CX and Security Deep Dive Part 1: What’s really the issue with CX and Security?

We all want the same thing when it comes to federal technology and modernization projects. We want our systems, tools, and products we use to be easy to use AND 100% safe.  

Yet, when it comes to making that happen it can feel like it must be one or the other. Either your system is secure or it’s enjoyable. Never both. 

The President’s Management Agenda asks federal IT leaders to do both. We must “deliver a simple, seamless, and secure customer experience, on par with or more effective than leading consumer experiences” to help citizens get what they need and increase their trust in government. 

We recently hosted a webinar to explore the tumultuous marriage of security and CX. My colleague Rich Zanatta and I put the gloves on and went multiple rounds to try to get at the heart of why IT folks and CX folks clash and what we can do to make it better. You can watch the replay below.

For the first part of our blog series, I’ve come up with three main reasons CX and security butt heads. In the next article, I’ll tell you what we can do about it.

Reason 1: CX thinks security slows us down. 

I’ll be the first to admit it – sometimes the idea of creating security checklists or vulnerability scanning can feel downright painful. Human-centered design pros want to turn our users pain points into prototypes quickly. And iterate again and again – without taking a breath – until we get to the best solution. 

We are trained to get deep insights and move quickly because that is how we’ll keep up with our customers’ needs. Consumer products move at a head-spinning pace, and we know the government must follow suit to catch up. Hearing from security can feel like the crossing guard is asking me to walk when all I want to do is run.

Reason 2: Security doesn’t understand the value of CX. 

Let’s be real, IT folks are used to being in charge. They hold the keys to the kingdom, and rightfully so since every aspect of our lives from our healthcare to our finances must be online and available 24/7. Keeping that all running requires a level of focus and precision usually reserved for saving lives. And with the volume of attacks and threats increasing daily, the stakes have never been higher. 

Introducing concepts like customer experience to a seasoned IT pro can feel like fluff. More than once I’ve heard, “Isn’t this why we have DevSecOps?” or “Our help desk talks to our customers, so we have that covered.”  Sometimes IT folks feel like it is more secure to have less customer engagement – because there’s fewer opportunities for someone to make a costly mistake. 

Reason 3: We’re both super busy. 

The unfortunate truth is that both groups have a ton on their plate and some huge challenges keeping them up at night. 

As the demand for CX increases across the government, professionals have the dual responsibility of building solutions and educating leaders across the government on what we need to be successful. Upgrading the government’s tools, processes and thinking is a big part of how we spend the day.  

There never seems to be time for one more test or check. 

The same is true for security professionals. Keeping the bad guys out is no longer something that just happens to large companies or in theatres of war. It’s a daily part of our lives and we all have a huge part to play in keeping our systems safe.  

There never seems to be time for one more customer interview. 

This much is clear: the PMA has it right. Both groups need each other and as citizens we all need security and CX to be partners not adversaries to meet today’s demands and tomorrow’s goals.  

Sound overwhelming? Don’t worry. In our next post, we’ll tackle just how to make that happen.