Data Leakage & Application Programming Risk Mitigation

Data Leakage & Application Programming Risk Mitigation: A starter for the Java Programming Language

by Ron McFarland, Ph.D.

Risk mitigation continues to evolve in the cybersecurity space. A key observation that speaks to the shifting sands of risk mitigation is noted in the Hewlett Packard Enterprise Cyber Risk Report of 2016. HP researchers indicated that attackers have shifted their focus from servers and operating systems directly to applications (Enterprise, 2016). For application development teams, this shift places even greater emphasis on the development of secure code and the protection of code once deployed. eSecurity (2019) supports the developing risk-trend for application development as the attack vector is morphing because of faster internet connectivity and the migration to the cloud for a variety of application platforms. Continue reading “Data Leakage & Application Programming Risk Mitigation”

Overcoming Certification Rejection - A Recovering CCFP Computer Forensics Certification Survivor

A few years back, I earned the CCFP Computer Forensics certification from ISC2. ISC2 ( is a highly reputable certification organization, but they decided to pull back from the forensics certification as a business decision. They have since expired the CCFP certification.

Continue reading “Overcoming Certification Rejection - A Recovering CCFP Computer Forensics Certification Survivor”

A Primer to Function Point Analysis for the Software Project Manager

by Ron McFarland, Ph.D.

As a Software Development Project Manager, with the help of my team, I must size up the cost of doing a software development project. At the onset of the ‘costing’ effort, one of the common tools that a Project Manager has available is the Function Point Analysis (FPA) method. The FPA is not a distinct estimation effort but is a generic broad estimate on the cost and effort that can be used as a first pass to true software development costs. FPA considers the relationship between the size (scope) of the functional requirements and the amount of relative effort to build the requirement out (Balraj, 2018). FPA analysis can be later used as a cost driver to deeper project effort calculations, such as with Bohem’s COCOMO (Constructive Cost Model) process, developed in 1981 (Beal, n.d.).

Continue reading “A Primer to Function Point Analysis for the Software Project Manager”

The General Data Protection Regulation (GDPR): Impact on US Organizations and software development

By Ron McFarland, Ph.D.

Introduction to the GDPR

The General Data Protection Regulations (GDPR) in the European Union took effect on May 25th, 2018. The formation of the GDPR regulations started in January 2012 when the European Commission proposed a comprehensive reform to existing data protection rules. Even though GDPR was invoked over 6 months ago, a recent survey conducted by Sage found that 91 percent of US businesses lack awareness surrounding the details of the GDPR, and 84 percent don’t understand the GDPR’s implications for their business (Harris, 2018). While the US is not directly regulated by the GDPR, the GDPR has a pervasive impact on the security strategy for every company, CEO, and CISO in the United States, and will impact software development shops, as a result.

Continue reading “The General Data Protection Regulation (GDPR): Impact on US Organizations and software development”

Digital Forensics and Continuous Learning

The Digital Forensics filed is rife with continuous change. If you are in the DF field, this strongly suggests continuous learning. In a recent video from the SANS Institute (a premier digital forensics and cybersecurity organization: link ), the speaker notes her experiences as a DF investigator and the evolving technology that we need to keep abreast with.

Link: terms of continuous learning, Western New Mexico University (WNMU) will be offering Digital Forensics I and II this spring (2 back-to-back 8-week courses). The content is online and labs will be handled in a virtual environment through Practice Labs. The content is in-depth and sufficient to provide robust background for certification in DF. The WNMU website is located here:

Thanks, Ron