Nilanjan Sengupta’s Innovative Approach to Technology Modernization

• Nilanjan Sengupta, SVP and head of federal, public sector and healthcare for the Americas at Thoughtworks, is helping federal agencies think differently about modernization.
• His strategy for successful technological modernization is about reimagining the architectures of how systems, data and people work together to deliver outcomes at scale.
• He sat down with ExecutiveBiz to talk AI, cloud computing, cybersecurity and effective data governance.

Nilanjan Sengupta is helping federal agencies think differently about modernization by focusing on materially strengthening mission readiness through thoughtful technology architecture.

Sengupta, Thoughtworks senior vice president and head of federal, public sector and healthcare for the Americas, brings this approach to modernization. Successful transformation is rarely about replacing one system with another.

Instead, it is about reimagining the architecture of how systems, data and people work together to deliver outcomes at scale—what Thoughtworks defines as the Seamless Government Experience, aka SGX. This is a “no-wrong-door” model where agencies operate as a coordinated system rather than disconnected programs.

This perspective is the essence of Thoughtworks: bringing together deep engineering, product thinking and data platforms to modernize complex and mission-critical environments in defense, healthcare and other public sector domains.

This approach fits well with Sengupta’s background as a former technologist with experience helping large organizations modernize complex systems. He described Thoughtworks as a place where engineering excellence, modern delivery practices and responsible technology can help solve the hardest problems facing government agencies.

Sengupta sat down with ExecutiveBiz for his first Spotlight interview to discuss the next big advancement in federal artificial intelligence adoption, challenges in developing and fielding generative AI tools for defense customers, how cloud computing is changing cybersecurity, and maximizing the discovery and utility of company data with effective governance policies and procedures.

Hear the Pentagon’s latest investment priorities for emerging technologies like AI and cyber at the Potomac Officers Club’s 2026 Cyber Summit on May 21! Get partnership opportunities directly from Aaron Bishop, Department of War acting principal deputy chief information officer and chief information security officer, during his illuminating keynote address. Secure your seat today!

ExecutiveBiz: What’s the next big advancement in federal AI adoption?

Nilanjan Sengupta: The next major advancement in federal AI adoption will be the transition from isolated AI pilots to mission-integrated AI platforms. At Thoughtworks, we refer to this shift as AI/works, an approach to embedding AI directly into enterprise platforms and operational workflows so it becomes part of everyday mission execution, not a standalone experiment.

Agencies have spent several years experimenting with AI through proofs of concept and targeted use cases. The next phase will focus on embedding AI capabilities directly into operational workflows and enterprise platforms so that AI becomes part of everyday mission execution rather than a standalone experiment.

This will require several shifts. Agencies will need scalable data architectures that allow models to access high-quality, governed data. They will need platform environments that can host models securely and support continuous improvement. And equally important, they will need strong governance frameworks to ensure transparency, accountability and human oversight.

This requires treating AI not as a tool but as a platform capability, with governed data, secure infrastructure and human oversight built in from the start. This is core to how we design AI/works for regulated environments.

Together, these capabilities enable the foundation for a Seamless Government Experience, where AI is embedded into coordinated, end-to-end service delivery rather than layered onto disconnected systems.

What excites me most is the potential for AI to augment the workforce rather than replace it. In many federal environments, professionals spend significant time navigating complex systems and large volumes of information. AI can help surface insights more quickly, automate repetitive tasks and allow experts to focus on higher-value decision-making.

Ultimately, the real breakthrough will occur when AI becomes embedded into the digital infrastructure of government—quietly improving mission outcomes across areas like national security, healthcare, public safety and citizen services. At Thoughtworks, we are already seeing this pattern emerge in commercial and international public sector contexts, where AI is treated as a capability of a modern digital platform rather than a collection of one-off tools. Bringing those platform patterns into the federal space, adapted for U.S. security, compliance and ethical requirements, is where I see the next wave of impact.

EBiz: What do you see as the primary challenges for developing and fielding generative AI tools for defense customers?

Sengupta: Deploying generative AI within defense environments presents several unique challenges, primarily around data sensitivity, trust and operational integration.

First, training and data availability are significant considerations. Defense organizations operate with highly classified, or sensitive, datasets that cannot simply be used to train commercial models. Developing secure training environments and ensuring models learn from appropriate mission data is essential.

Second, hosting and infrastructure must meet stringent security requirements. Defense customers require environments that support classified workloads, controlled data flows and rigorous access controls. This often means adapting AI architectures to operate within secure government clouds or isolated environments.

Third, integration into operational systems can be complex. GenAI tools must work within existing command systems, data platforms and operational workflows without introducing risk or latency. Achieving this requires thoughtful engineering and deep collaboration with mission operators.

Finally, governance and trust are critical. Defense leaders must be confident that AI outputs are explainable, auditable and aligned with policy and ethical standards. Human oversight will remain essential, particularly in mission-critical environments.

Despite these challenges, the potential value is substantial. GenAI can help analysts process large volumes of information, support mission planning and accelerate decision-making. The key will be implementing these capabilities responsibly and securely.

That is where Thoughtworks’ experience in secure-by-design architectures, DevSecOps and responsible technology can help—designing patterns for GenAI that respect classification constraints, embed human-in-the-loop oversight and can be fielded in secure, disconnected or contested environments, without sacrificing mission assurance.

Interested in innovative DOW approaches to public-private cyber defense collaboration? Then you cannot afford to miss the Potomac Officers Club’s 2026 Cyber Summit on May 21! Dig into detecting and disrupting long-dwell adversaries and scaling defense across complex environments during our Combating Advanced Persistent Threat panel discussion featuring Daryl Haegley, Air Force technical director for control systems cybersecurity. Sign up now!

EBiz: Migrating to the cloud inherently means an increase in digital assets and infrastructure, and a decrease in physical assets. How do you think cloud has changed the cybersecurity paradigm?

Sengupta: Cloud computing has fundamentally shifted cybersecurity from a perimeter-based model to a data-centric security model.

In traditional environments, security was often built around defending a clearly-defined network boundary. Once systems moved to distributed cloud environments, that boundary effectively disappeared. Applications, data and users now operate across multiple networks and locations.

As a result, modern cybersecurity strategies increasingly focus on identity, data protection and continuous monitoring rather than static perimeter defenses. Concepts like zero trust architecture, least-privilege access and real-time threat detection have become central components of cloud security.

Cloud platforms also provide new capabilities that can strengthen security when used properly. Automated patching, centralized logging and advanced threat analytics can help organizations detect and respond to threats more quickly than traditional environments previously allowed.

However, the shift also requires organizations to rethink their operating models. Security is no longer just the responsibility of a centralized team. It must be embedded throughout the software development lifecycle and across engineering teams.

Organizations that successfully adapt their security models can achieve stronger protection while also enabling greater agility. At Thoughtworks, we help commercial and public sector clients design and implement cloud-native architectures where security, compliance and observability are built in from the start.

This is through DevSecOps practices, automated policy enforcement and continuous delivery pipelines. That approach is particularly relevant for federal agencies that must balance rapid delivery with stringent security and regulatory requirements.

EBiz: Are you confident that your company’s data governance policies and procedures are designed to maximize the discovery and utility of your data?

Sengupta: Effective data governance should not simply control data—it should enable its responsible use.

Organizations today generate enormous volumes of information, yet much of that data remains underutilized because it is difficult to discover, poorly cataloged or constrained by unclear governance rules. Modern data governance frameworks aim to strike a balance between protecting sensitive information and enabling teams to access the data they need to generate insights.

At Thoughtworks, we emphasize data governance approaches that treat data as a strategic asset while maintaining strong privacy and security protections. That includes clear ownership models, standardized metadata and automated governance controls that allow data to be shared safely across teams. Our work on modern data platforms is often inspired by concepts like data mesh. It focuses on making high-quality, well-governed data products that are discoverable and usable across large, complex organizations, including those operating in regulated environments.

Enforcing governance policies across large organizations can certainly be challenging. The most successful approaches focus not only on policy, but also on culture and platform design. When governance is embedded into the data platforms themselves – through automated controls, lineage tracking and policy enforcement – it becomes easier for teams to follow best practices without slowing down innovation.

Ultimately, the goal of governance is to create an environment where data can be trusted, discovered and used responsibly to drive better decisions. That is the standard we hold ourselves to at Thoughtworks and it is the kind of foundation federal agencies will need as they scale data and AI capabilities in support of their missions.