The attention that has been given to threats emanating from the cyber domain has dramatically increased the research and development of tools for this tradecraft. Now, add the continued increase in the estimates of this global market and you can easily justify all the activity.
Are we building for the past, locking the door after the robbery has already occurred? Given the rapid pace of cyber threat advancement that we are and have been experiencing for some time now, one has to wonder if the current processes and techniques should be modified to match the pace of the threat evolution. Not that long ago I was asked to review the methodology of an organization conducting cyber research. After a review of documents, interviews and a short demonstration, our team came to a conclusion. They were using what I called a slightly modified Waterfall Method of software development. During those interviews I asked about other development techniques, such as Agile, and got an interesting comment about compliance with CMMI. CMMI stands for Capability Maturity Model Integration, which is a process improvement training and certification program that is required by many DoD and government programs. Why would a research and development lab that does not produce production software build to that robust of a methodology? After all, what they produce is just beyond what would be considered proof of concept.
Given the pace of change in the cyber environment, we need to find ways to cut the concept-to-production time required for cyber security software while maintain the development integrity and effectiveness and without sacrificing quality. I saw a slide about a report by the Standish Group that estimated 64 percent of software features are rarely — if ever — used and only 20 percent are used on a regular basis. Perhaps we should start there!