If a government agency’s purpose is to help the government move towards a more modern approach to service delivery, focused on citizens and innovation centered on using the latest and best technology there is—how important is it to have its own cybersecurity team in-house?
The Digital Transformation Agency of Australia drives the digital information of government information and services, making them simple, clear and fast. One of its projects is to develop a Trusted Digital Identity Framework that is anticipated to work with the federal government’s Govpass digital identification proposition. The process of digital identification requires citizen data and photos to be securely kept by the government in a centralized cloud-based platform.
Unfortunately, the cybersecurity functions of DTA has been removed due to a machinery of government change. This lead to the agency having to go outside its walls when verifying or cross-checking even the most basic cyber-related concerns. Needless to say, this move affects their operations.
The main point is efficiency. Since a lot of the work that the DTA does with agencies regarding transforming the way their services are delivered, cross-functional teams are needed to be efficient. People who understand how to do discovery work, people who know how to present content, and people who understand how to do service design are needed. It only makes sense to have those people, who also understand the security aspects of their job, in one team within the agency. To have these cross-functional teams in a single place and working on things together creates better results.