Agile Methodology in PayPal Cybersecurity Project

According to Awad (2005), PayPal, an American multination financial technology firm, experiences cyber security threats. As a result of becoming more at risk of cyber security threats recently, PayPal has decided to start a new development project to assess and improve its current cyber security system. Cyber security for many firms is essential as it protects the firm and its potential customers from potential cyber threats. As noted by Adrialdo Azanha et al. (2017), technology advancement has left many companies and their respective consumers vulnerable to various cybercriminal acts such as information damage and theft, hacking and industrial espionage. As witnessed in other organizations such as Walmart Inc., cyber security improvement projects remain significant as they protect all forms of data from damage and theft. The list includes sensitive details, Personally Identified Information, individual details and industry and governmental information systems. This paper mainly explores the role of agile methodology and life cycle in PayPal’s Cybersecurity improvement project.

Literature Review of Agile Methodology and Agile Life Cycle

Awad (2005), while providing a comparison between traditional and agile software development methodologies, identifies agile software development techniques. They include scrum, dynamic systems development, and extreme programming methods. Awad (2005) defines scrum as a framework using fixed-time boxes known as sprint. According to the author mentioned above, the scrum team operating scrum framework will incorporate scrum events, achieving scrum artefacts. Also, Awad (2005) notes the central scrum team members. They include the product owner responsible for development results. Scrum master accountable for liaising with stakeholders and that scrum team works successfully. The last group is the development team composed of personnel with distinct functional experiences and expertise working on system development. In their empirical findings, Awad (2005) also identifies the three scrum artefacts: sprint backlog, product backlog, and burn-down chart.  While product backlog lists required orders and is designed on specific product features and functions, the sprint backlog is the main sprint goal, and once the sprint or task is made, the progress is entailed and explicitly recorded in the Burndown Chart.

Adrialdo Azanha et al. (2017) argue that companies such as PayPal use Agile Methodology in improving their cyber security condition. As further backed by Lopez et al. (2019), Agile methodology in project management is very flexible and evolutionary. In their systematic literature review, Lopez et al. (2019) argue that agile methodology divides organization projects into short, flexible and manageable sprints. Agile has specific unmatched flexibility and is vital in dynamic organizations’ cyber security improvement projects. Besides, Alliance (2017) argues that the agile manifesto principles prompt a continuous improvement in a firm’s cyber security situation. Since the methodology has various iterations, each sprint promotes constant improvement in information systems security, thus limiting cyber security risks. Consecutively, agile manifesto principles have relevant metrics. According to Conforto et al. (2014), Agile teams use metrics in estimating cost and time and that the performance project measurement remains more relevant and accurate. Besides, when conjoined to the agile life cycle, agile methodology emphasizes optimizing performances, producing results, and necessitating Cybersecurity improvement. Agile generates essential metrics: throughput, cycle time, and lead time, helping the team’s performance measurement. Also, it identifies bottlenecks and creates data-oriented decisions correcting them.  Agile methodology at large helps improve cyber security since it protects its details from theft or damage.

Agile Methodology and PayPal’s Cyber Security Improvement Project

In order to address risks of cyber threats in the PayPal organization, PayPal uses an agile methodology in its cyber security improvement project. Agile methods at its core capacity prompt a fast and vast software development that PayPal uses. In incidences of cyber security concerns and alarms, PayPal uses agile methodology. As noted by Alliance (2017), agile methods in various financial firms remain an iterative technique. It is a practical approach to multiple projects such as cyber security improvement projects, and that in case of organization data theft or data, the organization I.T teamwork in due course. Agile methodology has helped PayPal to deliver value for its customers and organization personnel. It ensures that organizations note the significant plans, requirements, and results quickly and continuously evaluated in case of information theft or damage.

Additionally, PayPal cyber security improvement project focuses on the standard classic approach. The approach ensures that it successfully incorporates Agile Software Development approaches in its information systems security (Maurer et al., 2004).  Besides, to improve its cyber security threat condition, PayPal includes agile methodology and agile life cycle. In various dominant and financial firms such as PayPal, improving its cyber security condition means applying the agile methodology adequately. Agile methodology at large in PayPal’s firm provides a secure environment for its clients and other personnel as it supports security at the core of its software development (Maurer et al., 2004). In the firm, security risk remains complex and thus requiring effective adaptability to address such cases; therefore, PayPal’s cyber security improvement project adhesively incorporates agile life cycle and methodology, which further allows it to ensure that its information system security is protected from unauthorized personnel.

On the other hand, since time immemorial, agile operations and development correlate with secure systems. The agile methodology ensures that PayPal’s cyber security improvement project is versatile. Through agile methods, the company’s I.T team also relies on transparency and speed and that an effective team is involved in threat response (Maurer et al., 2004). Besides, agile methodology is built on the collaboration principles and change responses that ensure that the firm would address various issues that would affect the firm’s reputation, such as Cyber security. In PayPal’s organization, the cyber security improvement project has ensured that it uses agile life cycle rapidly on its software delivery. The latter builds via iterative and incremental processes that adapt and improve software quality, particularly end-user perspectives (Alliance, 2017). Its software, through agile methodology, secures and protects the client’s information from being shared with unauthorized personnel.

Significant Concerns in PayPal Cyber Security Improvement Project

PayPal faces major issues despite its efforts to integrate its cyber security improvement project. Its introduction of agile life cycle and agile methodology faces various challenges in addressing security issues. PayPal faces major concerns integrating into its cyber security improvement project in conjunction with agile development methodologies. When integrating efficient security into its elegant software development model, PayPal faces short iteration pressure (Leau et al., 2012). In some cases, agile software development in each iteration might fail to do the mandatory test due to a short time.

Also, introducing a cyber-security improvement project and connecting it to agile methodologies in the PayPal organization has bought compatibility concerns. As witnessed in PayPal firm, agile methods and agile suitable filter tools are very consistent with the five security activities: security education and awareness, static code analysis, building security team, reviewing design security, and security requirement analysis (Leau et al., 2012). Compatibility between agile methodologies and security activities in firms remains a threat model. It serves as one of the firm’s significant security-orientated challenges.  On the other hand, incorporating a scrum development team in the PayPal organization is costly. The application of the scrum approach in the firm requires a security expert, and that applying a security sprint method is very expensive. The overall system would delay development, ensuring that security user stories are evaluated and created in a distinct sprint.

Recommendations

While PayPal effectively focuses on ensuring that the cyber security improvement project addresses its security issues, it faces significant challenges associated with it, which should be addressed (Maurer et al., 2004). To address its scrum framework issues, PayPal should propose a safer-enhanced scrum version known as S-Scrum. The version in the scrum process incorporates scrum events, and that it is the simplest and lightest method to prevent organization details from theft or damage. S-Scrum {Secure Scrum} is a scrum framework variation with a particular focus. Therefore, secure software development is incapacitated throughout the vast software development progresses, thus integrating security adhesively (Alliance, 2017). Also, secure scrum has other advantages, including increasing team members’ security awareness throughout the development process and incorporating external security resources, as noted in fig 01 below. Additionally, secure scrum has four practical components: the definition of done, identification, verification, and implementation. When integrated into the scrum parts, it increases software development security.

Conclusion

Cyber-attacks in software are skyrocketing, and that firms such as PayPal are focused on incorporating vast security in their software development to reduce cases of cyber security threats. PayPal’s cyber security improvement project follows the agile methodology and agile life cycle applications. As a result, it allows the firm to incorporate agile software development approaches, which follows essential parts of the software development process and are vital for improving its cyber security state. Besides, through its agile framework, the most popular and effective software development approach, it manages to adapt to the reduction of vulnerabilities and threats of information systems. In various technology innovation companies, incorporating secure, agile methodology prompts inbuilt extreme programming security. The latter adds safe and essential elements addressing securing issues in its software. Besides, agile methodology in software development introduces the application of secure scrum. It increases the team members’ security awareness, especially during development processes, and minimizes the cost of hiring a security expert in the development team. Order Similar Paper

References

Adrialdo Azanha, Ana Rita Tiradentes Terra Argoud, João Batista de Camargo Junior, Pedro Domingos Antoniol, (2017) “Agile project management with Scrum: A case study of a Brazilian pharmaceutical company IT project,” International Journal of Managing Projects in Business, Vol. 10 Issue: 1, pp.121-142, viewed 18 April 2019.

Alliance, A. G. I. L. E. (2017). Agile Practice Guide, Project Management Institute, 2017: Agile Practice Guide (Vol. 1). Bukupedia.

Awad, M A, 2005, “A comparison between agile and traditional software development methodologies,” Report, The University of Western Australia, viewed 17 April 2019.

Leau, Y., Lo, W., Tham, W. and Tan, S. (2012). “software development life cycle agile vs traditional approaches,” International Conference on Information and Network Technology, viewed 17 April 2019.

López-Martínez, J., Juárez-Ramírez, R., Huertas, C., Jiménez, S. and Guerra-García, C., 2016 “Problems in the adoption of agile-scrum methodologies: A systematic literature review”,pp. 141-148 ,4th International Conference in Software Engineering Research and Innovation, viewed 17 April 2019.

Maurer, F., Cohn, M., Griffiths, M., Highsmith, J., Schwaber, K., & Kruchten, P. (2004, August). Agile project management. In XP/Agile Universe (p. 201).