Tag: Software Risk Management

The Hearst Business Media Approach? Eat the Elephant, One Bite at a Time.
How To Manage Software Risk During Mergers and Acquisitions
How to Take Advantage of Modern Architecture While Keeping Applications Safe and Secure.
Minimizing Software Risk in Open Source Development
L’ approccio costante alla misurazione come reale contributo all’efficientamento del vendor management
QA Financial Forum - Vendor Risk Management: Nuovi modelli di Benchmark per la Software Quality ed il Pricing

High-capacity network bandwidth has become more widely available, and we have quickly tapped into every last inch of its capacity. More devices are built with wi-fi capabilities, the costs of mobile devices are going down and smartphones are in the hands of more people than ever before. In fact, Apple might have already exhausted the market and is seeing drastically lower sales forecasts for the iPhone.

We are moving into an era in which virtually any device will connect to the Internet. Phones, fitness trackers, dishwashers, televisions, espresso machines, home security systems, cars. The list goes on. Analyst firm Gartner estimates that over 20 billion connectable devices will exist worldwide by 2020. Welcome to IoT—the Internet of Things. A giant network of connectable things.

Application Security in the Internet of Things

In April, Google experienced a fairly significant cloud outage, but it was hardly news at all. In fact, it was likely the most widespread outage to hit a major public cloud to-date. The lack of coverage is strange, considering the industry’s watchful eyes like Brian Krebs and others. The even more recent Salesforce service outage seems to have received more attention. But despite the fact that Google seems to have gotten away with a “pass” this time, the glitch brings renewed attention to the fact that tech players large and small are continuing to deal with software robustness issues.

What Went Wrong at Google - Software Robustness Remains a Struggle

Today, CAST is meeting hundreds of Enterprise Architect aficionados, gurus, practitioners and professionals in National Harbor at the Gartner EA Summit. When glancing at the agenda, it is evident that EA has become omnipresent and is interacting either directly or indirectly with 100% of hot IT challenges such as Digital Transformation, Cloud Readiness, Internet of Things, Cyber Security and Innovation - the topics that are keeping many executives up at night.

The intent of this post is to share “one” view of the EA journey and provide some personal insight into software risk management and what I think will be the upcoming challenges in our favorite discipline.

EA Insights – The Fact-Based Measurement Effect

6On March 15, CISQ hosted the Cyber Resilience Summit in Washington, D.C., bringing together nearly 200 IT innovators, standards experts, U.S. Federal Government leaders and attendees from private industry. The CISQ quality measures have been instrumental in guiding software development and IT organization leaders concerned with the overall security, IT risk management and performance of their technology. It was invigorating to be amongst like-minded professionals who see the value in standardizing performance measurement.

CISQ & IT Risk Management: Minimizing Risk in Government IT Acquisition

UntitledSoftware Risk Management in Digital Transformation was the focus during the 4th edition of the Information Technology Forum, hosted by International Institute of Research (IIR).  Massimo Crubellati, CAST Italy Country Manager, discussed how Digital Transformation processes are changing the ICT scenario and why software risk management and prevention is mandatory.

 

Massimo shared our recipe for Digital Governance evolution: including a specific ICT Risk chapter in the design of the governance structure of the digital transformation, whose most relevant aspect is to determine which methods and through which key performance indicators to measure the operational risk inherent in the application portfolio. Measurement needs to be continuous and structural, it must include the assessment of application assets inherent weaknesses, through the analysis of correlations between the layers composing them. Thus obtaining, not only an effective prevention of direct damage ensuring the service resilience, but a reduction in maintenance and application management costs.

Software Risk Management: Risk Governance in the Digital Transformation

IT leaders from throughout the federal government discussed the value of how software measurement can positively impact their development process at CAST’s recent Cyber Risk Measurement Workshop in Arlington, VA – just outside of the Washington, D.C. area. The event brought together more than 40 IT leaders from several governmental agencies, including the Department of Defense and Department of State, system integrators and other related organizations. The group shared their experiences in how their respective organizations are driving value to end users and taxpayers.

IT Leaders Address the Value of Software Measurement & Government Mandates Impacting Development

Software risks to the business, specifically Application Resiliency, headline a recent executive roundtable hosted by CAST and sponsored by IBM Italy, ZeroUno and the Boston Consulting Group.  European IT executives from the financial services industry assembled to debate the importance of mitigating software risks to their business.

Software Risk: Executive Insights on Application Resiliency

If you've read the news lately, you've seen headline after headline (some, even on our blog) about computer glitches, technical failures, software risk, and hacks.  The health of applications is now under more microscopic attention than ever before - because no matter whether internal or external causes prompt a software outage, the security and stability of your applications are paramount.

The Importance of Checking Software Risk and Software Quality: A Wake-Up Call to Firms Across the Globe

When Electronic Health Records were first installed into hospitals and networks, it was seen as a great innovation. However, an important step in their implementation was glazed over: ensuring their security. According to Politico, hacks related to security lapses have cost the healthcare industry around $6 billion a year.

Healthcare Giants and Consumers Are Both Victims When It Comes To Security Violations

Dr. Carol Woody of SEI was recently featured on a CISQ webinar about the correlation of software quality and software security. Her lessons on this topic highlight why software security cannot be something added after-the-fact, it must rather be factored into the development of software applications from the moment coding begins.

This is a lesson that companies such as Sony need to learn. While past breaches like the ones carried out by the LulzSec group in 2011, affected their customers and cost them dearly in terms of reputation and reparations, the one they suffered late last year hurt them much closer to home when cyber criminals breached Sony’s entire network and threatened to expose all stolen data.

Poor Software Quality Impacts Application Security
With the cost of U.S. data breaches increasing nine percent from last year, and the news of Target CEO Gregg Steinhafel announcing his resignation amidst the fallout of their massive credit card breach, every IT organization has software risk management top of mind in 2014.
Launch Party Wrap-Up: Software Risk Management Goes to Broadway