Category: Industry News

What GDPR enforcement means for proactive application security.
GDPR: New ‘Sheriff’ Places Responsibility for Data Privacy Squarely on Businesses
Open source is part of almost every software capability we use today. Can we be sure it's secure?
The Software Intelligence Report: What You Need to Know About Open Source Software
A tune-up may not be enough to help organizations adhere to MGT Act 101 to deliver secure and sustainable modernized systems.
Government Agencies and IT Modernization: What Will Propel the Great Leap Forward?
Every major business today is mostly run on software. Make sure you have the right intelligence to be a leader in the digital world.
Software Intelligence – What is it and why now?
It doesn’t matter how many days removed we are from sipping champagne, singing "Auld Lang Synge" and making New Year’s resolutions, we still need to look back at 2017, lest we repeat the same mistakes we've already made.
2017: The Year of MotS (More of the Same)
The biggest lesson learned from the Equifax breach is that executives and application owners need a software risk scorecard that clearly outlines KPIs around software structural quality and security.
Lessons from Equifax: Get a Software Risk Scorecard
Open source is the lifeblood of modern software development, but it's not without risks, especially when it comes to application security.
A Good Look at Open Source Frameworks: Avoiding Another Equifax
The recent spate of IT glitches and ‘power outages’ at British Airways which caused the UK’s national carrier to cancel all its flights worldwide at the start of May bank holiday along with the WannaCry ransomware attack which ground the National Health Service to a halt have exposed again the importance of IT systems in today’s business. The complexity of these IT systems, the number of vulnerabilities that exist in critical software used by critical infrastructure sectors such as the NHS, airlines, telecom operators has made headlines once more.
Need for Holistic IT Systems’ Risk Assessment

6On March 15, CISQ hosted the Cyber Resilience Summit in Washington, D.C., bringing together nearly 200 IT innovators, standards experts, U.S. Federal Government leaders and attendees from private industry. The CISQ quality measures have been instrumental in guiding software development and IT organization leaders concerned with the overall security, IT risk management and performance of their technology. It was invigorating to be amongst like-minded professionals who see the value in standardizing performance measurement.

CISQ & IT Risk Management: Minimizing Risk in Government IT Acquisition

UntitledSoftware Risk Management in Digital Transformation was the focus during the 4th edition of the Information Technology Forum, hosted by International Institute of Research (IIR).  Massimo Crubellati, CAST Italy Country Manager, discussed how Digital Transformation processes are changing the ICT scenario and why software risk management and prevention is mandatory.

 

Massimo shared our recipe for Digital Governance evolution: including a specific ICT Risk chapter in the design of the governance structure of the digital transformation, whose most relevant aspect is to determine which methods and through which key performance indicators to measure the operational risk inherent in the application portfolio. Measurement needs to be continuous and structural, it must include the assessment of application assets inherent weaknesses, through the analysis of correlations between the layers composing them. Thus obtaining, not only an effective prevention of direct damage ensuring the service resilience, but a reduction in maintenance and application management costs.

Software Risk Management: Risk Governance in the Digital Transformation

IT leaders from throughout the federal government discussed the value of how software measurement can positively impact their development process at CAST’s recent Cyber Risk Measurement Workshop in Arlington, VA – just outside of the Washington, D.C. area. The event brought together more than 40 IT leaders from several governmental agencies, including the Department of Defense and Department of State, system integrators and other related organizations. The group shared their experiences in how their respective organizations are driving value to end users and taxpayers.

IT Leaders Address the Value of Software Measurement & Government Mandates Impacting Development

Reifer Consultants LLC’s recent white paper, Software Benchmarks and Benchmarking, discusses software benchmarking process and provides information on industry

Software Benchmarks and Benchmarking

Last week, CAST, a global leader in software analytics, invited more than 100 IT professionals to participate in a software risk and analytics roundtable in New York, NY. The daylong exchange included CIOs, industry analysts, systems integrators and IT advisory firms. As an outcome of this gathering, CAST published an IT Trends 2016 Report. The following post attempts to capture some of the exchange between participants and key takeaways.

IT Trends 2016: Insights from the CAST CIO and IT Leaders’ Roundtable Discussion

Topping the list of IT Trends 2016 is helping CIOs take advantage of Big Data for themselves, while cutting through the clutter. Accelerating the time from data to decision requires analytics that highlight areas of risk and opportunity in support of business decisions, not technical ones. Proactive, predictive insight arms CIOs with the ability to ask the right questions, to challenge the status quo and surface technical risks that jeopardize revenue, reputation or brand. Real-time solutions that improve the signal-to-noise ratio top the CIO’s wish list for 2016.

IT Trends 2016

If you've read the news lately, you've seen headline after headline (some, even on our blog) about computer glitches, technical failures, software risk, and hacks.  The health of applications is now under more microscopic attention than ever before - because no matter whether internal or external causes prompt a software outage, the security and stability of your applications are paramount.

The Importance of Checking Software Risk and Software Quality: A Wake-Up Call to Firms Across the Globe

In 2014, the IT infrastructure at the Federal government’s Office of Personnel Management (OPM) was upgraded from a security rating of "material weakness" to one of "significant deficiency," according to The Wall Street Journal's CIO Report. Which means that the OPM, even after upgrading to mitigate software risk, wasn’t up to snuff. That is - to put simply - unacceptable. It is also both a dismal and infuriating fact to learn - especially for those who were among the 21 million present and past Federal employees, revealed last week, to have had their Social Security numbers and other personal information stolen in the recent data breach.

Software Risk: A Tale of Technology Woes and Failures

We’re sure that by now, you’ve seen all of the stories about last week’s computer turmoil at the New York Stock Exchange, United Airlines, the Wall Street Journal, and TD Ameritrade.  And as a top-level executive you’ve probably launched an internal review, or at least asked yourself, “Could it happen here?”
The simple answer is, unfortunately, “yes, it most definitely could.”

An Open Letter to the CIOs of Global 2000 Companies

The events of last Wednesday proved that things often do come in threes. The “rule of three” reared its ugly head, as technical failures occurred at three large American organizations: the New York Stock Exchange, United Airlines, and The Wall Street Journal. United Airlines grounded all flights nationwide, wasn't able to conduct background checks of passengers, and left flight attendants handwriting tickets (many of which were not accepted by TSA agents). Then, the NYSE suspended trading for almost four hours, the first time in a decade that trading was halted during regular business hours. The Wall Street Journal's homepage also faced difficulties and was offline for almost an hour.

The Rule of Three: NYSE, UAL, and WSJ Operations Foiled by Their Own Systems