It’s time to treat software -- and its code -- as a critical business asset
Software-driven digital innovation is essential for competing in today's market, and the foundation of this innovation is code. However, there are widespread cracks in this foundation -- lines of bad, insecure, and poorly written code -- that manifest into tech debt, security incidents, and availability issues.
The cost of bad code is enormous, estimated at over a trillion dollars. Just as building a housing market on bad loans would be disastrous, businesses need to consider the impact of bad code on their success. The C-suite must take action to ensure that its software and its maintenance are constantly front of mind in order to run a world-class organization. Software is becoming a CEO and board-level agenda item because it has to be.
Already, some leaders are beginning to understand this imperative. This May, 68 organizations signed a Secure by Design pledge orchestrated by CISA, committing them to specific actions to bolster software security, which helps ensure quality. The pledge includes reducing one or more classes of vulnerabilities, and that specifically starts at the code level. It’s promising to see enterprise tech companies continuing to sign this pledge, but it’s only the beginning.
As AI becomes a more prevalent part of software development, the need to ensure security will only get stronger. AI intrinsically carries its own risk - learning to cope with it securing software at its core is a necessity for businesses that want to take full advantage of the benefits of AI.
Most software executives focus on output -- the thing their business is selling or the service they’re providing -- without acknowledging that the output is reliant on the code their software is built on. After all, the output is what is directly visible. But a myopic view of results is just no longer enough to ensure a business's longevity or future. We must examine below the surface.
Growth and Progress Depends on Code Quality
The market has been trending away from companies that scale fast and quickly exit. It’s now durable, profitable companies poised for success and the public markets; businesses that focus on steady, predictable growth, continuously innovating, and delivering customer ROI.
The auto industry is a good example of how producing high-quality code can help organizations win their markets, even if a car manufacturer isn’t considered a traditional technology company. Many auto manufacturers could theoretically say, ‘We can build a better engine than someone like Tesla’, but where they may always lag behind is on the software. As the most valuable auto manufacturer in the world, Tesla certainly seems to be pulling ahead based on the bets they made to write quality code so they can deliver software that differentiates them in the auto industry.
Acknowledging the impact of software and the code it’s built on, some very forward-leaning companies are putting software engineers in leadership roles, like GM, which hired its first EVP of software last year from Apple. Companies are starting to populate their top ranks with software engineers; CTOs are moving into CEO roles. The make-up of the modern CEO is changing as leaders are required to speak both business and tech.
Software performance is not just a technical issue. It has far-reaching implications for businesses, society, and even human lives. The increasing complexity of software systems, such as self-driving cars, has made it essential to ensure that they are developed and maintained to the highest standards. Furthermore, the White House's recent move to hold software companies legally liable for products that do not meet basic standards has put the onus of quality on the leadership of these organizations.
Bad Code is a Big Problem
To be clear: bad code is one of the number one business liabilities today and it is currently flying under the radar. There are no regulations to govern it, shareholders are not demanding the reduction of tech debt, and leadership teams continue to focus on output rather than foundational structure. Further, there is no incentivization for organizations to produce better code. No stick -- and no carrot. Organizations rack up technical debt due to this bad code that becomes more and more difficult to solve as it accrues. Meanwhile, the unsung heroes on development teams struggle to shoulder the problem, leading to increasing levels of burnout and mental health issues.
Flipping the switch to turn software from a liability into an asset by focusing on the code doesn’t need to be daunting; it’s well within reach. It’s an urgent leadership responsibility to design software that is built on secure, reliable, and maintainable code. Failure to do so is creating the perfect storm of issues due to bad code such as slower development, more security risks, worsening customer experience, and less accountability.
It’s time for top executives and boards of directors to reflect on what is at the top of their agendas and recognize that if “software as a critical business asset” is not there, it needs to be -- now.
There needs to be a mindset shift to see software in a new strategic light and to have software built on quality code woven into the fabric of the way business is done. The future of digital business depends on it.
AI in the Software Landscape
You’ve heard the McKinsey phrase that every company today is a software company. It’s true. And what’s more, every company is increasingly an AI company, too. AI-assisted software development will continue to pick up steam in 2024 as generative AI continues to accelerate in use. This leads to more code written at higher speeds and, in some cases, by less experienced developers equipped with AI tools that are known to produce bugs and security issues just as much as human developers if not more, making it challenging for organizations to ensure the quality and security of their software.
AI is adding fuel to the fire when it comes to secure, high-quality code. As software becomes the thing that business hinges upon, it's worrying to consider the precarious state of the software foundation. This fractured foundation, exacerbated by the advent of AI, is at risk of continued fragmentation unless action is taken. A major disruption caused by faulty code is not a remote possibility and would have far-reaching consequences across industries.
AI coding assistants offer benefits such as developer productivity and skill development, but code and software quality may suffer unless organizations implement the check and balance. Similar to finance, designing software for security, reliability, and maintainability is better than fixing issues later. Additionally, leaders should consider software-induced business risks beyond security.
The ability to reduce the risk of poor software ultimately depends on the investment in building continuous “Clean Code” -- consistent, intentional, adaptable, and responsible code that is secure and of high quality. This kind of code ensures a final product that is reliable and doesn’t contribute to tech debt, making it a vital aspect of the development process today.
Leaders Must Act Now
When software has become a business-critical asset that is built on a solid foundation, no matter the industry, leaders will see that it is possible to drive innovation at the warp speeds that today’s digital world requires. To summarize, we recommend the following steps be taken:
- Executives should prioritize software: CEOs and boards need to recognize the importance of software and focus on improving code quality.
- Design for security, reliability, and maintainability: Leaders should emphasize designing software on code that is developed with security, reliability, and maintainability top of mind, to minimize business risk.
- Invest in code quality tools and processes: Implement tools and processes that help developers write clean code and identify and fix code issues early on.
- Foster a culture of code quality: Encourage a culture where developers take pride in writing clean, high-quality code.
The problem of mounting tech debt due to code issues is real and it has massive implications not only for the business but for the developers saddled with the burden of fixing the problem after the fact, and for society and human lives as described above. Software is only as strong and as useful as the code behind it. It is urgently necessary to turn code from a liability into a top business asset, especially as the use of generative AI increases. Boards and leadership must begin to consider whether or not their software is being built in the right way before it becomes a drag and detriment to business growth.
Photo Credit: Oleg Ivanov IL/Shutterstock
Dr. Harry Wang is VP of Strategic Partnerships, Sonar, a software company that helps developers write quality clean code. Sonar's solutions are trusted by more than 8 million developers today. At Sonar, he oversees the company's product marketing and tech partnership functions. He joined the company from Google where he spent almost eight years of his career, most recently working on the incubation of Google's internal startups that applied GenAI and federated ML to enterprise knowledge discovery and privacy-sensitive apps.