Thursday, 31 January 2019

Banks leave customers open to more outages through code vulnerabilities

Veracode’s latest State of Software Security report (SoSS) revealed financial services is one of the slowest industries when it comes to addressing common vulnerabilities found in software. The global report found financial services companies took 29 days to address a quarter of their vulnerabilities in coding - and over a year - 573 days - to remediate all open vulnerabilities. It also ranked as second to last of all other sectors in terms of speed to complete flaw remediation. 

A significant 67% of current applications used by banks are at risk from information leakage attacks, wherein an application reveals sensitive data that can be used by an attacker to exploit a web application or its users. This is worrying given the IT outages occurring within the global financial services industry.   

In spite of this, Veracode’s report did reveal that the largest population of applications scanned came from the financial vertical. While financial organisations tend to have the reputation of having some of the most mature overall cybersecurity practices, Veracode’s data shows they struggle like the rest to stay on top of application security. The industry ranked second to last in the major verticals for latest scan OWASP pass rate, and based on the flaw persistence analysis chart, it is leaving coding flaws to linger longer than other industries. 

Even as it is prolific at testing, the financial sector tests almost as many apps as the technology sector, the sector in general is still slow in responding to responding to open vulnerabilities. Additionally, the banking sector addresses the first half of its open flaws slowly, but it starts to pick up speed once it passes the halfway point.  

“We would presume financial services would address flaws and potential doorways to data breaches promptly as it’s a highly regulated industry,” said Paul Farrington, Director of EMEA and APJ at Veracode. “However, we have observed several downfalls over the last year that suggest banks may not as be as technically robust as they like to make out. Historically, we've witnessed the likes of the TSB IT outage occur due to legacy infrastructures and code left over from multiple mergers, which lead to IT outages.” 

It’s a tough job for banks to coordinate cybersecurity awareness so it’s at the forefront of employee’s minds. “These banks are large organisations with high headcount so it’s possible that banks are not raising of the importance of these crucial data leakages internally,” Farrington continues. The sluggish speed to which banks initially respond to vulnerabilities could be an indication of bureaucracy that may impede initial progress, but which is likely overcome once security teams and developers collaborate more to cut through the red tape. 
 
Read the full 2018 State of Software Security report here.  

Monday, 21 January 2019

SHERYL SANDBERG VISITS ANTI-BULLYING TRAINING AND CONFIRMS FACEBOOK’S COMMITMENT TO TACKLE BULLYING ON ITS PLATFORMS

Today, Facebook COO, Sheryl Sandberg, visited Dublin City University’s (DCU) St. Patrick’s campus in Drumcondra to discuss the issue of bullying and online safety with a group of post-primary teachers.

The visit follows the announcement earlier today, that Facebook is tripling its investment in online safety programmes run by the National Anti-Bullying Centre (ABC) and SpunOut.ie, bringing the company’s total investment in online safety programmes in Ireland to €1 million. This money will go towards supporting important research conducted by ABC, expanding the nationwide online safety training program for teachers and parents of secondary school students, and creating online safety resources for teens in partnership with SpunOut.ie.

At DCU's St. Patrick’s campus, Sheryl Sandberg met with a small group of teachers to discuss the issue of bullying in schools and to hear first-hand experiences from those dealing with bullying both on and offline. The teachers spoke about the challenges social media brings to the classroom and Facebook’s COO reaffirmed the company's commitment to tackling bullying on the platform.

Following the meeting, Sheryl Sandberg addressed over 100 teachers attending the first anti-bullying training session as part of this programme. In her remarks, she highlighted how seriously Facebook takes the issue of safety. She reaffirmed the company’s commitment to tackling harmful content saying the social network is hiring more people to review content reports, and is investing in AI systems for finding and preventing abuse across all their platforms - Facebook, Instagram and Messenger.

Addressing the teachers, she said, “we know that we’ll never completely stop the bad from happening, but we’re committed to putting in the work and making significant investments, even when they impact our bottom line. Keeping children safe is one of our most important responsibilities at Facebook.”

Sheryl also spoke about Facebook’s work to date on educational resources such as the Bullying Prevention Hub and Parent's Portal and in-app controls which help people of all ages manage their experience on Facebook, saying, “we have tools that allow you to better control your experience if you’re being bullied. You can block someone who is bullying you, hide comments from that person, or ignore their messages. We have a comment filter which automatically hides bullying comments intended to harass or upset people, it will alert our teams to repeated problems so we can take action. People can also customise the filter with words that might specifically be used to bully them.” In addition, she informed teachers that, “you can also report bullying on behalf of a student, friend or family member.”

Speaking at the announcement today, Professor Brian MacCraith, President of DCU said: "We are delighted to welcome Facebook COO Sheryl Sandberg to DCU today and we very much appreciate the significant increase in support coming from Facebook for our Anti-bullying initiatives. This partnership between Facebook and the National Anti-Bullying Research and Resource Centre at DCU is an excellent development and will have a profound impact on the lives of thousands of students and their families. I welcome the fact that the focus is on providing training for teachers and parents who are both faced with the growing challenge of supporting students dealing with all the complexities and dangers associated with bullying, cyberbullying, and online safety. The award of the prestigious UNESCO Chair on Tackling Bullying in Cyberspace and Schools announced last year is a measure of the global scale of the problem and of the expertise developed by Prof. O’Higgins and his team. This project is an excellent manifestation of the public good that can derive from that."

Friday, 18 January 2019

Galway woman scoops gold at the 2019 IMR Manufacturing and Supply Chain Awards



Former CEO and non-executive director of Creganna-Tactx Medical, Helen Ryan has been crowned the Outstanding Industry Contribution winner at this year’s IMR Manufacturing and Supply Chain Awards. The glittering event which celebrates the finest in Irish Manufacturing took place at The Citywest Hotel Convention Centre on the evening of the 17th of January.

Unlike other awards ceremonies, the event recognised hard work, innovation and dedication to the industry. Female business leader Galway woman Ryan scooped the title for enabling Creganna-Tactx Medical to become one of the world’s top 10 medical device outsource providers. Her time as CEO ensured the company grew fivefold to become the largest indigenous medical device company in the world.

Speaking about her win, Helen Ryan says ‘I’m thrilled to have won at this year’s IMR Manufacturing and Supply Chain Awards. It’s not often the medical device industry gets recognised for its people and innovation despite the industries efforts to keep Ireland on the map as a leading manufacturer in the med tech field.’

Competition was fierce this year with hundreds of entries applying across 15 categories. Other winners included Java Republic who won Sustainable Manufacturer of the Year for boasting the world’s first purpose-built carbon-neutral roastery in the world. In addition to this, Intel were awarded ICT Manufacturing Team of the Year while Kerrygold Park won Food Manufacturing Team of the Year (for a full list of winners please see below)

Innovative work, close collaboration and improvement to internal operations played a significant role in the decision-making process for judges this year. The 2019 panel included Eoin O’ Driscoll, Chairman of Tyndall Institute, Barry Kennedy, Chief Executive of IMR, Caroline Spillane, Director General Engineers Ireland, Bob Barbour, Chief Executive Competitiveness Centre, Professor Eamon Murphy, University of Limerick, Dr Christopher Keely, Trinity College Dublin and John Whelan, Chairman of Premier Publishing and Events.

Speaking about Helen Ryan’s win, John Whelan, Chairman of Premier Publishing and Events said: ‘Premier Publishing and Events are delighted to see a former female CEO win at this years Irish Manufacturing Research (IMR) Manufacturing and Supply Chain Awards. Helen has contributed to putting Ireland on the map as a leader in producing innovative technologies in the medical device sector and we wanted to recognise her hardwork and determination in bringing this to fruition. Congratulations to all our other winners also who continue to contribute a significant amount of hardwork and dedication to Ireland’s manufacturing industry.’




Helen Ryan of Creganna-Tactx Medical and overall winner and reps from Java Republic are available for comment.

Sponsor