2011 App Failures - Year in Review CAST


Published on

A look at some of 2011's biggest IT Failures including Sony, Google, Microsoft, Citigroup, London Stock Exchange, RIM, Bank of America and more....

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

2011 App Failures - Year in Review CAST

  1. #ITFAILIN 2011
  2. Application Failures In a year when we saw one major outage, malfunction and security breach after another befall organizations that rely upon technology, we should heed a lesson. The sad part is nearly all, if not all of these outages, malfunctions and breaches had in common a structural flaw somewhere down in the bowels of the application that had gone undetected.CAST Confidential 2 Achieve Insight. Deliver Excellence.
  3. April Patch Tuesday: released a record-tying 17 bulletinspatching a record 64 vulnerabilities including kernel patches November Patch Tuesday: avoided patching a zero-day vulnerability used in the Duqu malware attacks that allowed hackers to run arbitrary code in kernel mode http://blog.castsoftware.com/it%E2%80%99s-tuesday-do-you-know-where-your-patches-are/ http://blog.castsoftware.com/microsoft-ducks-duqu/
  4. Apple has a bug in its new iOS 5 operatingsystem that causes serious battery drain issues with the new iPhone 4S handset http://blog.castsoftware.com/marketing-over-matter/
  5. Dropbox encountersa bug during a codeupdate that disablescustomer passwordsfor several hours http://blog.castsoftware.com/dropbox-drops-the-ball/
  6. JP Morgan, Chase & Capital One reveal thatemail management vendor Epsilon detected an"unauthorized entry" into its system, exposing customer names and e-mail addresses
  7. Hackers backed by a foreign government steal 24K sensitive files by exploitingsoftware vulnerabilities at a Dept of Defense contractor Defense Secretary Leon Panetta http://blog.castsoftware.com/the-enemy-within/
  8. Sony suffers more than a dozen attacks at the hands of the LulzSec Group, which exposes customer accounts via SQL Injection attacks Sony president Howard Stringer Attacks result in 55 class action law suits and cost Sony $178M http://blog.castsoftware.com/sony-oops-i-did-it-again/
  9. London Stock Exchange halts trading on its main market due to a technical fault in its barely 2-week- old MilleniumIT trading systemhttp://blog.castsoftware.com/london-bourse-is-falling-down-%E2%80%93-time-to-analyze-its-structure/
  10. A malware attack exposes names, account numbers and email addresses of around 200,000 Citigroup customers http://blog.castsoftware.com/hackers-are-getting-smarter/
  11. A spate of computer outages in the airline industry was blamed on badhardware, corrupted software & failure of backup systems to kick in http://blog.castsoftware.com/stranded-by-software/
  12. A technical fault causes levels to be incorrectly displayed for nearly an hour following the start of trading on Euronext Borsa Italiana suspendstrading for almost six hours blaming technical issues Australian Stock Exchange has trading halted due to an ICT systems error traced back to a software problem http://blog.castsoftware.com/stock-exchange-failures-what-next/
  13. A computer service vendor ofBoston’s Beth Israel Hospitalfailed to restore proper securitysettings on a computer followingmaintenance, leading it to beinfected with a virus thattransmitted data files to anunknown location http://blog.castsoftware.com/hacking-up-a-hospital/
  14. discovers data leak vulnerability resulting from pre-existing security hole from old Froyo operating system More than 50 maliciousapplications infect Android Google pulls Gmail app devices through from iPhone App stores DroidDream malware due to a bug that causes a “notification error” http://blog.castsoftware.com/serving-up-some-humble-pie-with-google%E2%80%99s-%E2%80%98ice- cream%E2%80%99/
  15. RSA allowed their own information to be stolenwhen a phishing email witha zero-day exploit installed a backdoor through an Adobe Flash vulnerability http://blog.castsoftware.com/to-be-forewarned-is-to-be-forearmed/
  16. RIM experiences worldwide outage ofthe BlackBerry system when a software upgrade on its database resulted in corruption problems and attempts to switch back to older version led to collapse of system http://blog.castsoftware.com/falling-off-the-rim/
  17. Researchers demonstrate hackers havecapabilities to send radio signals that exploit vulnerabilities in embedded software andcould reprogram or shut down devices such as pacemakers or insulin pumps http://blog.castsoftware.com/hacking-the-heart-of-the-matter/
  18. Dept of Energy contractor Pacific Northwest NationalLaboratory shuts down most of its internal network services when a sustained cyber attack exploitsundisclosed bug in the server http://blog.castsoftware.com/seeking-independence-from-being-hacked/
  19. Bank of America customers are unable to log in to their online bank accounts due to problems following routine software upgrades.Later in year their websitegoes off-line due to a “Denialof Service” attack http://blog.castsoftware.com/stock-exchange-failures-what-next/
  20. A computer virus infects software that managesPredator and Raptor drones http://blog.castsoftware.com/what-we-dont-know-is-hurting-us/
  21. UK’s East Coast Main Line leftmore than 3,000 rail passengers stranded or delayed for more than five hours on a Saturday afternoon due to software malfunction that knocked outsignaling system and its backup http://blog.castsoftware.com/when-good-software-goes-bad/
  22. 39 recalls of medical devices resultingfrom software defects and malfunctions http://blog.castsoftware.com/software-quality-is-a-matter-of-life-death/
  24. Application Structural Quality Whatever the reason these structural quality errors happened, they shouldn’t have. Hopefully in 2012, companies will look back on all the problems in 2011 and realize that they need to increase the structural analysis of their application software to ensure they won’t be the next victim.CAST Confidential 24 Achieve Insight. Deliver Excellence.
  25. CAST Structural Quality Metrics Most enterprises measure everything but the product delivered to the business CAST Application Intelligence Platform (AIP) measures the product itself Process Product  Robustness  Performance Time & Quality  Security CAST AIP  Planning Duration &Size  Changeability  Estimation  Transferability  Scheduling  Size  Time Tracking  Cost Tracking  Requirements Function & Effort & Budget Scope  Earned Value  User Acceptance  UsabilityCAST Confidential 25 Achieve Insight. Deliver Excellence.
  26. CAST Inserts Actionable Visibility CAST Application Intelligence Center CxO & VP, … Dashboard, reports CAST Application Intelligence PlatformTM  AI Management Studio  Knowledge Base  Approx one thousand rules and best practices PM, QA, Architects…  Decade of software engineering  Std enforcement expertise  Early ID of violations CAST Application Analysis Engine  Drill down to root cause CAST Native CAST UA 3rd party Analyzers (28) scripts analyzers Delivered Source Code: Dev Teams, Suppliers  CICS, IMS, COBOL, DB2 z/OS, PL/I  Arch. visibility / Quick wins  J2EE, .NET and all Major RDBMS  Software engineering expertise  Web Apps, BI, EAI, C/C++, VB, PB  Continuous training/coaching  Siebel, SAP, PSFT, OBS, AmdocsCAST Confidential 26 Achieve Insight. Deliver Excellence.
  27. Tangible and Measured Value  Mitigate business risks with improved structural quality  Better applications for higher business resiliency and continuity  Risk-proofed projects more likely to deliver business benefits on time  Make IT and suppliers more productive  Eliminate waste in ADM  Prevent coding errors in development: 10x savings in rework per coding error  Keep technical debt from growing: up to 10% saving in maintenance cost  Benchmark then optimize resources: maintenance savings potential  Better reuse of frameworks and components: up to 10% of dev budget  Reduce waste in operations  Improve efficiency of large complex transactions & batch processes: up to 5% mips  Reduce troubleshooting and rollover costs: lower Ops staff overtime  Apply consistent measurement & KPIs for superior visibility  Up to 10% of ADM budget, esp. ADM outsourcing “Applying the principles of lean manufacturing to ADM can increase productivity by 20 to 40 percent while improving the quality and speed of execution.” - Ranjit Tinaikar, Principal, Head of NA IT Management PracticeCAST Confidential 27 Achieve Insight. Deliver Excellence.
  28. Market Leader and Pioneer 250 Global Leaders Rely on CASTSIsUse/Resell CASTSIs Resell CAST Industry Groups Engage CAST Key Influencers Endorse CAST CAST Confidential 28 Achieve Insight. Deliver Excellence.
  29. Learn more about CAST www.castsoftware.com blog.castsoftware.com www.facebook.com/castonquality www.slideshare.net/castsoftware Twitter: @OnQuality