The cloud raises concerns for just about every operation. But when you are the U.S. federal government, these issues are paramount. But that isn’t stopping the feds from having a digital-first strategy that will provide self-service for citizens over the web. That at least according to research firm Ovum.

The feds are making this self-service initiative a top priority over the next year and a half, a program that involves collaboration and compliance tools as well as CRM. In the latest Ovum ICT Enterprise Insights, the feds are focusing these efforts largely on infrastructure and tax/revenue agencies.

“The popularity of web-based citizen self-service reinforces the digital services strategies being adopted by many governments in 2013, with a focus on the ability to complete transactions online or on mobile devices and on citizen-centric processes,” said Nishant Shah, senior analyst at Ovum. “However, it’s important that self-service provision via the Web is not separate from a strategy encompassing self-service via mobile devices, and a more general strategy of using data more effectively. Granular, whole-of-government roadmaps that aim to improve digital capabilities are imperative here. Indeed, an IT strategy is not a digital strategy.”

Unlike many enterprises, the feds aren’t paying much attention to BYOD, which is surprising given the security problems these devices pose. “Government has clearly been late to the game here, but we predict BYOD will become a higher priority in the next few years. If the goal is for government to provide ‘customers’ better services on any device at any time, its own workforce must be included,” said Shah.

Overall federal IT spending by 2017 will hit a monumental $248 billion, and much of this dough will go towards the government’s cloud first strategy, a strategy that still has many hurdles to overcome.

But Feds Aren’t Cloud Ready

According to MeriTalk, a partnership between private and public organizations aimed at promoting good IT and a sense of community, the federal government wants to adopt cloud technology -- but isn’t prepared.

The problem – federal networks are not up the task. The result of deficient networks? Bottlenecks. Potentially huge bottlenecks. This isn’t just an issue for the feds. Anyone moving substantial chunks of computing to the cloud has to look the network, and look at it on and end-to-end basis. First is the internal corporate network, then the egress/ingress points, the speed of the service provider’s network (for big cloud apps dedicated connections are usually a must) and finally the speed of the service providers’ internal network.

Just like putting the cart before the horse, federal agencies may be putting the apps before the network. Fortunately federal IT managers at least understand the issue. On average, network managers expect their agency’s total network loads to increase 79 percent. It is not just the network, but the rest of the infrastructure that also needs tending to, apparently. Security must be boosted as new apps create new attack surfaces, and storage must be boosted (of course as any IT pro knows, storage must always be boosted).

This all means big change, and big investment, a prickly issue in this era of monster deficits and pressure to limit spending.

Security Still Nagging

Another report by MeriTalk, this one done with NetApp, says federal networks are vulnerable to cyber threats. And a move to the cloud could only make this worse.

“President Obama rates cyber threats as one of the most serious challenges facing our nation – consider the source and the context. As cyber threats become more sophisticated, it is increasingly clear that the Federal Information Security Management Act (FISMA) may not be enough to protect agencies from attacks. To combat today’s cyber threats, agencies need a modern, dynamic approach that combines risk management, continuous monitoring, and real-time awareness,” the report “FISMA Fallout: The State of the Union” said.

One big problem is government cyber security workers don’t have true confidence in FISMA.

The cyber threat is big and getting bigger. Over the last year, 64 percent of government agencies had to fight off leaks and insider threats, 60 percent dealt with non-state actors, and 48 percent, nearly half, had to ward off state-sponsored threats or attacks. The survey of over 200 security pros has a pretty frightening result, that only 53 percent of those polled believe FISMA improved their cyber defenses.

The need to be in compliance with FISMA raises costs. “In addition, 28 percent view FISMA as encouraging compliance rather than risk identification and assessment, 21 percent believe it is insufficient in dealing with today’s cyber threat landscape, and 11 percent believe it is an antiquated law,” the report said. Meritalk’s advice is to take the bull by the horns by deploying continuous security monitoring.