CISQ Issues its Cost of Poor Software Quality in the US: A 2022 Report

December 20, 2022

News

“We hope that the readers of this series of reports recognize the magnitude of the cost of poor software quality within their organizations,” said report author Herb Krasner. “We also hope they adopt the solutions suggested for software conception, development, production, operation, and evolution processes. We’d like to see everyone from the C-suite to IT/software engineers make software quality a first-class citizen. They must address the weaknesses and vulnerabilities that lead to failures, improve the process of preventing, understanding, finding, and fixing bugs, and recognize and reduce the burden of technical debt.”

The report concentrates on cybercrime damages related to software liabilities, open-source software supply chain challenges, and the influence that technical debt has on software development. CISQ has suggested the following solutions to enhancing the quality of software as:

• Quality standards/software problem taxonomies
• Tools for understanding, finding and fixing software deficiencies and technical debt
• AI and machine learning tools to speed software engineering

“Every organization uses open-source software. In fact, on average, open source makes up more than 75% of almost every codebase used in the world,” said Dr. Anita D’Amico, Synopsys Software Integrity Group VP of Cross-Portfolio Solutions and Strategy and CISQ Board Member. “A single vulnerability in one of those open-source components could affect thousands of software applications in just one organization. But to fix it, you need to know which of your apps has it. A software bill of materials (SBOM) provides just that. It’s an inventory of an application’s components that an organization can use to find the vulnerable components for remediation.”

Download the Cost of Poor Software Quality in the US: A 2022 Report from the CISQ website.

(*Synopsys and Undo sponsored the report")