The key to security is to ensure that your most sensitive data is handled with proper controls in place. This should include working with your architects to explore the architecture of applications that handle the most critical data, starting from the data elements themselves and fanning out via impact diagrams (for example, CAST does this with the Application Intelligence Platform). Over time, your team will be able to establish secure architecture components that should handle all sensitive data.
In software maintenance and evolution, it is important to assess both code health and application architecture in order to identify issues impeding software quality goals. One way to move the needle toward software quality is to use Technical Debt (TD) indexing as a method to evaluate development projects.
We recently presented a paper at MTD 2016, the International Workshop on Managing Technical Debt put on by the Software Engineering Institute at Carnegie Mellon, where we discussed the way five different and widely known tools used to compute Technical Debt Indexes (TDI), for example numbers synthesizing the overall quality and/or TD of an analyzed project.
It seems more and more frequently we see security and cyber-attacks in the news today. From Yahoo’s apparent cover up of a massive security breach that is damaging its merger with Verizon to the even more recent bank hack in India, where millions of debit cards were compromised, it’s apparent that there are holes in our current defense systems. Adding to the complexity of it all, eWeek has reported that DDoS attacks hit record highs in Q3 2016.
For most data-intensive organizations, it would spell disaster if mission-critical or customer information was leaked. What’s more, security gaps are known to go undetected for much longer in enterprises with a high percentage of legacy systems.
Insurance organizations have reached a tipping point. Historic institutions, with in some cases hundreds of years of service, they are being forced to transform due to changing consumer demands and nimble, technology-centric startups bringing innovative products to market. No stranger to regulatory and privacy concerns, Insurance carriers have overcome many roadblocks throughout their lifetime of doing business. Now they must tackle their legacy IT systems and improve software risk management to deliver the value today’s market is after.
The value of using established technology frameworks is proven. By adopting a software component for which many are skilled and experienced, it is easier for developers and IT managers to maintain a lingua franca.
Earlier this month, CAST held its annual customer and partner conference in Munich, Germany.
IT and business executives from the Insurance, Banking, Telco and IT Consulting sectors shared how they are working with CAST and why software measurement is critical to the success of their IT projects.
Earlier this month, CAST sponsored IWSM Mensura 2016 in Berlin, hosting software measurement professionals and researchers from all over the world to discuss maximizing the value of data. With digitalization trends, there is more data than ever before in software applications and systems, and that data is expected to drive business value. Software measurement is the key to making this data actionable.