The KIT ─ Knowledge & Information Technology
No. 110 - 16 December 2013
Was this forwarded to you?
In This Issue
Barry Boehm on Software Lifecycles
The Costs of Insecurity
Latest Cloud Council Guide
Internet of Things Interoperability
SalesForce Evolves
Cutter Winter Sale
Seen Recently
CB photo

Consulting Services
  • IT Strategy
  • Enterprise Architecture Roadmap 
  • Business Process Modeling & Analysis 
  • Enterprise Software Selection 
  • IT Innovation Briefings
  • IT Due Diligence
  • Executive IT Seminars
  • Cloud Computing
  • Security Maturity
  • Software Process 
  • Knowledge Strategy
  • Technical Communities
  • Knowledge Capture
  • Taxonomy development 
  • Enterprise Social Media 
Contact Us:
c�b� IT and Knowledge Management
www.cebe-itkm.com
info@cebe-itkm.com

+1 281 460 3595
Twitter: @cbaudoin 
Forward this newsletter to colleagues and friends: use the "forward email" link below at left, rather than "Forward" in your email software, to preserve your privacy, give the recipient more options (their own unsubscribe link, etc.) and to give us better click-through data from ConstantContact. Thanks!
Reminder: Webinar with Barry Boehm
On December 17 (9:00 PST, noon EST, 17:00 GMT), ACM presents a webcast with renowned software engineering authority Barry Boehm, from the University of Southern California, on "The Incremental Commitment Spiral model (ICSM): Principles and Practices for Successful Systems and Software." This should be very interesting to "agilists" and traditional lifecycle model users alike. Register here for this free event.
The Costs of Insecurity
At budget time, getting enough money to fund security initiatives is often a tough sell, because executives cannot easily calculate the return on investment (ROI), which is the measure by which they prioritize most other investments. A risk management perspective (what can an accident cost, how probable is it, and what can we do to avoid or mitigate it?) is useful. Look at the case of AvMed, which had to agree to (a) implement identity protection measures, required by privacy laws, that it had not put in place when it was supposed to; (b) pay a $3 million penalty; (c) reimburse customers for proven identity theft losses; (d) return to each customer, even without proven damages, a small amount representing the "unjust enrichment" it derived from saving on security.
(Found in Vince Polley's MIRLN newsletter)
CSCC News
The Cloud Standards Customer Council (CSCC) just completed a new guide, "Migrating Applications to Public Clouds: Roadmap for Success." The guide provides detailed steps to select which applications to migrate to a public IaaS or PaaS solution, handle integration issues, and execute the migration. This latest guide joins a growing collection that started with the 2011 "Practical Guide to Cloud Computing." The history and status of the Council is summarized in this short Slideshare presentation.
Internet of Things Interoperability
As readers of this newsletter have noticed, we have started following the "Internet of Things," that is, the move to connect devices of all kinds, from cars to home thermostats to parking meters, to the Internet in order to monitor and control them remotely. We've raised the issue that the security risks need to be handled very seriously and earlyly, or else serious accidents are likely to happen.
The AllSeen Alliance is helping appliance makers by promoting "an open source framework designed to enable systems to seamlessly discover, connect, and interact with each other" across operating systems (read this Network World article). Here's the scary part: the ability to interconnect devices may be maturing faster than the ability to secure them. Open-source toolkits will be as easily available to hackers as to device vendors, and versions containing malware are certain appear shortly after the original software.
Analyzing the SalesForce Strategy
SalesForce, which started the modern Software-as-a-Service (SaaS) industry in 1999, periodically tries to reinvent or expand its business model, usually announcing the latest moves at its annual DreamForce conference, which just took place. Analyst Jeffrey Kaplan analyzes this year's news and what it means for SalesForce customers and for industry consultants.
Cutter Consortium Winter Sale
Ho, ho, ho! The Cutter Consortium is offering a limited-time 40% discount on individual reports and subscriptions to the IT Journal or the Cutter Benchmark Review. The sale ends on December 24. Click here and use the coupon code WINTER40.
Seen Recently...

"The only people the NSA doesn't monitor are its contract employees."

-- Nicholas Thompson (@nxthompson), New Yorker editor,

tweeting about a December 14 New York Times article entitled 

"Officials Say U.S. May Never Know Extent of Snowden's Leaks"