Secure Software Development Practice Adoption Model: A Delphi Study

Developing secure software is a major concern in public service organizations as highly-sensitive and confidential data are transacted through online applications. A great number of departments around the public sectors depend on online services to ensure effective services delivery. The insecure software can lead to loss of revenue and damage to business reputation. Implementation of secure development practices throughout the software development lifecycle is influenced by many various factors such as organizational and people factor. Although numerous methods, models and standards in regards to secure software development has been established, implementation of the whole model is quite challenging as it involves cost, skill and time. On that account, this paper presents the results of the Delphi study conducted at the Malaysian Public Service Organization (MPS) with the aim to identify the factors which affect the implementation of secure software development practices. Identified factors are mapped to the security practices in order to establish a relationship between the factors and security practices. In the efforts to achieve this objective, 10 experts who were involved in software development from Malaysian Public Service Organization participated in the study.

[1]  C. Powell The Delphi technique: myths and realities. , 2003, Journal of advanced nursing.

[2]  Mohd Naz'ri Mahrin,et al.  A Review on Factors Influencing Implementation of Secure Software Development Practices , 2016 .

[3]  C. Webb,et al.  The Delphi technique: a methodological discussion. , 1994, Journal of advanced nursing.

[4]  N. Dalkey,et al.  An Experimental Application of the Delphi Method to the Use of Experts , 1963 .

[5]  Emerson R. Murphy-Hill,et al.  Social influences on secure development tool adoption: why security tools spread , 2014, CSCW.

[6]  Taizan Chan,et al.  Understanding And Measuring Information Security Culture , 2012, PACIS.

[7]  Murray Turoff,et al.  The design of a policy Delphi , 1970 .

[8]  Stephen G. MacDonell,et al.  Factors that affect software systems development project outcomes: A survey of research , 2011, CSUR.

[9]  Bhavani M. Thuraisingham,et al.  Challenges and Future Directions of Software Technology: Secure Software Development , 2010, 2010 IEEE 34th Annual Computer Software and Applications Conference.

[10]  Atreyi Kankanhalli,et al.  Investigation of IS professionals' intention to practise secure development of applications , 2007, Int. J. Hum. Comput. Stud..

[11]  F. Hasson,et al.  A critical review of the Delphi technique as a research methodology for nursing. , 2001, International journal of nursing studies.

[12]  Ahad Zare Ravasan,et al.  A McKinsey 7S Model-Based Framework for ERP Readiness Assessment , 2011, Int. J. Enterp. Inf. Syst..

[13]  Suzanne D. Pawlowski,et al.  The Delphi method as a research tool: an example, design considerations and applications , 2004, Inf. Manag..