Written evidence submitted by Splunk


May 2023


  1. About Splunk and why we are submitting evidence


Splunk is an advanced operational data platform with use cases in cybersecurity, IT Operations and Observability. Splunk technology is designed to investigate, monitor, analyse and act on data at any scale, from any source and over any time period. Splunk allows customers to ask any questions of their data, from the optimisation of processes to the early detection of cyber threats.


Splunk is used across the Public Sector in many countries. This gives Splunk a unique position to compare governments’ approaches to data governance, cybersecurity and digital operational resilience and to analyse future trends. We have recently published our Public Sector Predictions for 2023. Last year we also commissioned a report examining how European governments harness data to provide public services and address societal problems. The UK report is available here.


  1. The current landscape, drivers for change and the government’s new approach


The Government faces several challenges and drivers for change. Government departments face increasing demand for services, and it is increasingly difficult to find the skills and resources necessary to deliver the required digital transformation. The UK Government is of a size and complexity that makes digital transformation challenging, especially in an era of cost savings.


Splunk believes the CDDO is taking the right approach, and its introduction is a welcome development, but CDDO is constrained by limited resources, meaning activities necessarily need to be prioritised, and the missions will take some time to deliver.


We believe the current challenges for the Government are:


The UK Government has a laudable objective to make better decisions with data, improve security and address the legacy estate. Whilst resources are reducing, the UK Government is data-rich and much of this data is highly valuable. This data is, however, trapped in silos, paper-locked, ignored or it remains inaccessible in legacy systems.


Arguably, if the Government could utilise all its data, then it would be able to deliver better, more secure and resilient services in an era of increased demand and reduced resources. Today we miss productivity and efficiency gains by not taking an all-data approach.


        Digital skills are scarce: Splunk’s Economic Impact of Data Innovation Industry report recently found that most sectors, not just government, cited recruiting and retaining talent as a key challenge. However, the inability to hire and retain workers with the right skills is hitting the Public Sector especially hard. This is particularly true for cybersecurity engineers and cyber operators. To address this challenge, the UK Government could think about it differently and consider how to free up valuable resources by reducing manual, repetitive and time-consuming activities through augmenting and automation.

        IT silos and data: Public sector organisations struggle with end-to-end visibility, siloed IT systems and technologies, and migrating workloads to the cloud. This challenges public sector organisations to deliver services, comply with service level agreements (SLAs), meet citizen expectations and achieve organisational missions. Public sector agencies are dispersed and their technology procurement needs, historically, have been driven by the needs of individual departments or mission goals. This results in a heterogeneous landfill of intertwined components and products when delivering any mission-critical service. It also results in a lack of interoperability between government departments and technology and services. This is detrimental to citizens’ experience and to the efficiency of public services.

        Legacy and complexity: Much of the UK Government’s IT budget is spent on maintaining legacy systems. Furthermore, a significant risk in managing IT operations is a lack of real-time, end-to-end visibility into systems and operations. This means it is sometimes difficult or impossible to pinpoint problems or respond in an agile manner due to the amount of legacy and complexity of government IT. Legacy issues, therefore, mean that investing in and integrating new technologies and data systems can be difficult, hindering the Government's ability to analyse and share data effectively.

        Lack of confidence in cloud: One of the major challenges for a government adopting cloud is a need for more confidence. It can be challenging for the Government to ensure security and privacy in multi-cloud and hybrid environments. Detecting and resolving issues quickly can appear too difficult. Splunk’s view is that cloud brings the agility, security, and functionality the UK citizens expect and deserve. As departments migrate to cloud and hybrid locales, end-to-end operational visibility is essential before, during and after the transition - to maintain insights into performance, migration progress and availability. Cloud solutions can provide granular, real-time visibility and situational awareness of these environments, eliminating any blind spots and providing an accurate picture of relevant metrics. With such conditions in place, government departments can have confidence in their cloud migration efforts.

        Power of data remains partly untapped: The UK Government is making strides to ensure better decisions can be made with data and to become data-driven. All of the Government’s data needs to be used to drive outcomes and to spend and invest effectively.  This includes data that is generated by digital operations and digital transactions. To facilitate seamless data sharing and usage across departments, consistent data-sharing mechanisms should be created. Implementation of robust data platforms, cutting-edge analytics, and a culture that values data-driven decision-making are some of the key strategies that the UK Government can adopt to address these challenges.


  1. Drivers and opportunities for change


The UK government also has a number of opportunities for change:


        Automation is a probable long-term solution: While automation won’t be the silver bullet, the UK Government needs to accelerate plans for more automation whilst getting more out of existing investments.

        Finding new ways to overcome the skills issues: There may be new ways of addressing the skills challenge in the UK Government. For example, we know of a Chief Information Security Officer who set up a whole SOC (Security Operations Centre) around a university to get fresh graduates. They were not in the Public Sector but had similar challenges around attracting and retaining talent. They turned new graduates into junior analysts, knowing they would leave in two years for a more lucrative opportunity elsewhere later, and made that their talent strategy.

        Resilience: The UK Government will never be able to prevent every attack, error or outage, so the issue is both how well one can minimise such incidents, and how well one can recover from them. The key to this is to have end-to-end visibility into the Government’s data. More effort is required to integrate the data and processes required to ensure digital processes are efficient and effective. Analytics maturity can lead to a significant improvement in operational resilience by enabling Government services to detect and respond to risks and incidents more effectively.

        COTS: Government policies should encourage the procurement of best-in-class commercial off-the-shelf (COTS) software solutions to the maximum extent practicable, in place of building customised software solutions. This has the advantage of reducing the technical and financial burden to create, manage and retire these capabilities, while also leveraging the speed of market-place innovation. 

        Innovate with cloud: Properly implemented cloud technology can improve speed of delivery, increase security and create opportunities for Government departments to innovate. Government organisations and functions need to work together more effectively across functions to take full advantage of these benefits.

        Procurement: Many of the solutions that the UK Government procures to support digital transformation are sourced from an international market. Governments should seek to harmonise procurement regulations, standards and certifications for cloud offerings between countries, where possible.



May 2023