A gathering plague of glitches in software code that is threatening the financial health of many companies will only worsen as reliance on technology inevitably accelerates.
So says Jeff Papows, former CEO of two big software companies that are now IBM business units, Lotus Software and Cognos. In his new book, Glitch: The Hidden Impact of Faulty Software (Prentice Hall, 2010), Papows highlights examples of botched code that have caused everything from Toyota recalls to a malfunctioning radiation-delivery unit that killed cancer patients to the two-day shutdown of a power plant.
Many information-technology organizations are so hyperfocused on creating the “next big thing” that they take shortcuts in creating solid foundations to support their companies in the future, he writes. Profit pressure plays an important role, with the software-development process often shortened in order to speed up product-release cycles.
Papows says he’s convinced that, in part because of the sheer ubiquity of technology and the demand for ever-greater connectedness, software glitches will both increase and become harder to detect. “The complexity curve has become extreme,” he tells CFO.
High-profile glitches often harm brand reputation, requiring costly damage control, but the financial implications go much further. “What can initially appear to be an anomaly can actually be a widespread error that is staggeringly expensive to fix,” writes Papows, currently CEO of WebLayers, a provider of IT governance automation. Remediation may involve software redevelopment, bringing down systems, legal costs, supply-chain costs, and opportunity costs.
Aside from advancing technology, another culprit is a growing loss of knowledge. While mainframe computers are still the technology backbones of a majority of businesses, the supply of software developers skilled in the COBOL mainframe programming language has steadily declined. Old-hand COBOL experts are retiring, and new computer-science graduates are both decreasing in number and more motivated to learn modern programming languages.
Exacerbating the skills depletion is that few IT professionals today remain in one company, industry, or technology focus. “IT professionals used to study manuals from cover to cover, but that’s been replaced by just-in-time learning,” writes Papows. “Last-minute scrambles to capture a career’s worth of programming expertise and how it’s applied to company-specific applications are challenging.”
He advises companies to be realistic about the prospects for such knowledge transfer. Instead, start now toward making the IT job of the future a hybrid of various kinds of technology expertise, Papows recommends. For example, offer positions that mix different skill sets such as Flash and COBOL programming and offer higher pay for cross-trained developers. Also, automate as many time-consuming and less-strategic functions as possible.
Another driver of software glitches is the frequency of mergers and acquisitions. Newly joined companies are usually in a big hurry to combine their back-office systems. In an example from the book, after tuxedo retailers Mr. Tux and Men’s Wearhouse merged in 2007, a software glitch caused errors in tracking inventory and customer orders. “When you try to jam things together, you have the recipe for a digital calamity,” says Papows.
Speed is less important than quality in executing a merger, according to Papows. “If your senior-level IT staff tells you the deadlines are unrealistic, listen carefully,” he writes. He also counsels that an acquiring company should not assume it has the better IT infrastructure and staff, and not shut off any systems until the merger is complete.
Papows is calling on IT and business professionals, government agencies, and consumer advocacy groups to form a coalition to lobby for new legislation requiring more-stringent reporting of software glitches that could put lives at risk. He also wants fines imposed on people and organizations responsible for software-glitch cover-ups that pose health or safety risks.
Papows also proposes requiring a specified level of automated IT governance for companies whose products can directly affect consumers’ quality of life. That could benefit his current company, but he says it’s common sense. “The government controls the food chain and health care, but software and computer glitches can have a big impact on health and safety, too, so why wouldn’t you have some basic oversight?”