At some point in the last 30 years, software transitioned from being a powerful productivity boost for individuals, to an indispensable tool for teams working together. I’ll bet that having Windows 3.1 and Microsoft Office on your desktop computer in the early 90s helped you get your job done, but you could probably still (just about) have done your job without it if required.
Those days are gone now. It took a while for the organization you worked for to restructure itself around having always-on, networked systems for collaboration and data storage. But look around any medium to large organization today and it will quickly become apparent: IT is too big to fail.
So how are we doing?
- TSB standing orders fail as bank’s IT woes continue
- Major security flaw found in Intel processors
- Equifax under pressure after data breach update
- NHS cyber attack: Everything you need to know about ‘biggest ransomware’ offensive in history
- Marissa Mayer says Yahoo still doesn’t know who was behind Web’s biggest breach
What’s going wrong? Allow me to propose a theory.
One of the biggest problems I see in IT, is the culture that values novelty over robustness and continually re-invents things that weren’t broken, while forcing established professionals into non-technical roles or out of the industry all together. The IT industry needs get better at shipping reliable and secure systems, and I believe that retaining knowledge, ensuring professionals are properly trained, and reducing unnecessary churn is all a part of the solution to that.
IT is not the first industry to become critical to the ongoing function of society. We already rely on:
If something goes wrong in one of those industries, people either die or lose their livelihoods. So what do they do that we in IT don’t:
- They all have structures that allow the most experienced professionals to continuing to practice in their field while managing and instructing more junior colleagues and advancing their own careers.
- Practicing in these areas requires accreditation and ongoing accountability to an established industry body.
IT would do well to copy these industries. I propose we should:
- Establish a form of chartered status for IT engineers, and require engineers to be chartered before they can work on critical systems (and by that I mean anything a member of the public might use or depend on). That industry body will require it’s members to continually develop their skills and stay up to date on industry best practice.
- Develop a code of ethics and a mechanism for that industry body to ‘strike off’ its members for violating that code. It should have been impossible for managers at VW to pressure developers into cheating the Diesel emissions tests.
- Get more technical decision making into upper management discussions. It’s a dangerous and lazy stereotype to say that techies and management simply can’t understand each other. I’ve yet to come across a technical issue that can’t be explained to upper management in terms of a cost, time, benefits, risk trade-off, and I’ve yet to encounter a management issue that an intelligent and conscientious IT engineer can’t grasp the implications of if someone takes the time to properly explain it to them. Over time this will lead to technical experts having a clearer career path into upper management.
Doing these three things will ensure that companies as a whole deliver better, safer, more secure and more reliable IT systems. Ultimately, it will keep us all safer and healthier.