The key to security is to ensure that your most sensitive data is handled with proper controls in place. This should include working with your architects to explore the architecture of applications that handle the most critical data, starting from the data elements themselves and fanning out via impact diagrams (for example, CAST does this with the Application Intelligence Platform). Over time, your team will be able to establish secure architecture components that should handle all sensitive data.
Software has always been risky business compared to more mature industries such as telecommunications and manufacturing. Historically, software has seen more canceled projects, higher costs and more frequent schedule overruns than any other industry.
Today in 2016 we are also on the forefront of receiving an increasing amount of cyber-attacks in many different forms such as denial of service, data theft, phishing and the like. Of course, other industries are also risk prone, such as banking and finance as seen by their many failures circa 2008. Indeed the insurance industry centers around risk and has developed sophisticated actuarial methods for predicting the costs of risks and when they will occur.
Software risks to the business, specifically Application Resiliency, headline a recent executive roundtable hosted by CAST and sponsored by IBM Italy, ZeroUno and the Boston Consulting Group. European IT executives from the financial services industry assembled to debate the importance of mitigating software risks to their business.
This post is taken from Capers Jones, VP and CTO, Namcook Analytics LLC original paper Software Risk Master (SRM) Estimating Examples For Quality and Schedules.
Last week, CAST, a global leader in software analytics, invited more than 100 IT professionals to participate in a software risk and analytics roundtable in New York, NY. The daylong exchange included CIOs, industry analysts, systems integrators and IT advisory firms. As an outcome of this gathering, CAST published an IT Trends 2016 Report. The following post attempts to capture some of the exchange between participants and key takeaways.
Consider this an invitation….to find out how you can significantly reduce the risk that exists within your applications.
With data centers growing from dozens of single servers to hundreds or thousands of virtual servers distributed throughout the globe with software that has to accommodate such large scales, managing risk has never been so important. Software development today uses shorter cycles, continuous delivery, and agile techniques that can create additional risk.