSTED NETWORK POWERING GLOBAL SUPPLY CHAINS AND THEIR COMMUNITIES APPROVED EDUCATION PROVIDER INFORMATION PACK

New Zealand Certificate in Regulatory Compliance (Core Knowledge) (Level 3)

EY Norwegian Cloud Maturity Survey Current and planned adoption of cloud services

IPv6 and the Future of the Internet Economy from a public policy perspective. Global IPv6 Summit, Beijing, China, 15 April 2009

Danish Cloud Maturity Survey 2018

CABINET PLANNING SYSTEM PROCUREMENT

Presentation Outline. Introduction Information Gathering Sample of Results Requirements Case Study Challenges Recommendations

Hybrid IT for SMBs. HPE addressing SMB and channel partner Hybrid IT demands ANALYST ANURAG AGRAWAL REPORT : HPE. October 2018

Dimension Data TaaS Delivering Telecommunication As A Service Outcomes. accelerate your ambition 1

Principles for a National Space Industry Policy

Cyber Security: Threat and Prevention

DIGITAL AGENDA FOR EUROPE

IT Risk & Compliance Federal

Public Sector Cyber Security Series

ENISA s Position on the NIS Directive

SUBJECT: PRESTO operating agreement renewal update. Committee of the Whole. Transit Department. Recommendation: Purpose: Page 1 of Report TR-01-17

NZ Certificate in Credit Management (Level 4)

Government Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security

The U.S. Manufacturing Extension Partnership - MEP

Healthcare IT Modernization and the Adoption of Hybrid Cloud

THE FUTURE IS HYBRID. Patrick Harr. Global Vice President, Cloud Strategy and Solutions Hewlett-Packard Company

Cyber Security Strategy

Commonwealth Telecommunications Organisation Proposal for IGF Open Forum 2017

Building Resilience to Disasters for Sustainable Development: Visakhapatnam Declaration and Plan of Action

Welcome John Harris, Director General

Directive on security of network and information systems (NIS): State of Play

12 Approval of a New PRESTO Agreement Between York Region and Metrolinx

Practical IPv6 for Government

2017 Aid for Trade - Partner Country Questionnaire SurveyMonkey

National Certificate in Public Sector Services (Client / Customer Services) (Level 3)

ITIL Intermediate Service Transition (ST) Certification Training - Brochure

HE/FE Collaboration Catalyst / IS Shared Services

Jerry Luftman. Executive Director & Distinguished Professor SIM VP Chapter Relations & Academic Affairs, Emeritus

Sussex Police Business Crime Strategy

Service Provider Consulting

AMERICAN CHAMBER OF COMMERCE IN THAILAND DIGITAL ECONOMY POSITION PAPER

Asset Management conference 2016

Leveraging the Cloud for Law Enforcement. Richard A. Falkenrath, PhD Principal, The Chertoff Group

Graduates of this qualification will have the minimum qualification to enter the security industry as staff security personnel.

Practical Guide to Cloud Computing Version 2. Read whitepaper at

MOVING MISSION IT SERVICES TO THE CLOUD

Promoting accountability and transparency of multistakeholder partnerships for the implementation of the 2030 Agenda

Cloud solution consultant

Professional Services for Cloud Management Solutions

Resolution adopted by the General Assembly. [without reference to a Main Committee (A/62/L.30 and Add.1)]

New Zealand Customs Service: Managing Trade Assurance capability risks

Resolution adopted by the General Assembly on 14 December [without reference to a Main Committee (A/61/L.44 and Add.1)]

A Strategy for the Implementation of IPv6 in Australian Government Agencies

Financing resilience at the subnational 22 JUNE 2014 STANDING COMMITTEE ON FINANCE FORUM, MONTEGO BAY, JAMAICA

THE CYBER SECURITY ENVIRONMENT IN LITHUANIA

This qualification is expiring. The last date to meet the requirements is 31 December 2012.

Public Sector Cyber Security Series

The State of Cloud Monitoring

VOTE INTERNAL AFFAIRS WRITTEN RESPONSES TO THE ANNUAL REVIEW SUPPLEMENTARY QUESTIONS 2016/17

Digital Strategy Driving the Digital Journey by Providing Customer Focussed Digital Services

RESOLUTION 47 (Rev. Buenos Aires, 2017)

SUSTAINABLE ELECTRIFICATION OF HEALTH FACILITIES: UGANDA

Cloud Strategies for Addressing IT Challenges

National Certificate in Public Sector Services (Induction) (Level 3)

METHODOLOGY AND CRITERIA FOR THE CYBERSECURITY REPORTS

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

Converged Cloud and Digital Transformation: A Strategy for Business Success

National Disaster Risk Management Plan Disaster Management Centre Ministry of Disaster Management

Qualification details

STRATEGIC PLAN

Cloud solution consultant

Better Operational Agility. For more flexible, resilient and secure communications. Vodafone Power to you

IN THE FRAME. Computacenter Public Sector Frameworks FRAMEWORK

An Overview of ISO/IEC family of Information Security Management System Standards

POSITION DESCRIPTION

The Transition from IPv4 to IPv6: Public Policy Overview.

Transcription:

Accelerating Public Cloud Services 2016 Survey of Public Sector Chief Information Officers April 2017 1

Contents Executive summary 3 Approach 4 Overall appetite 5 Current state 10 Strategies 12 Current and planned use 14 Agency expectations 16 Survey respondents 20 2

Executive summary The Government Chief Information Officer s (GCIO) October 2016 cloud survey found that agencies clearly recognise the opportunity presented by public cloud services. Agencies indicated that they would like the GCIO to continue to assist them to navigate the risks that arise from adoption so that they become confident in using these services to transform their operating models. Adoption patterns Agencies have a high appetite to use public cloud service and consider them fundamental to transforming their operating models. However, most agencies currently have a tactical approach to using these services, with just over onethird of respondents having a cloud plan. The key drivers for using public cloud services are: mobility, collaboration, and agility. Within agencies, adoption has typically occurred in back-office functions like IT, recruitment, communications, and human resources. Customer-facing services and other back-office functions are at earlier stages of adoption. Perceived barriers Agencies indicated that the need for different approaches to IT security for public cloud services is the most significant barrier to adoption. Other significant barriers indicated by agencies are: insufficient skills and expertise, uncertainty around the extent and nature of risks arising from adoption, and how to fund the transition from legacy IT systems. Agencies also indicated they have a high appetite to use public cloud services for information classified as UNCLASSIFIED or IN-CONFIDENCE, with a lower appetite at SENSITIVE or above. On average, almost half (47%) of agency information is UNCLASSIFIED, while a further third (31%) is IN-CONFIDENCE. Current and planned use In the short term (within 12 months) agencies indicated a high interest in using a core set of services: productivity, collaboration, identity and access management, and compute and storage. Almost all agencies intend to use Microsoft s Office 365, Skype, Azure Active Directory, and Azure services at some time, with more than half using or intending to use them within the next 12 months. Agency demand for these Microsoft services was enabled by the July 2016 change in Cabinet policy that now allows agencies to use offshore-hosted office productivity services. In the short-medium term (within 24 months) there is high interest in using security-related services and moderate interest in project management and business intelligence services. There is also interest in application development, enterprise resource planning (ERP), and customer relationship management (CRM) services over this timeframe. What agencies need Agencies want the GCIO to continue to streamline security certification of public cloud services and to assist them as they transform their operating models (e.g. by facilitating early adopters to share lessons learned and good practices). Agencies also want the GCIO to provide good practice guidance for adopting public cloud services and to co-design the guidance with the GCIO on developing cloud plans. They would like the GCIO to help them to educate their staff and senior management on how to understand and manage the risks and opportunities of adopting these services. 3

Approach Background In July 2016 Cabinet confirmed new measures to accelerate the adoption of public cloud services across government. The GCIO is leading the implementation of these measures through a twelve-month programme of work. The programme of work is focused on public cloud services cloud computing services used by multiple organisations from different industries, including private and government sectors because cloud services have economies of scale that reduce costs and generally improve resilience and security compared with other technology delivery models. Report structure Based on the survey data, this report provides insights into agency perceptions of their: overall appetite to use cloud services (questions 1-7) current state of cloud services adoption (questions 11-12) strategies for using cloud services (questions 27-29) current and planned use of cloud services (questions 13-24) expectations of the GCIO (questions 8-10, 25-26, 30-32). Purpose of survey Public sector CIOs were surveyed by the GCIO in October 2016 to help shape the delivery priorities of the programme and to inform decision-making for cloud services. The survey responses have informed the subsequent delivery of the Programme. Survey design The survey was co-designed and tested with agencies to ensure relevance and usability. The survey was sent to 105 public sector CIOs from Public Service Departments, Non-Public Service departments, and a selection of Crown Entities, Local Authorities, and Tertiary Education Institutes. A total of 66 responses were received by the close of the survey, giving a response rate of 63%. The agencies which responded to the survey are listed at the end of this report. 4

Overall appetite Key findings Agencies recognise the importance of cloud services for changing their operating models and generally have a high appetite to use them. Mobility, collaboration, and agility are the key drivers for adoption of cloud services. A need for different approaches to IT security is the most significant barrier to adoption. Other significant barriers are: insufficient skills and expertise, uncertainty around the extent and nature of risks arising from adoption, and how to fund the transition from legacy IT systems. Almost all agency information is classified as RESTRICTED and below, which Cabinet has agreed may be stored in public cloud services. Although their appetite to use public cloud services is significantly reduced for information classified above IN CONFIDENCE, agencies indicated that, on average, 79% of information is either UNCLASSIFIED or IN-CONFIDENCE. 5

Perceived value Appetite for using public cloud services Appetite for using public cloud services to transform operating models 3% 23% Creating new delivery models 20% 53% 23% 33% Streamlining operations 17% 52% 26% 41% Very High High Moderate Very Low Enhancing customer experience 15% 47% 29% 0% 20% 40% 60% 80% 100% Percentage of respondents Critical Very important Neutral Not important Irrelevant Around two-thirds of respondents (64%) have a high or very high appetite to adopt public cloud services. Nearly three-quarters of respondents (73%) indicated that public cloud services are either critical or very important for creating new delivery models. Around two-thirds of respondents indicated that that public cloud services are either critical or very important for streamlining operations (69%) and enhancing customer experience (62%). 6

Drivers and barriers Ranking of drivers for adopting public cloud services Ranking of barriers for adopting public cloud services Increased mobility 4.1 Different approach to security 2.9 Improved collaboration Decreased deployment time 4.4 4.6 Managing cloud and legacy systems 3.2 Improved security 4.8 Perception of risk 3.4 Improved performance Pay-as-you-go pricing 5.0 5.0 Lack of transition funding or opex 3.4 Seamless updates 5.2 Lack of capability to adopt 3.8 Regular new features Opex funding 5.6 6.3 Different approach to procurement 4.3 0.0 1.0 2.0 3.0 4.0 5.0 6.0 7.0 Average ranking (low rank is more important) 0.0 1.0 2.0 3.0 4.0 5.0 Average ranking (low rank is more important) Increased mobility is the most influential characteristic driving adoption of cloud services. Collaboration and decreased deployment (agility) are also very influential. The need for different approaches for IT security is the most significant barrier to adopting cloud services. Other important barriers were: lack of information on how to adopt cloud services while replacing legacy systems (transformation), perception that cloud is too risky, and lack of transition funding. 7

Unpacking information classification Breakdown of how respondents classify information 13% 8% 1% 47% 60 50 40 30 Breakdown, by classification, of number of respondents with high or very high appetite to use public cloud services 51 43 31% UNCLASSIFIED IN-CONFIDENCE SENSITIVE RESTRICTED Above RESTRICTED 20 10 0 20 UNCLASSIFIED IN-CONFIDENCE SENSITIVE RESTRICTED Above RESTRICTED 12 2 On average, respondents indicated that almost half (47%) of their information is classified as UNCLASSIFIED and a further third (31%) is classified as IN-CONFIDENCE. On average, respondents indicate that they have very little (less than 1%) information classified above RESTRICTED. Respondents with information above RESTRICTED are primarily from the national security and justice sectors. Over two-thirds of respondents have a high or very high appetite to use public cloud services for information classified as UNCLASSIFIED or IN-CONFIDENCE. Respondents appetite to use public cloud services is significantly reduced for information classified above IN-CONFIDENCE. 8

Other barriers Agencies want the GCIO to help leverage good practices Public cloud services are not always a complete solution. every agency [has] to repeat [the same] process to adopt the same cloud service (e.g. Office 365) including security risk assessments etc. [there are] legacy core enterprise systems that are unable to be provided via the public cloud. The risks associated with cloud services remains unclear for many agencies. Perceptions of cost remains an issue for some agencies Public perception and relative political pressures driven by the risk averse culture. Often, public cloud services are more expensive than on-premise solutions, particularly where the solution is longer term. 9

Current state Key findings The agency functions that have the greatest degree of adoption of public cloud services are: IT, recruitment, communications, and human resources. Customer-facing services and other back-office functions are less mature in their adoption of cloud services. 10

Adoption profile IT and recruitment are early adopters IT 19% 20% 49% Adoption of public cloud services within respondents is uneven, with some backoffice functions having significantly greater adoption than others. Recruitment Communications 12% 31% 31% 15% 31% 32% The agency functions that have the greatest degree of adoption of public cloud services are: IT, recruitment, communications, and human resources. Public cloud services remain important for some customer-facing services. HR Customer facing Procurement 22% 11% 15% 12% 11% 21% 28% 29% 24% Finance 8% 16% 24% Strategy 5% 13% 15% Policy 5% 8% 20% 0% 20% 40% 60% 80% 100% Percentage of respondents Full or High adoption Moderate adoption Limited adoption 11

Strategies Key findings As at October 2016, just over one-third of respondents had a specific plan for adopting cloud services but nearly all indicated that they would like access to exemplars of cloud plans. Agencies would like the GCIO to provide good practice guidance for adopting cloud services as well as help to co-design their cloud plans. Although trusted mechanisms are not yet available, agencies would like the GCIO to facilitate early adopters to share their lessons learned and good practices. 12

Cloud plans Breakdown of whether agencies have a cloud plan Agency priorities for cloud planning Exemplars 92% 38% Guidance on ict.govt.nz Co-designed guidance 76% 73% 62% Interactive workshop Interactive sector workshop 41% 49% Other 5% Yes No 0% 20% 40% 60% 80% 100% The survey indicates that almost all respondents have begun adoption of public cloud services. Just over one-third of respondents (38%) consider these services to be strategic and have developed specific plans for their adoption to transform their operating models. Almost all respondents (92%) indicated that exemplars of good cloud plans would be useful. Around three-quarters of respondents would like the GCIO to assist them with design and guidance on how to adopt and use public cloud services to transform their operating model 13

Current and planned use Key findings In the short term (within 12 months) agencies indicated a high interest in using a core set of services: productivity, collaboration, identity and access management, and compute and storage. Almost all agencies intend to use Microsoft s Office 365, Skype, Azure Active Directory, and Azure services at some time, with over half using or intending to use them within the next twelve months. The demand for these Microsoft services was enabled by the July 2016 change in Cabinet policy that allowed agencies to use offshore-hosted office productivity services. 14

Top ten services by agency demand Most demand is for a core set of services Microsoft O365 32 20 8 In the short term (within 12 months) respondents indicated a high interest in using a core set of services: productivity, collaboration, identity and access management, and compute and storage. Microsoft Skype Microsoft Azure 25 36 20 14 12 8 In the short-medium term (within 24 months) there is high interest in using security-related services and moderate interest in project management and business intelligence services. There is also interest in application development, enterprise resource planning (ERP), and customer relationship management (CRM) services over this timeframe. Microsoft Azure AD Amazon Web Services DocuSign Dropbox 2 16 9 11 26 12 15 31 17 12 17 4 Over the longer term (over 24 months) there is interest in financial management (FMIS) and human resources (HRIS) services. WebEx Google Analytics 10 11 15 16 14 11 JIRA 17 10 9 0 10 20 30 40 50 60 70 Number of respondents Less than 12 months 12-24 months More than 24 months 15

Agency expectations Key findings The top priority for agencies is for the GCIO to continue to streamline security certification of public cloud services. Agencies would also like the GCIO to assist them with using cloud services to transform their operating models. For example, by facilitating early adopters to share lessons learned and good practices. They also would like the GCIO to help to educate their staff and senior management on how to understand and manage the risks and opportunities of adopting these services. Agencies would like the GCIO to provide good practice guidance for adopting cloud services and to co-design the guidance from the GCIO on developing cloud plans. 16

Accelerating Public Cloud Programme Priorities Security is a clear area of focus The top priority for respondents is for the GCIO to continue to streamline security certification of public cloud services. Streamlining security certification Transforming ICT operating models 2.6 3.2 In addition to the security certifications planned to be produced by GCIO, Other Microsoft and Amazon Web Services are most sought-after security certifications. Changing perceptions of risk 3.2 Agencies indicate that they would like the GCIO to drive strategic adoption by helping them educate their staff and senior management on the opportunities and risks associated with using public cloud services to transform their operating models. Driving strategic adoption Modernising commercial frameworks Lifting practitioner capability 3.7 4.1 4.2 0.0 1.0 2.0 3.0 4.0 5.0 Average ranking (low rank is more important) 17

What agencies want from the GCIO Agencies want guidance, re-use, and co-design Survey available electronically 93% Almost all respondents indicated that they want the GCIO to provide written guidance, exemplars, and case studies to guide agency adoption of public cloud services. Exemplars Case studies and other guidance Guidance on ict.govt.nz 76% 92% 89% Three-quarters of respondents saw value in offering an online workspace for sharing policies. Online workspace for sharing Co-designed guidance 75% 73% Nearly three-quarters of respondents would like to co-design the guidance from GCIO on developing cloud plans. Seminars Infographic Interactive public sector workshop Online discussion forum Interactive sector workshop 58% 53% 49% 46% 41% Workshop with other agencies 33% One-on-one session 22% 0% 20% 40% 60% 80% 100% Percentage of respondents 18

Other agency expectations Educating CEs on how to understand and manage the risks of adopting these services. Negotiating commercial agreements on behalf of agencies Work with CEs to build their confidence and commitment to adopt cloud services All-of-government negotiation on cloud services would be beneficial Facilitating early adopters to share good practices Certification of commonly-used public cloud services Sharing policies is where we'd get the most benefit Panel of certified providers of public cloud for commodity type services. 19

Survey respondents Accident Compensation Corporation Inland Revenue Department New Zealand Customs Service Arts Council of New Zealand Institute of Environmental Science and Research New Zealand Defence Force Auckland Council Institute of Geological and Nuclear Sciences New Zealand Fire Service Commission Bay of Plenty District Health Board Lakes District Health Board New Zealand Qualifications Authority Callaghan Innovation Research Limited Land Information New Zealand Maritime New Zealand Christchurch City Council Law Commission New Zealand Tourism Board Civil Aviation Authority Meteorological Service of New Zealand Limited New Zealand Transport Agency Counties Manukau District Health Board MidCentral District Health Board Office of the Controller and Auditor-General Crown Law Office Ministry for Culture and Heritage Parliamentary Counsel Office Department of Conservation Ministry for Primary Industries Parliamentary Service Department of Corrections Ministry for the Environment Privacy Commissioner Department of Internal Affairs Ministry for Women Radio New Zealand Limited Department of Prime Minister and Cabinet Ministry of Education Serious Fraud Office Earthquake Commission Ministry of Foreign Affairs and Trade Southern District Health Board Education Review Office Ministry of Health Statistics New Zealand Electoral Commission Ministry of Justice Taranaki District Health Board Electricity Authority Ministry of Māori Development - Te Puni Kōkiri Tertiary Education Commission Environmental Protection Authority Ministry of Social Development Transport Accident Investigation Commission Financial Markets Authority Ministry of Transport University of Waikato Health and Disability Commissioner Ministry of Business, Innovation and Employment Waikato District Health Board Healthshare NIWA Waitemata District Health Board Housing New Zealand Corporation Nelson Marlborough District Health Board Wellington City Council 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback