The key to security is to ensure that your most sensitive data is handled with proper controls in place. This should include working with your architects to explore the architecture of applications that handle the most critical data, starting from the data elements themselves and fanning out via impact diagrams (for example, CAST does this with the Application Intelligence Platform). Over time, your team will be able to establish secure architecture components that should handle all sensitive data.
Insurance organizations have reached a tipping point. Historic institutions, with in some cases hundreds of years of service, they are being forced to transform due to changing consumer demands and nimble, technology-centric startups bringing innovative products to market. No stranger to regulatory and privacy concerns, Insurance carriers have overcome many roadblocks throughout their lifetime of doing business. Now they must tackle their legacy IT systems and improve software risk management to deliver the value today’s market is after.
At CAST user group meetings, which we conduct annually in key regions, I’m always amazed by what our customers are doing with software analytics. Something so foundational – the measurement of software performance – yields such powerful results for Fortune 200 companies that are on a constant hunt to meet business demands and beat out the competition. This year’s user groups are special, because CAST is celebrating our 25th anniversary. That’s how long we’ve been helping make software a little less invisible to developers, architects and business executives whose livelihood depends on software quality.
Fintech is the hot new thing. It’s the industry that will carry the UK through Brexit. It’s the latest wave of startup mania in NYC. It’s becoming the darling of Silicon Valley. Chinese tech investors are all over it. It’s fresh. It’s sexy. But, wait a minute. What is Fintech?
Recently I attended MIT’s Fintech conference (#MITFinTech). We heard Brad Peterson, CIO of NASDAQ, talk about his firm as the original Fintech founded 45 years ago. Brad told us that NASDAQ no longer thinks of itself as an exchange, but as a Fintech company. A couple MIT professors told us there are 1800 Fintech companies out there today, and that number is quickly growing. There are some that promote robo-advisors as autonomous correctors for investor freak-out during volatile markets, and others that collect live market data from the web in order to predict real economic indicators, as opposed to statistics collected by government technocrats. Blockchain, we were told, is like the Internet was back in 1993.
Panel Discussion at the 2016 Software Risk Summit
Software risk has historically been overlooked as a security concern by business leaders, and companies have paid a high price as a result. Remember the JPMorgan hack of 2014? That cost the bank more than $6 billion. RBS has paid £231 million for their IT failures as of two years ago. The Target breach? The retailer posted a write down of $152 million. Or, more recently, Jeep controls being taken over by hackers, and a similar incident with Toyota-Lexus having to fix a software bug that disabled cars’ GPS and climate control systems? That costs the manufacturers valuable consumer confidence points and can seriously damage sales.
So I was thrilled to know that the topic for the first annual Software Risk Summit in New York was indeed just that, software risk. I had the pleasure of moderating the panel discussion with esteemed guests from BNY Mellon, the Software Engineering Institute at Carnegie Mellon, the Boston Consulting Group and CAST. But beforehand, I was able to sit-in on the keynote by Rana Foroohar.
High-capacity network bandwidth has become more widely available, and we have quickly tapped into every last inch of its capacity. More devices are built with wi-fi capabilities, the costs of mobile devices are going down and smartphones are in the hands of more people than ever before. In fact, Apple might have already exhausted the market and is seeing drastically lower sales forecasts for the iPhone.
We are moving into an era in which virtually any device will connect to the Internet. Phones, fitness trackers, dishwashers, televisions, espresso machines, home security systems, cars. The list goes on. Analyst firm Gartner estimates that over 20 billion connectable devices will exist worldwide by 2020. Welcome to IoT—the Internet of Things. A giant network of connectable things.
In April, Google experienced a fairly significant cloud outage, but it was hardly news at all. In fact, it was likely the most widespread outage to hit a major public cloud to-date. The lack of coverage is strange, considering the industry’s watchful eyes like Brian Krebs and others. The even more recent Salesforce service outage seems to have received more attention. But despite the fact that Google seems to have gotten away with a “pass” this time, the glitch brings renewed attention to the fact that tech players large and small are continuing to deal with software robustness issues.
Google Compute Engine was down for a full 18 minutes around the 7 o’clock hour Pacific Time on April 11, disconnecting all users in all regions. This was a Google cloud outage, and the root cause was a network failure. Network outages appear to be an ongoing challenge for Google, this one being the biggest yet.