Cybersecurity training and workforce development is a common theme and solution that’s proposed at conferences that discuss the challenges of cybersecurity and the future as we know it – developing, architecting and living within digital IT ecosystems. Who’s steering the ship? Do leaders understand the security threats and do their... Read more →

News item submitted by Elizabeth Samet, Public Relations Manager, Synopsys Read the full post on Synopsys blog here The latest release of Coverity by Synopsys features seamless integration with our completely rebuilt eLearning platform, an on-demand developer training solution focusing on secure coding best practices and security guidance. On-demand developer... Read more →

By Tim Mackey, Senior Technical Evangelist for Black Duck Software by Synopsys Link to original article on Synopsys blog, published May 1, 2018 Companies are leveraging containers on a massive scale to rapidly package and deliver software applications. But because it is difficult for organizations to see the components and... Read more →

Herb Krasner, University of Texas at Austin (ret.), CISQ Advisory Board member A new Texas state law adds specific monitoring requirements for large IT projects in Texas state agencies. It requires regular monitoring and reporting on IT project performance indicators of: schedule, cost, scope, and quality. IT scope measurement is... Read more →

by Tracie Berardi, Program Manager, CISQ The Equifax data breach in 2017 was the result of attackers exploiting an unpatched vulnerability in Equifax software. The vulnerability – Apache Struts: CVE-2017-9805: Possible Remote Code Execution as titled in the NIST National Vulnerability Database– was a flaw discovered in Apache Struts web... Read more →

Herb Krasner, University of Texas at Austin (ret.), CISQ Advisory Board member A new law in Texas necessitates the enhanced monitoring of all large IT projects in state agencies. It requires regular measurement and reporting of project performance indicators: schedule, cost, scope, and quality. Quality is believed to be the... Read more →

The U.S. State Department Office of Acquisitions referenced code quality requirements in the Consular Systems Modernization (CSM) statement of work. From the State Dept. CSM acquisition document on page 23, section C.4.2: “The contractor shall adhere to CST application coding standards intended to assist in creating code that is free.... Read more →

Federal IT Acquisition Example Citing CISQ Metrics CISQ has been referenced by the U.S. General Services Administration (GSA), formally citing CISQ requirements in a Information Technology (IT) statement of work from the Office of the CIO for the Office of Public Buildings. GSA is an independent agency of the U.S... Read more →

Herb Krasner, University of Texas at Austin (ret.), CISQ Advisory Board member Here is a summary of the cybersecurity legislation that was passed this year that will have an impact on state agencies and institutions of higher education (all from the 85th regular session of the Tx legislature). The Tx..... Read more →

CISQ Advisory Board member, Herb Krasner, has released a position paper for Texas state CIOs and IT leaders seeking guidance on House Bill (HB) 3275 passed in June 2017 requiring the reporting of software quality measurement in Texas State IT projects. Krasner drafted the legislation that was signed into law... Read more →