DXC: How to Modernise and Secure Public Sector Organisations

As cyber threats grow in scale and sophistication, public and private sector organisations alike are under increasing pressure to modernise securely while maintaining operational resilience.

As General Manager for the UK & Ireland at DXC Technology, Derek Allison leads one of the company’s most strategically significant markets, helping major organisations navigate this complex risk landscape.

His role centres on strengthening cyber resilience, modernising mission-critical infrastructure and accelerating secure cloud and AI adoption to deliver measurable, sustainable outcomes.

DXC operates as a global enterprise technology and innovation partner, enabling organisations across industries to enhance efficiency, agility and, crucially, security. The company supports clients in transforming legacy environments, embedding robust cybersecurity frameworks and implementing scalable, future-ready architectures capable of withstanding evolving threats.

With deep expertise spanning Managed Infrastructure Services, Application Modernisation and Industry-Specific Software, DXC plays a pivotal role in securing and managing some of the world’s most complex technology estates.

Here, Derek explores the cultural and technical barriers to digital transformation in the public sector, and outlines how modernisation, collaboration and security-first AI innovation can help deliver smarter, safer and more resilient public services.

What are the biggest barriers to digital transformation in the public sector today? Is it cultural rather than technical?

Both cultural and technical factors are shaping the pace of digital transformation in the UK public sector – and progress depends on addressing them together, not in isolation.

From a technical standpoint, many organisations are still constrained by complex legacy estates. These environments are costly to maintain and difficult to integrate, creating fragmented architectures that increase operational risk, limit data interoperability and reduce the effectiveness of AI and analytics solutions.

At the same time, rapidly-evolving technologies generate many innovative ideas, but transitioning these from proof-of-concept into scalable services remains a significant challenge. Legacy platforms also restrict real-time insight and end-to-end process visibility. 

Culturally, barriers are just as material. AI and digital adoption remains uneven, decision-making is frequently siloed and there is an ongoing digital and data skills gap across many departments. While there is a strong appetite to innovate, scaling transformation requires stronger governance models, shared standards and workforce capability development.

Our experience shows that successful transformation happens when modern platform engineering, cloud and AI adoption are delivered alongside operating model change, skills uplift and cross-agency collaboration – closing the execution gap between ambition and impact.

How can public sector organisations modernise legacy systems without disrupting critical services?

Public sector organisations can modernise legacy systems safely by using a phased, low-risk approach rather than large one-time replacements. 

Increasingly, transformation is moving towards more agile techniques – where change is continuous rather than a one-off event – and systems are upgraded in manageable increments, with old and new platforms running in parallel and services migrated in controlled waves. 

This includes creating more modular systems and moving away from the monolithic solutions of the past, building for the future rather than just today’s requirements. 

Hybrid and cloud architectures help isolate risk and minimise downtime; automation and AI can be introduced gradually to handle repetitive operations and strengthen service resilience during transition.

With cross-functional teams, clear ownership and iterative delivery, organisations can modernise core systems while protecting critical services – an approach widely applied by partners such as DXC Technology.

What does effective public-private collaboration actually look like? Where does it most often fail?

Effective public-private collaboration relies on shared outcomes, transparent governance and coordinated, long‑term investment. 

It requires government and industry to work side by side from the outset, collaborating on solutions, aligning on standards and maintaining open communication throughout delivery.

Transformation is a team sport and when high-performing agile teams are formed with aligned objectives, organisations are able to create true partnerships rather than transactional relationships. 

The most successful partnerships prioritise flexibility, continuous learning and a commitment to delivering measurable public value rather than simply completing a contract. Collaboration most often fails when incentives are misaligned, programmes are over‑specified or delivery is siloed, leaving little room for innovation or adaptation. 

How should public sector leaders balance innovation with security, risk and public trust?

Public sector leaders can balance innovation with security, risk and public trust by embedding secure-by-design principles, transparent governance and continuous risk assessment into every stage of the innovation process. 

It’s important to recognise that early-stage innovation often focuses on developing technical capability alone – moving innovation into scale requires additional layers of technology, process and people, supported by clear accountability and operating models. 

Rather than slowing innovation, security should act as its foundation, ensuring data is protected, models are evaluated and decisions remain accountable. 

As AI becomes more autonomous, maintaining human oversight and clear accountability is essential to sustaining public trust. 

The pace of emerging technology is accelerating, but success will rely on modern governance, ethical frameworks and a culture that sees AI not as an add-on but as a catalyst for better public services.

In five years’ time, what will most change the way digital public services are delivered in your opinion?

In the next five years, the biggest shift in digital public services will come from AI agents augmenting human tasks across both front- and back-office services, making interaction with AI the norm. 

Organisations will increasingly see a direct correlation between business performance and the health of the IT estate through observability. 

Cyber threats will continue to increase, with security agents countering threat-actor agents, while advances in computing power challenge existing encryption technologies.

Sovereign-based solutions will become a more prominent part of hybrid estates to address data and national security risk, deep fakes will require active mitigation and end-user experience will become persona-based and adaptive, delivering more positive and tailored citizen services.