CIO Risk Management: Six Software Intelligence Strategies for New CIOs

by

Modern IT leaders face more complexity in their technology stacks than ever before. This has spurred the need for better CIO risk management practices to guard against a growing arsenal of external and internal threats to software resiliency and security.

My musings on this changing landscape for CIOs reminds me of the break-out food TV show, Iron Chef. On Food Network’s Iron Chef, accomplished cooks compete to create the best meal, given an off-beat combination of ingredients and conditions, in one hour. Likewise, many CIOs conducting an inventory of their newly inherited software and systems may feel as if they too are staring into a large, slightly sour-smelling refrigerator of full of mismatched food that must magically morph into something cohesive.

I recently caught up with Gary Curtis, Senior Advisor at The Boston Consulting Group, to discuss how Software Intelligence can help new CIOs score quick wins amidst a complex technology landscape and in many cases a great lack of knowledge about existing systems.



He offered an example: “I just finished a project with one of the world’s largest banks,” he said. “And the new CIO of this organization discovered a legacy stack consisting of more than 2 billion lines of code during his due diligence activities.”

Bringing a Wild Stack into the Fold

“This stack also comprised more than 100 programming languages and frameworks,” he added. “Before hearing this, I thought maybe there were 40 or 50 [languages].” Unfortunately, Curtis has seen this all-too-common situation before. The issue facing this bank CIO and many of his technology-leadership peers is integration: “This stack needs to be improved, because it’s consuming the greater part of the IT budget. It’s problematic, unstable in many ways, and very incompatible with new digital functions that should be incorporated into these applications,” says Curtis.

Plan to Attack Architectural Gaps

He explains CIO risk management techniques to identify and isolate issues so that costs can be managed–all while creating more efficient and integrated systems. “First, [the CIO and his team] find out what comprises that stack.” Areas of focus should include architectural issues, such as areas of potential exploit. “Once no one cared about these,” says Curtis. “But hackers do.” CIOs should gather system-level analysis on business-critical software to minimize architectural complexity and ensure that systems are stable, safe and secure.

Software Intelligence: The CIO’s Special Ingredient

“Without access to the right data, it’s hard to know where to start, and where to find the biggest bang for the buck.” This is where software intelligence can help CIOs accelerate their understanding of existing systems to develop a comprehensive modernization and integration plan. The right set of tools can provide:

 

  1. Visibility into complex and/or poorly documented systems, to aid in reducing transformation risks.
  2. Interactive blueprints that can help the CIO and his team develop better transformation strategies.
  3. A means of enforcing architecture compliance.
  4. A hierarchy for prioritizing and managing legacy modernization tasks.
  5. Engineering insights that can accelerate modernization efforts.
  6. Modernization monitoring capabilities that protect clients and ensure high-quality outcome.

Few CIOs are equipped to compete on Iron Chef. But a versatile, easy to use Software Intelligence solution provides them with a key ingredient. Using them, they can turn tired legacy leftovers into an appetizing menu of cutting-edge digital applications and systems.  

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Lev Lesokhin
Lev Lesokhin EVP, Strategy and Analytics at CAST
Lev spends his time investigating and communicating ways that software analysis and measurement can improve the lives of apps dev professionals. He is always ready to listen to customer feedback and to hear from IT practitioners about their software development and management challenges. Lev helps set market & product strategy for CAST and occasionally writes about his perspective on business technology in this blog and other media.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|