AUCyber logo
We’re coming through the first phase of Covid-19, in relatively good shape but on the back of bushfires, floods and droughts and a world that has ‘shut-down’, our economy is looking shaky –exacerbated by predictions of some thirty years of deficit.

While we all ‘get it’, the undertone about what we need to do to ensure we are in better shape to cope with whatever might be round the next corner is undeniable.

Personally, the response must be about strengthening Australia’s Sovereign Resilience.  Specifically, a focus on enhancing our sovereign capability to enable greater self-determination, adaptability and more relevant risk mitigation investment.

At least in theory these are great concepts.  So, how do you translate lofty objectives into the delivery of the Sovereign Resilience Australia knows it needs?

The answer aligns with the key imperatives currently facing Government; namely to do more with less and do it more quickly whilst also cultivating confidence in execution of the plan.

I think this requires a focus on three (simple but sensible) strategies.

      1. Being significantly more cost efficient through doing more with less
      2. Reducing wasteful, expensive and time-consuming redundant activities to deliver tangible value more quickly
      3. Increasing transparency to foster and sustain trust

While I’m on record for saying that technology is never THE answer, in my experience it is also a very powerful vehicle, particularly when it comes to delivery. And nothing is more powerful in today’s fast paced, mission critical world than digital native (containerised micro-services) applications based on cloud services.This importance of digital technology is identified in a recent submission to the Senate Select Committee from the Social Cyber Institute as a missing baseline component of Australia’s future resilience

More with less

First, cloud services compress massive inefficiencies from traditional approaches through:

      • Economies of scale (across both supply and demand) that improve asset utilisation;
      • DevSecOps orientated automation and orchestration; and
      • Standardisation of design and operations.

The significant efficiencies that can be achieved across the end-to-end digital native design, development, deployment and operating cycle, saves time and delivers sustainable cost reductions – the ability to literally do more with less  overall investment.

This isn’t based on fanciful consultant theories. The UK Home Office , for example, has reported a substantial 40% cost savings from their cloud-based service deployment.  

Time to Value

Second, cloud service standards and APIs reduce the options to play with silicon, which combined with cloud native application development processes eliminate the opportunity for pontification across the design, build, deploy, operate processes.

Driven by a framework of standardisation, speed to market and iteration, digital native on cloud provides orders of magnitude improvement in time to value, i.e., delivery of the service/outcome more quickly with benefits realised sooner.

By way of example, feedback from the ANU on AUCloud’s design through to deployment of a Virtual Desktop Infrastructure-as-a-Service solution deployed during the Covid crisis, compared with a traditionally managed and built solution, was that an otherwise “six months project [was delivered and operational] in six days”.

This isn’t just about reduced costs from charging services over a shorter timescale or even the reduced opportunity for peripheral pontificators to attach themselves to the project (for a fee), but the five month and 24 days of additional time that the project outcome is operational and used (and the value that creates) as well as the earlier delivery of other projects dependent on its deployment.

Transparency

Transparency is poorly understood.  The tendency to equate transparency simply with accountability, belies the importance of trust – and in the current context, community trust.

Public belief that the ‘right thing’ is being done in the right way for the right reasons will always trump the cynical instincts of media commentators.  Take the recent COVIDsafe App released by the Digital Transformation Agency and Health Department. Extraordinary efforts were made to ensure transparency to mitigate privacy concerns around the perceived invasive tracking capability of the application and deliver an effective solution against the clock.

Security and privacy by design were key aspects of the application development and the intent of transparency clear through the release of source code, the Privacy Impact Assessment and supporting privacy legislation.

With the benefit of hindsight, maybe the media outcry about hosting the data on a non-sovereign company could have been avoided and Australia’s Sovereign Resilience demonstrated, by using one of Australia’s sovereign cloud providers, including AUCloud. However, decisions that understandably placed a premium on time to value, I both understand and respect.  Afterall, the fact that the COVIDsafe application is underpinned by cloud infrastructure, based on agile development of inter-operable micro services, demonstrates precisely my point.

One of the unintended but positive consequences of the transparency is increased understanding of privacy within the mainstream media and specifically, the related implications of the US CLOUD Act. The Attorney General Department’s ‘confidence’ that US access to COVIDsafe is “inconceivable” doesn’t really deliver the “beyond inconceivable” Sovereign Resilience that an Australian owed provider, subject only to Australia jurisdiction, would deliver.

Transparency engenders trust, not only in respect of security design and privacy by law but also in areas such as procurement.  Trustworthiness could be greatly enhanced (as happens in the UK), through publication of inputs (cloud provider services and pricing), outputs (dollar spend by buyer and project with each supplier) and most importantly,  avoidance of mandating vendors technologies, which increases costs and reduces innovation –a focus for another time.

Overall, digital native solutions based on cloud services have a critical role to play in enhancing Australia’s Sovereign Resilience – at two levels.

First, they provide the tool to address the immediate imperative Government faces resulting from Covid, i.e., the need to keep delivering services within increasingly constrained budgets

Second and in the long term, they are  the modern pillars on which to architect and build the service and support capabilities that Government requires to do its job more cost efficiently and quickly, on platforms that are more resilient, responsive and adaptive and by nature, more transparent.

At an organisational level, they enable delivery of more with less, realisation of value more quickly and increase trustworthiness.  At a national level, I believe this ultimately translates to greater Sovereign Resilience, self-determination and enhanced adaptability for addressing future crisis.

AUCloud: Keeping the data of Australians in Australia