An Open Letter to the CIOs of Global 2000 Companies

by

We’re sure that by now, you’ve seen all of the stories about last week’s computer turmoil at the New York Stock Exchange, United Airlines, the Wall Street Journal, and TD Ameritrade.  And as a top-level executive you’ve probably launched an internal review, or at least asked yourself, “Could it happen here?”

The simple answer is, unfortunately, “yes, it most definitely could.”

When news of the NYSE and UAL outages first hit the wire, the initial response was to question whether these were incidents of cyberterrorism.  It turns out they weren’t, but it demonstrates the current mindset. The root cause turned out to be software robustness… actually, the lack of it.

“Software robustness” may sound mundane when compared with “cyberterrorism.”  But it’s far more fundamental to your company’s IT infrastructure…even more so, as many of the world’s largest companies engage in what Gartner calls “digital transformation.”

But software robustness is being ignored for any number of reasons:

  • Your business operations people are demanding more, and don’t want to spend money on fixing what’s already in place
  • Nobody at your company is in charge of making sure your IT systems are well constructed
  • Too many stakeholders are uneasy talking about robustness, especially of their software
  • And it’s hard to measure that you’re getting better when you’ve done just enough to avoid major catastrophe. At least so far.

What’s the solution?  Structural quality must be measured and owned. The standard metrics have been available for years, and are getting the official stamp in September. The challenge is that it all starts with you and others in the C-suite. The best practitioners institute something like a “10-10-10” program, where:

  • They closely monitor the structural quality of their top 10 revenue-carrying applications
  • 10% of the ADM budget for these applications goes toward reducing technical debt
  • A 10% year-on-year improvement in structural quality is expected for these applications

In addition, there are emerging standards to quantify software quality that will be adopted by an industry-wide body by the end of this year.  (We’d be remiss to mention that at CAST, we have an automated system that can help you meet these standards. 250 companies around the world use it; one-third are on the Global 2000.)

Outages like those that hit the NYSE and UAL can cause immediate loss of revenue, loss of confidence and reputation damage to the brand and to yourself. We trust you’ve already implemented a software robustness review at your firm. If not, we are here to help.

Sincerely, CAST

www.castsoftware.com

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Steve Friedberg Experienced Corporate Communications strategist
MMI Communications is a small company that works to deliver big results for emerging firms, primarily in the high-technology field. We communicate clearly and concisely in a way that gets your message across to the stakeholders you need to succeed. Key competencies include public relations/analyst relations/content marketing strategy and development, and more.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|