The troubled HealthCare.gov website faced another setback when a software security expert found a series of security flaws, indicating that virtually no security testing went into the site's rollout, according to experts. Organizations that depend on software to run any part of their business need to be concerned about software security, according to software security luminary Gary McGraw, who serves as chief technology officer of Cigital.
McGraw recently unveiled the fifth version of the Building Security In Maturity Model (BSIMM-V). The free software security measurement tool helps organizations benchmark their activities against industry peers. The BSIMM-V study describes the initiatives of 67 organizations. It identifies more than 100 activities that were observed in the field. Here are five ways the Obamacare site could have benefited.