CEO in the Field: Making Digital Transformation a Reality

by

I recently attended the MIT Sloan CIO Symposium, a kind of meeting of the minds for leading CIOs and senior IT executives, who gathered this year to discuss the strategy and execution of digital transformation goals. Throughout the event, experts outlined frameworks for intelligent modernization, like integrating AI into development processes, taking proactive steps to improve cybersecurity postures, practical uses for blockchain, what’s next in cloud computing, and more. All about creating a more sophisticated digital sphere.

The goal is clear, but realizing digital success remains challenging. Leaders must address business complexity to reconfigure their organization’s digital landscape and operating models by navigating ethical and economic issues, developing and re-developing agile software platforms, managing IT costs and talent acquisition, establishing cross-functional partnerships internally and externally, all the while capitalizing on Agile and DevOps for speed of delivery.

It’s just this simple.

Frederic Veron_MIT CIO Symposium

Keynote speaker, Fredric Veron, CIO and Head of Safety and Soundness at Deutsche Bank delineated a three-pronged approach for successful digital transformation in his presentation, Safe and Sound Software for Digital Execution. In his talk he described:

  • The importance of being hyper-aware and knowing your software and how it is used.
  • How to create “Readiness Gates,” or mandatory checkpoints, for security, resiliency, structural quality and risk.
  • Implementing DevOps to shift from “Fail Fast” to “Learn Fast.”

Veron also stressed the need for companies to understand their software inside and out as software vulnerabilities threaten the functionality of applications.

At the heart of this change in mindset and process lays Software Intelligence.

According to Veron, “Software flaws are the root cause for about 20% of incidents. The other 80% come from testing, hardware, human errors and infrastructure. But all of this is still related to software.”

Shifting application security left is integral to producing safe and sound applications. Veron urges companies to utilize an intelligent approach to ensure software integrity stating, “In the early days of software, it was acceptable not to understand it beyond the surface. But now, when the cars we drive have more software than the planes we fly or the first rockets that went to the moon. And software is critical to life, business and each one of us. And we are trying to handle entities much more complicated.  We need better visibility and we need better intelligence about these systems.”

I also watched a panel titled Creating a Digital Culture with Tanguy Catlin, a Senior Partner at McKinsey who is helping companies build out their digital capabilities. He shared interesting points about the cultural aspects that increase a company’s ability to change, to speed up, to take calculated risks, and the ability to form partnerships with third parties to develop market leading solutions.

The latest point made me think about the importance of knowing your software supply chain, beyond just open source components. Your business depends on your vendors and your partners’ software. Transparency into any potential risks there is critical, if not mandatory for compliance.

Finally, I managed to see half of the panel about security where Lev Lesokhin, member of the CISQ board and SVP of Strategy at CAST, made a couple of excellent points regarding the way large IT organizations can leverage CISQ quality guidelines to Deliver Resilient, Secure, Efficient and Agile IT Systems in Line with CISQ Recommendations.

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Vincent Delaroche
Vincent Delaroche Chairman and CEO
Vincent is a passionate entrepreneur and industry thought leader who has grown CAST from a start-up to a global category leader in Software Intelligence. He began the software analytics movement more than 25 years ago to uncover the truth about software health, performance and security to help businesses deliver more value to end users, fast.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|