Recap: Software Risk Summit 2016

Panel Discussion at the 2016 Software Risk Summit
Software risk has historically been overlooked as a security concern by business leaders, and companies have paid a high price as a result. Remember the JPMorgan hack of 2014? That cost the bank more than $6 billion. RBS has paid £231 million for their IT failures as of two years ago. The Target breach? The retailer posted a write down of $152 million. Or, more recently, Jeep controls being taken over by hackers, and a similar incident with Toyota-Lexus having to fix a software bug that disabled cars’ GPS and climate control systems? That costs the manufacturers valuable consumer confidence points and can seriously damage sales.
So I was thrilled to know that the topic for the first annual Software Risk Summit in New York was indeed just that, software risk. I had the pleasure of moderating the panel discussion with esteemed guests from BNY Mellon, the Software Engineering Institute at Carnegie Mellon, the Boston Consulting Group and CAST. But beforehand, I was able to sit-in on the keynote by Rana Foroohar.

CISQ & IT Risk Management: Minimizing Risk in Government IT Acquisition

On March 15, CISQ hosted the Cyber Resilience Summit in Washington, D.C., bringing together nearly 200 IT innovators, standards experts, U.S. Federal Government leaders and attendees from private industry. The CISQ quality measures have been instrumental in guiding software development and IT organization leaders concerned with the overall security, IT risk management and performance of their technology. It was invigorating to be amongst like-minded professionals who see the value in standardizing performance measurement.

Software Risk Management: Risk Governance in the Digital Transformation

Software Risk Management in Digital Transformation was the focus during the 4th edition of the Information Technology Forum, hosted by International Institute of Research (IIR).  Massimo Crubellati, CAST Italy Country Manager, discussed how Digital Transformation processes are changing the ICT scenario and why software risk management and prevention is mandatory.
 
Massimo shared our recipe for Digital Governance evolution: including a specific ICT Risk chapter in the design of the governance structure of the digital transformation, whose most relevant aspect is to determine which methods and through which key performance indicators to measure the operational risk inherent in the application portfolio. Measurement needs to be continuous and structural, it must include the assessment of application assets inherent weaknesses, through the analysis of correlations between the layers composing them. Thus obtaining, not only an effective prevention of direct damage ensuring the service resilience, but a reduction in maintenance and application management costs.

IT Leaders Address the Value of Software Measurement & Government Mandates Impacting Development

IT leaders from throughout the federal government discussed the value of how software measurement can positively impact their development process at CAST’s recent Cyber Risk Measurement Workshop in Arlington, VA – just outside of the Washington, D.C. area. The event brought together more than 40 IT leaders from several governmental agencies, including the Department of Defense and Department of State, system integrators and other related organizations. The group shared their experiences in how their respective organizations are driving value to end users and taxpayers.
Measuring and managing software quality is not just about compliance with government mandates, but rather around the proposition that strong software quality, security and sustainability are paramount. However, compliance remains essential. Three primary points around software compliance voiced by attendees were:

Government mandates point to the fact that software must have a measurement component
Industry standards, such as the Consortium for IT Software Quality (CISQ) and The Object Management Group (OMG) are available and should be leveraged
Technology solutions exist to help public sector firms address these mandates

Software Benchmarks and Benchmarking

Reifer Consultants LLC’s recent white paper, Software Benchmarks and Benchmarking, discusses software benchmarking process and provides information on industry
Benchmark on Dean Street railway bridge.

Software Analytics: Nine Steps to Create Better IT Budgets

All businesses recognize the importance of developing software within a budget. But how do you put together that IT budget in the first place? CAST has worked with a successful CIO to create a guideline of best practices (>Click Here To Download It<). Saad Ayub, formerly CIO at Scholastic and The Hartford, suggests nine ways analytics supports better IT budgets.

IT Trends 2016: Insights from the CAST CIO and IT Leaders’ Roundtable Discussion

Last week, CAST, a global leader in software analytics, invited more than 100 IT professionals to participate in a software risk and analytics roundtable in New York, NY. The daylong exchange included CIOs, industry analysts, systems integrators and IT advisory firms. As an outcome of this gathering, CAST published an IT Trends 2016 Report. The following post attempts to capture some of the exchange between participants and key takeaways.