S/W Quality Conf: Highlights, part 2 of 2

Earlier, I wrote about part 1 of 2 of my SQS Conference highlights 

(see http://blogs.csoonline.com/s_w_quality_conf_highlights_part_1_of_2_0

Now for Highlights, part 2, Dr. Sachar Paulus’ keynote:

To avoid making this too much of a retrospective love fest, I will constrain my comments, but I have to say that as a CSO, Sachar Paulus really “gets it.” He is that rare breed of senior management that has 5 critical success characteristics: technical competence and understanding; business savvy; the ability to speak articulately and passionately; the desire and know-how to measure progress; and, the guts to try different things with the objective of getting stuff done. It’s tough not to admire him and if you ever happen to find yourself next to me at a bar, buy me a beer and tell you some stories about why I feel confident enough to write such things about him.

As far as Sachar’s presentation, it was on measuring security and considering security from different perspectives in the organization. He made a couple of claims that had only occurred to me as fleeting 3AM thoughts in the past, but he tied them together nicely with analogies that helped cement the ideas in my head.

The most poignant was when he said that security is an SOA enabler (or disabler as the case may be). He claimed that quite simply the success of SOA depends on security, period. He used the analogy of an elephant as the old way of building and defending information systems — large, single monoliths that are well protected at the perimeter with thick skins and foreboding tusks. He then likened SOA to an ant colony, where each ant is a specifc functioning and independently authenticated entity, but only as part of the super-organism working in unison toward one goal. It is a concept that I had always understood intuitively but was never able to effectively articulate — and that analogy certainly helped.

>