2011 Risk Factor Roundup

Most interesting stories of the year

3 min read
2011 Risk Factor Roundup

The last blog post of 2010 appearing in the Risk Factor concerned American Honda Motor Co. warning some 4.9 million Honda and Acura owners that their email addresses were potentially compromised because of a security breach at one of its vendors; the final story of 2011 involves an admission by the New York Times that it mistakenly sent out 8.6 million emails to subscribers Wednesday afternoon informing them that, "Our records indicate that you recently requested to cancel your home delivery subscription."

The email note - which I received - also said that the Times hoped the recipient would reconsider their cancellation request and that the newspaper was offering a 50% reduced rate for 16 weeks as an inducement not to cancel, but one had to act now.

However, a few hours later, the Times sent out another email saying, "This e-mail was sent by us in error. Please disregard the message. We apologize for any confusion this may have caused."

But by then, it was too late and confusion reigned supreme among the paper's subscribers (at least for awhile). The Times didn't help matters by initially saying via Twitter that the original email was spam and wasn't from the paper ("If you received an e-mail today about canceling your NYT subscription, ignore it. It's not from us.") , which the Times soon had to embarrassingly admit instead that it was.

An AP story in the San Francisco Chroniclereported that the email should have been sent out to only to a few hundred people. It also said that the Times "... initially honored the discount, even to people who were already paying full price and had no plans to cancel," but stopped doing so later in the day, to the anger of some of the paper's subscribers and the delight of the paper's competitors.

The "oops" moment at the New York Times wasn't an uncommon one in 2011. There were many more that I blogged about this year, with the Massachusetts lottery glitch probably being my favorite for 2011.

In reviewing the 220 or so entries in the Risk Factor blog this year, the stories that stick most in my mind, however, are those related to the myriad of data breaches, especially those involving Sony, RSA, Comodo, DigiNotar and South Korea's Nonghyup Bank. These breaches in particular highlighted the worldwide fragility of IT security, even for those organizations who were (once) perceived to be highly experienced in the subject.

Next on my list of notable Risk Factor 2011 posts have been the on-going sagas involving the US Secure Border Initiative and the UK NPfIT, both of which were finally canceled this year after lingering on for what seemed like forever, as well as the Queensland Health payroll system fiasco that began in March 2010 and is still reverberating even today. How long it takes to terminate a major IT program, as well as fix one that has gone bad, just seems to increase every year.

And, of course, the New York City CityTime project is in a league of its own. To me, it's story profoundly illustrates the absolutely low expectations that exist in regard to IT system acquisitions and developments.  

Finally, my favorite story of 2011 was one that I have been following for years over at ComputerWeekly involving the two pilots in the Mull of Kintyre Chinook crash of 1994 finally being cleared. Justice delayed, but at least justice finally being done.

The 2011 was to me the year of the IT security breach, and I don't see any let up in that arena in 2012. I think that we'll see more issues arising with electronic health record systems in the US and elsewhere, as their deployment increases. And I also think we'll see some major IT outages in 2012 in several different market sectors as outdated IT infrastructure starts to fall apart.

As is traditional, a number of the IT journals and magazines have published their IT-related lists of 2011 failures, foul-ups and security breaches. For those interested in seeing their lists: both PC World and Info World have put out a list of 2011 ERP project failures; Information Week has a list of its top 10 government IT flops of 2011; Business Computing World has a list of its top 2011 software failures while CRN has a list of the top 10 security breaches of 2011. There have also been a host of 2011 technology flop lists, but these are too numerous to mention.  

Hopefully we'll see you again next year.

The Conversation (0)

Why Functional Programming Should Be the Future of Software Development

It’s hard to learn, but your code will produce fewer nasty surprises

11 min read
Vertical
A plate of spaghetti made from code
Shira Inbar
DarkBlue1

You’d expectthe longest and most costly phase in the lifecycle of a software product to be the initial development of the system, when all those great features are first imagined and then created. In fact, the hardest part comes later, during the maintenance phase. That’s when programmers pay the price for the shortcuts they took during development.

So why did they take shortcuts? Maybe they didn’t realize that they were cutting any corners. Only when their code was deployed and exercised by a lot of users did its hidden flaws come to light. And maybe the developers were rushed. Time-to-market pressures would almost guarantee that their software will contain more bugs than it would otherwise.

Keep Reading ↓Show less
{"imageShortcodeIds":["31996907"]}