Risk can take many forms from individual to companywide (enterprise). Regardless of the level there is always a tendency to underestimate the level of risk. Soldiers in combat almost never believe that they will end up a casualty. In fact, people performing jobs considered dangerous regularly underestimate the risk to health and welfare. This same mentality carries forward when dealing with enterprise risk. Ken Olsen, the founder of Digital Equipment Corporation (DEC), stated, “There is no reason why anyone would want a computer in their home.” (1) Personal Computers are now ubiquitous. DEC is out of business. Another famous incident is when Andrew Grove and Intel CEO Gordon Moore decided to exit the memory chip business. It took Intel management two years of churning and emotional trauma before the exit was complete. When one customer was told of the exit, the response was, “What took you so long?”
Monthly Archives: September 2012
#4 – QUANTIFYING CYBER ATTACKS AND CYBER WARFARE – (C) CAPERS JONES – TECHNOLOGY@RISK
The advent of the computer era has brought with it several new kinds of criminal activities and also new forms of military engagements that take place over long distances and involve either disabling military equipment or stealing secret information, or both.
There are also new laws against computer crimes including the United States Computer Fraud and Abuse Act from 1986 and the United Kingdom’s Computer Misuse Act. There are also several laws against spyware. However as in other fields laws do not prevent computer crimes. Also, some computer malware such as browser hijackers and spyware may be legal if they are identified in license agreements that users accept.
#4 – QUANTIFYING SOFTWARE FAILURE AND DISASTERS – (C) CAPERS JONES – SOFTWARE@RIS
Let’s visit twenty one interesting historical software failures. The idea is to analyze each failure and consider what lessons it taught, and which forms of defect prevention or defect removal might have prevented the problems. Because the failures in this section are famous and information has been published about them, they are a useful set of historical data points for retrospective quality analysis.
Among the many forms of defect prevention and removal methods are the following in alphabetical order:
- Acceptance testing
- Automated code static analysis for common languages
- Automated text static analysis for requirements and design
- Beta testing with clients
- Code inspections
- Component testing
- Design inspections
- Debugging tools
- Function testing
- Mathematical test case design based on design of experiments
- Pair programming
- Peer reviews
- Performance testing
- Proofs of correctness
- Quality function deployment (QFD)
- Regression testing
- Requirements inspections
- Requirements modeling
- Risk-based testing
- Security testing
- Subroutine testing
- Supply-chain testing
- System testing
- Unit testing
- Usability testing
#4 – SIX THINGS RECRUITERS WON’T TELL YOU – ELIZABETH LIONS – CAREERS@RISK
Early in my career as a recruiter, I was treated poorly by a job seeker and couldn’t understand why.
After several conversations that felt more like a heated sparring match rather than professional dialogue, I mustered the courage to ask him why he was so curt. Clearly, he was upset and didn’t want to have the conversation.
Over his career, he had a history of unproductive relationships with recruiters. As he put it, recruiters exhibited a lack of professionalism and even told outright lies. Consequently, he had strong bias against anyone in the profession, and he perceived no value in the relationship. As stated, “Talking to recruiters is like dealing with the root of all evil. I’d rather not bother.”
#4 – SOCIAL MEDIA BAFFLES MOST ENGINEERS – ELIZABETH LIONS – CAREERS@RISK
Social Media baffles most engineers. Like eating vegetables, we all know we need to be online and have a professional presence, but it gets confusing when it come to content, frequency and engagement. The most popular presentation I gave this year was on social media – how it works and why we should even bother.
Mostly, I get a lot of questions on LinkedIn. Questions such as:
- What should be on my LinkedIn?
- Do I have it filled out enough?
- What else should I put on there?
- Should I have three recommendations?
- Does my picture look ok?
- Do I have to have a picture at all?
- What do they look at when they read it?
- How will a recruiter find me