Daily Archives: September 15, 2020

MOUNTAIN VIEW, Calif., Sept. 15, 2020 /PRNewswire/ --Synopsys, Inc.(Nasdaq:SNPS) today publishedBSIMM11,the latest version of the Building Security In Maturity Model (BSIMM), created to help organizations plan, execute, measure, and improve their software security initiatives (SSIs). BSIMM11 reflects the software security practices observed across 130 firms from multiple industry verticals including financial services, FinTech, independent software vendors, cloud, healthcare, Internet of Things, insurance, and retail. BSIMM11 describes the work of 8,457 software security professionals who guide the efforts of over 490,000 developers.

BSIMM is used by organizations as a measuring stick to compare and contrast their own initiatives with the data from the broader BSIMM community. BSIMM11 shows that many organizations are adapting their software security efforts to support digital transformation and modern software development paradigms like DevOps.

Read the BSIMM11 Digest or download the full BSIMM11 study.

"The BSIMM is an excellent resource for security leaders interested in learning from the collective experiences of their peers, particularly to solve new or emerging challenges," said Mike Newborn, CISO of Navy Federal Credit Union, a member organization of the BSIMM community. "Today, most organizations face the challenge of securing a growing portfolio of applications against the backdrop of rapidly evolving and accelerating software development practices. BSIMM11 reflects how many of these organizations are adapting their software security strategies to protect themselves and their customers without stifling innovation or impeding the speed of development."

Emerging trends in BSIMM11

"The way modern software is built and deployed has transformed dramatically over the past few years, so naturally the efforts required to secure that software are changing as well," said Michael Ware, BSIMM co-author and senior director of technology at Synopsys. "Businesses are critically dependent on software, and modern methodologies have accelerated the speed of development. As a result, there is more software everywhere, and we still need to worry about all the pre-existing software. As a model that constantly evolves to represent the actual practices in use by hundreds of software security groups around the worldincluding some of the most advanced teams in the worldthe BSIMM provides a near-real-time view into how these changes are being implemented to protect the growing software portfolios."

New activities in the BSIMM represent a shift toward DevSecOps

The three activities added to BSIMM10 saw exceptional growth within the past year (SM3.4 Integrate software-defined lifecycle governance, AM3.3 Monitor automated asset creation, CMVM3.5 Automate verification of operational infrastructure security). This reflects how some organizations are actively working to accelerate software security efforts to match the pace of software delivery. Furthermore, the two activities added in BSIMM11 represent a continuation of that trend (ST3.6 Implementing event-driven security testing, CMVM3.6 Publishing risk data for deployable artifacts).

BSIMM across industries

BSIMM provides unique, data-driven insight to understanding and comparing the relative strengths and weaknesses of software security initiatives across a variety of industries. Cloud, Internet of Things, and high technology firms are three of the most mature verticals in the BSIMM11 data pool. BSIMM11 also highlights differences between three highly regulated industries: financial services, healthcare, and insurance. The financial services industry, which had software security groups in place earlier than other industries, was seen to have more mature practices compared to their counterparts in healthcare and insurance. For the first time, the BSIMM presents data on the FinTech vertical, and found that it tracks fairly closely to financial services, with the primary deltas (in favor of FinTech) occurring in the training, security testing, and code review practices.

Read the BSIMM11 Digest or download the full BSIMM11 study.

For an interactive discussion of the key findings in BSIMM11, register for our October 15 webinar.

Acknowledgments

Sammy Migues, principal scientist at Synopsys, Michael Ware, senior director of technology at Synopsys, and John Steven, founding principal at Aedify Security, authored BSIMM11 after analyzing data collected over nearly 12 years of software security research. Some of the companies participating in the BSIMM study include: Adobe, Aetna, Alibaba, Ally Bank, Autodesk, Axway, Bank of America, Bell, BMO Financial Group, Black Knight Financial Services, Box, Canadian Imperial Bank of Commerce, City National Bank, Cisco, Citigroup, Dahua, Depository Trust & Clearing Corporation, Eli Lilly, Equifax, Experian, F-Secure, Fannie Mae, Freddie Mac, General Electric, Genetec, Global Payments, HCA Healthcare, Highmark Health Solutions, Honeywell, Horizon Healthcare Services, HSBC, iPipeline, Johnson & Johnson, JPMorgan Chase & Co., Lenovo, MassMutual, McKesson, Medtronic, Morningstar, Navient, Navy Federal Credit Union, NCR, NEC Platforms, NetApp, NewsCorp, NVIDIA, PayPal, Pegasystems, Principal Financial Group, Royal Bank of Canada, SambaSafety, ServiceNow, Synopsys, TD Ameritrade, The Home Depot, The Vanguard Group, Trainline, Trane, U.S. Bank, Veritas, Verizon, Verizon Media, Wells Fargo, and Zendesk.

About the BSIMM

Started in 2008, the Building Security In Maturity Model (BSIMM) is a tool for creating, measuring, and evaluating software security initiatives. A data-driven model and measurement tool developed through the careful study and analysis of over 200 software security initiatives, BSIMM11 includes current, real-world data from 130 organizations. The BSIMM is an open standard that includes a framework based on software security practices, which an organization can use to assess and mature its own efforts in software security. For more information, visit http://www.bsimm.com.

About the Synopsys Software Integrity Group

Synopsys Software Integrity Group helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations optimize security and quality in DevSecOps and throughout the software development life cycle. Learn more atwww.synopsys.com/software.

About Synopsys

Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Softwarepartner for innovative companies developing the electronic products and software applications we rely on every day. As the world's 15thlargest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software security and quality solutions. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest security and quality, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more atwww.synopsys.com.

Editorial Contact:Mark Van ElderenSynopsys, Inc.650-793-7450[emailprotected]

SOURCE Synopsys, Inc.

http://www.synopsys.com

Read this article:

Synopsys Publishes BSIMM11 Study Highlighting Fundamental Shifts in Software Security Initiatives in Response to DevOps and Digital Transformation -...

Artificial intelligence will under deliver to begin with but blow our minds in the future, the chief executive of Babylon Health has said.

Speaking during a London Tech Week panel discussion on AI, Ali Parsa said the NHS is doing fantastic work in the field but added we must not be afraid to participant in new technologies.

AI, like any other technology, is going to under deliver to start with but blow our mind away in the long term and we need to get used to it, he said

On one hand we need to stop hyping what it can do today and we need to almost overhype what it can achieve in the future.

He also added that getting the policy on AI right is critical.

You want the policy to make sure we dont have snake oil today deployed and hurting people, and on the other hand it doesnt suffocate what could come tomorrow, he said.

Thats incredibly hard work to do.

Also speaking was Dominic King, UK lead and medical director at Google Health, said turning research into production is immensely complex adding that the NHS is a vanguard on how AI can be deployed globally.

We know that artificial intelligence and digital technologies are going to transform healthcare, it may not be in two years but 10 years, he said.

Is it transformative now? Not really because most hasnt been implemented at scale, but we are putting the foundations so when its ready many of the mistakes and issues that weve seen with dissemination of technology in the past weve learnt our lessons.

Thats why I think the NHS acts as this exemplar or vanguard for how this technology can be thoughtfully deployed on a global scale.

But he warned there are risks with technologies like AI that need to be managed.

Theres also real risks of this technology and its critical that were very deliberate, we dont want to extend the current inequalities and biases we see, he said.

Particularly whats evident over the last nine months of Covid, and that we end up negatively disrupting how care is delivered in the future.

The government has recently boosted its stake in artificial intelligence, announcing a total of 100m for AI projects.

In late August the Department of Health and Social Care pledged 50m of further investment to improve diagnostics across the NHS, through delivering digital upgrades to pathology and imaging services across the country.

A second wave of 50m was announced on 8 September for a range of AI tools to be tested and scaled under the National AI Lab, launched in 2019.

It includes tools that can accurately analyse breast cancer screening scans and assess emergency stroke patients.

Link:

AI will 'under deliver' at first but 'blow our minds' in the future - Digital Health

Low income housing estate in Abuja.By Gabriel Ewepu Abuja

As Nigerians continue to grapple with the challenge to own decent houses of their dream, the Affordable Housing Cooperative Society, Tuesday, stepped in to assist Federal Government to bridge the existing over 20 million housing deficit with the launch of two products, Easy Mortgage and Collateral Direct.

The launch of the products was done via webinar by the President, Affordable Homes Cooperative Society Town Planner Komolafe Lukman, along with other board members.

Lukman explained that the government alone cannot provide houses for the over 200 million Nigerians and those yet to be born, hence cooperative societies such as the Affordable Homes Cooperative Society, to jump in to rescue the situation with innovative strategies to ensure Nigerians own decent homes of their dream.

He said: Today is an important day for us at Affordable Homes Cooperative Society, which was established over 10 years, and it was formed to fill the gap, which is housing need, which is also a basic necessity of life including clothing and food.

We have a serious deficit in Nigeria as far as housing is concerned. The sole aim of forming this cooperative in 2011 is to solve part of the deficit of housing in Nigeria.

In making that effort we acknowledge the fact that there are challenges, but we at Affordable Homes Cooperative we are taking advantage of the opportunities by making sure we meet the housing needs of Nigerians and also bridge the gap.

However, we have identified problems facing the housing sector in Nigeria which include land, mortgage, which an average Nigerian cannot afford a mortgage because of the income of Nigerians.

Considering these challenges we have come up with two basic solutions to address these challenges, which we call Easy Mortgage; this is to assist Nigerians access mortgage easily, and the other is what we call Collateral Direct; this is to tackle the challenge of an average Nigerian who is into the business when it comes to moving their business forward in terms of accessing loans from Microfinance banks, while some are stuck and cannot move forward because they cannot access loan because they lack collateral.

The good thing is that we as a cooperative is out to fill that gap either by purchasing land through our partners by making sure we solve the problem of collateral.

According to him, Our target of launching these two products is to ensure that Nigerians benefit from them, which on the long run we are going to fix the problem of housing which we are optimistic that if we fix this problem of housing deficit in Nigeria we will solve a lot of problem in Nigeria.

We also know that housing could be used as a panacea to the countrys economic problems because it could be used as a conveyor-belt because if a site begins work it will lead to the multiplier effect of job creation, the supply of building material, food selling and other, he stated.

Meanwhile, in a goodwill message, the Executive Secretary, National Co-operative Cooperative Financing Agency of Nigeria, CFAN, Emmanuel Atama, commended the initiative of the Affordable Homes Cooperative Society and pledged support for success with the new products launched.

As we make giant strides in all sectors of the economy and housing is inclusive. The National Cooperative Society of Nigeria has been working with the Federal Mortgage Bank of Nigeria together with other cooperatives making sure that housing is affordable for Nigerians.

The FMBN has provided a window called the Cooperative Housing Window the intent and purpose and the FMBN and the National Cooperative Financing of Nigeria have been interfacing on behalf of cooperatives in Nigeria to ensure we create a window that promotes inclusiveness.

Unlike before that access to mortgaging is for those in the formal sector. Working with the FMBN today, the window has been provided for those even in the informal sector

We all know that when cooperatives intervene in any sector of the economy it makes things ordinarily not affordable to be affordable, and that is why we are very happy with the Affordable Homes Cooperative Society with respect to the intervention they have provided for access to housing in Nigeria. We are proud of them, wish them well, and will provide them the necessary facilitation to make sure they succeed.

Also speaking was the Executive Secretary, Affordable Homes Cooperative Society, Mike Dibie, who explained that the cooperative is legally registered with Corporate Affairs Commission, CAC, and CFAN, and added that members are projected as a priority to ensure their narrative change in positive based on the formidable team of management.

He said: Affordable Homes Cooperative Society is legally registered with the Corporate Affairs Commission, CAC, also with Cooperative Financing Agency of Nigeria.

Primarily the cooperative gives optimal support to members to own their own houses and also to live a fruitful and happy life, and members have fulfilled lives because they have access to personal and business loans and to own houses including buying goods at discounted rates on developing a property. To register is N5000, while you own a share by buying 10 units at N10, 000 with a fee of N2000 as monthly contribution as a member. The portal is there and soon our app will be out. Our headquarters is in Abuja. We can be reached at http://www.affordablehome.com.ng or 0817388222.

Today we are launching two products that would further deepen the impact of Affordable Cooperative Society which are Easy Mortgaging and Collateral Direct to have loans that make their business prosper.

Vanguard

See the original post:

Cooperative steps in to assist FG bridge over 20m housing deficit - Vanguard