An Encore for Equifax?

When you are a consumer credit company, victimized recently by a serious security breach where hackers exploited an application vulnerability to steal the personal information of roughly 143 million people, what do you do for an encore? For Equifax, the encore may be “get hacked a second time.”

Lessons from Equifax: Get a Software Risk Scorecard

The biggest lesson learned from the Equifax breach is that executives and application owners need a software risk scorecard that clearly outlines KPIs around software structural quality and security.

A Good Look at Open Source Frameworks: Avoiding Another Equifax

Open source is the lifeblood of modern software development, there’s no getting around it. It makes sense that development teams want to get a head-start when beginning a new project and don’t want to have to start from scratch every time. Because open source software is designed and “certified” with public use in mind, it is prevalent throughout the app dev community.

Need for Holistic IT Systems’ Risk Assessment

The recent spate of IT glitches and ‘power outages’ at British Airways which caused the UK’s national carrier to cancel all its flights worldwide at the start of May bank holiday along with the WannaCry ransomware attack which ground the National Health Service to a halt have exposed again the importance of IT systems in today’s business. The complexity of these IT systems, the number of vulnerabilities that exist in critical software used by critical infrastructure sectors such as the NHS, airlines, telecom operators has made headlines once more.

What Went Wrong at Google – Software Robustness Remains a Struggle

In April, Google experienced a fairly significant cloud outage, but it was hardly news at all. In fact, it was likely the most widespread outage to hit a major public cloud to-date. The lack of coverage is strange, considering the industry’s watchful eyes like Brian Krebs and others. The even more recent Salesforce service outage seems to have received more attention. But despite the fact that Google seems to have gotten away with a “pass” this time, the glitch brings renewed attention to the fact that tech players large and small are continuing to deal with software robustness issues.
Google Compute Engine was down for a full 18 minutes around the 7 o’clock hour Pacific Time on April 11, disconnecting all users in all regions. This was a Google cloud outage, and the root cause was a network failure. Network outages appear to be an ongoing challenge for Google, this one being the biggest yet.

Software Risk: Executive Insights on Application Resiliency


Software risks to the business, specifically Application Resiliency, headline a recent executive roundtable hosted by CAST and sponsored by IBM Italy, ZeroUno and the Boston Consulting Group.  European IT executives from the financial services industry assembled to debate the importance of mitigating software risks to their business.

Bad Software Quality Crashes Airlines’ IT Systems, Again: When Is Enough Enough?

Southwest Airlines is the latest victim of the airline scandal. What scandal? It’s the one where airlines continue to cause travel delays due to poorly managed IT systems. It’s the one that caused Southwest to delay 836 flights on Monday and distribute HAND written tickets to passengers because of a ‘software glitch’. Southwest isn’t alone. United Airlines grounded hundreds of flights in July and American Airlines did the same in September and April. How long will consumers have to wait before these organizations figure out that the glitches are caused by bad software quality, which creates bad service?