Security Patch Management - An Overview of the Patching Process and its Challenges in Norwegian Businesses

Cyber-attacks are growing more frequent and sophisticated, and they are impacting businesses of all sizes. This encourages businesses to utilize safe, flaw-free systems, making them less susceptible to cyber-attacks. The issue is that no system is flawless, and a substantial number of security flaws are discovered regularly. To ensure the system's security, patches are distributed and implemented. Patches can be complicated and implementing them in systems can be difficult. This thesis seeks to identify the challenges that make the patching process challenging and to propose potential solutions. This thesis was conducted utilizing a qualitative research strategy and methods such as a systematic literature review, to identify existing patching challenges identified by previous research. We conducted interviews with business professionals who were familiar with the patching procedure and had understanding of cybersecurity. The majority of our interviewees were managers with additional expertise leading patching teams. Prior study indicated various challenges in the field of patching and urged further investigation into the issue of patching. Our findings correlated with the current challenges identified by prior research, and we uncovered important new challenges, such as the fact that patches for major vulnerabilities have a tendency to be released just before a holiday, and that legacy systems are notoriously difficult to patch and are sometimes not patched at all. The significance of planning, organization, and communication in the patching process posed additional challenges. The contribution of this thesis to the patching topic is that we have identified "Planned patch delay" as a patch policy that contributes to a high security posture, provides time for patch planning, and mitigates a number of the challenges that might arise during the patching process. Keywords: Patch, Security patching, Patch challenges, Patch legacy, Patch meetings, Patch policy, Patch prioritization, Patch proces

Security Patch Management - An Overview of the Patching Process and its Challenges in Norwegian Businesses

Cyber-attacks are growing more frequent and sophisticated, and they are impacting businesses of all sizes. This encourages businesses to utilize safe, flaw-free systems, making them less susceptible to cyber-attacks. The issue is that no system is flawless, and a substantial number of security flaws are discovered regularly. To ensure the system's security, patches are distributed and implemented. Patches can be complicated and implementing them in systems can be difficult. This thesis seeks to identify the challenges that make the patching process challenging and to propose potential solutions. This thesis was conducted utilizing a qualitative research strategy and methods such as a systematic literature review, to identify existing patching challenges identified by previous research. We conducted interviews with business professionals who were familiar with the patching procedure and had understanding of cybersecurity. The majority of our interviewees were managers with additional expertise leading patching teams. Prior study indicated various challenges in the field of patching and urged further investigation into the issue of patching. Our findings correlated with the current challenges identified by prior research, and we uncovered important new challenges, such as the fact that patches for major vulnerabilities have a tendency to be released just before a holiday, and that legacy systems are notoriously difficult to patch and are sometimes not patched at all. The significance of planning, organization, and communication in the patching process posed additional challenges. The contribution of this thesis to the patching topic is that we have identified "Planned patch delay" as a patch policy that contributes to a high security posture, provides time for patch planning, and mitigates a number of the challenges that might arise during the patching process. Keywords: Patch, Security patching, Patch challenges, Patch legacy, Patch meetings, Patch policy, Patch prioritization, Patch proces

A qualitative study of bereaved family caregivers: feeling of security, facilitators and barriers for rural home care and death for persons with advanced cancer

Background For cancer patients and their family, an important factor that determines the choice to die at home is the caregivers’ feeling of security when caring for the patient at home. Support to caregivers from healthcare professionals is important for the feeling of security. In rural areas, long distances and variable infrastructure may influence on access to healthcare services. This study explored factors that determined the security of caregivers of patients with advanced cancer who cared for the patients at home at the end of life in the rural region of Sogn og Fjordane in Norway, and what factors that facilitated home death. Methods A qualitative study using semi-structured in-depth interviews with bereaved with experience from caring for cancer patients at home at the end of life was performed. Meaning units were extracted from the transcribed interviews and divided into categories and subcategories using Kvale and Brinkmann’s qualitative method for analysis. Results Ten bereaved caregivers from nine families where recruited. Five had lived together with the deceased. Three main categories of factors contributing to security emerged from the analysis: “Personal factors”, “Healthcare professionals” and “Organization” of healthcare. Healthcare professionals and the organization of healthcare services contributed most to the feeling of security. Conclusion Good competence in palliative care among healthcare professionals caring for patients with advanced cancer at home and well- organized palliative care services with defined responsibilities provided security to caregivers caring for advanced cancer patients at home in Sogn og Fjordane.publishedVersio

Developing inter-cultural competencies without travelling: Internationalising the curriculum for healthcare students

Healthcare professionals work with increasingly diverse groups of colleagues and patients in their practice, and it is essential that they develop intercultural competence. International experiences in healthcare curricula can help in this development, but healthcare students on courses tend to have limited opportunities for travel. This paper presents data on the use of an online classroom to provide an environment in which physiotherapy students from two countries could work together to review video case studies to enhance their knowledge and understanding of selected patient conditions and compare different approaches to diagnosis and treatment. These activities were integrated into the usual curriculum in both countries. Evaluation of students’ experiences showed that they valued the opportunity to engage with their peers in another country and were readily able to identify professional and academic benefit from participation. They commented on the impact on their professional identity formation, the benefits of widening their community of practice, and of becoming more interculturally competen

ESA som tilsynsmyndigheit av finansielle teneste i den indre marknad

For norsk finansnæring er tilgang til EUs indre marknad for finansielle teneste heilt avgjerande. Dette føreset at EFTA-statane finn ei rettsleg haldbar og berekraftig tilknytingsform til EUs finanstilsyn. I 2016 vart forordningane som opprettar EUs finanstilsyn, gjort til del av EØS-avtala, og Noreg tilslutta seg finanstilsyna kort tid etter. EUs finanstilsyn har myndigheit til å gjennomføre tiltak av ikkje-bindande karakter retta direkte mot styresmakter og aktørar i EØS/EFTA-statane. Der det dreiar seg om rettsleg bindande vedtak, derimot, er det formelt EFTAs overvakingsorgan (ESA) som fattar desse. Desse vedtaka vil allereie vere skisserte av eit EU-finanstilsyn. I denne artikkelen undersøkjer eg ESAs rolle som tilsynsmyndigheit av finansielle teneste i EFTA-pilaren. Hovudproblemstillinga for artikkelen er kva slags myndigheit ESA har til å fatte rettsleg bindande vedtak under den valde tilknytingsmodellen.acceptedVersio

Oxygen-induced impairment in arterial function is corrected by slow breathing in patients with type 1 diabetes

Hyperoxia and slow breathing acutely improve autonomic function in type-1 diabetes. However, their effects on arterial function may reveal different mechanisms, perhaps potentially useful. To test the effects of oxygen and slow breathing we measured arterial function (augmentation index, pulse wave velocity), baroreflex sensitivity (BRS) and oxygen saturation (SAT), during spontaneous and slow breathing (6 breaths/min), in normoxia and hyperoxia (5 L/min oxygen) in 91 type-1 diabetic and 40 age-matched control participants. During normoxic spontaneous breathing diabetic subjects had lower BRS and SAT, and worse arterial function. Hyperoxia and slow breathing increased BRS and SAT. Hyperoxia increased blood pressure and worsened arterial function. Slow breathing improved arterial function and diastolic blood pressure. Combined administration prevented the hyperoxia-induced arterial pressure and function worsening. Control subjects showed a similar pattern, but with lesser or no statistical significance. Oxygen-driven autonomic improvement could depend on transient arterial stiffening and hypertension (well-known irritative effect of free-radicals on endothelium), inducing reflex increase in BRS. Slow breathing-induced improvement in BRS may result from improved SAT, reduced sympathetic activity and improved vascular function, and/or parasympathetic-driven antioxidant effect. Lower oxidative stress could explain blunted effects in controls. Slow breathing could be a simple beneficial intervention in diabetes.Peer reviewe

Overexpression of P70 S6 kinase protein is associated with increased risk of locoregional recurrence in node-negative premenopausal early breast cancer patients

The RPS6KB1 gene is amplified and overexpressed in approximately 10% of breast carcinomas and has been found associated with poor prognosis. We studied the prognostic significance of P70 S6 kinase protein (PS6K) overexpression in a series of 452 node-negative premenopausal early-stage breast cancer patients (median follow-up: 10.8 years). Immunohistochemistry was used to assess PS6K expression in the primary tumour, which had previously been analysed for a panel of established prognostic factors in breast cancer. In a univariate analysis, PS6K overexpression was associated with worse distant disease-free survival as well as impaired locoregional control (HR 1.80, P 0.025 and HR 2.50, P 0.006, respectively). In a multivariate analysis including other prognostic factors, PS6K overexpression remained an independent predictor for poor locoregional control (RR 2.67, P 0.003). To our knowledge, P70 S6 kinase protein is the first oncogenic marker that has prognostic impact on locoregional control and therefore may have clinical implications in determining the local treatment strategy in early-stage breast cancer patients

Bacteriological and cytological findings during the late puerperal period after two different treatments of retained placenta followed by acute puerperal metritis

The aim of the study was to compare the effect of two acute puerperal metritis (APM) treatment protocols on uterine condition during the late puerperal period (5th to 7th week). Late gestation healthy cows (n = 21) were divided randomly in three equal groups. Parturitions were induced. Treatments of APM were started on the third day postpartum (PP). Group A was treated with an oxytocin analogue carbetocin for three days and intrauterine administration of cephapirin between days 15 and 17. Group B was given intramuscular injection of ceftiofur for five days followed by two injections of prostaglandin F2α, at an interval of 12 h, on the eighth day PP. Group C served as the control group with no treatment. Body temperature was recorded daily for 14 days PP. Uterine biopsies for bacteriology, and uterobrush samples for cytology, were taken once a week from the 5th to 7th week postpartum. No differences were found in body temperature on day 14 PP, presence of bacteriological infections and disappearance of uterine inflammatory signs diagnosed by cytological examination between experimental groups

Treating breast cancer through novel inhibitors of the phosphatidylinositol 3'-kinase pathway

Recent studies indicate that constitutive signaling through the phosphatidylinositol 3'-kinase (PI3K) pathway is a cause of treatment resistance in breast cancer patients. This implies that patients with tumors that exhibit aberrant PI3K signaling may benefit from targeted pathway inhibitors. The first agents to make it to the clinic are the rapamycin analogs. These compounds inhibit the downstream PI3K effector mTOR (mammalian target of rapamycin). A study presented in this issue of Breast Cancer Research suggests that recently developed inhibitors of phosphoinositide-dependent protein kinase 1, a more proximal target of the PI3K pathway, may provide an alternative route to effective PI3K pathway inhibition for breast cancer treatment

RAD51C Germline Mutations in Breast and Ovarian Cancer Cases from High-Risk Families

BRCA1 and BRCA2 are the most well-known breast cancer susceptibility genes. Additional genes involved in DNA repair have been identified as predisposing to breast cancer. One such gene, RAD51C, is essential for homologous recombination repair. Several likely pathogenic RAD51C mutations have been identified in BRCA1- and BRCA2-negative breast and ovarian cancer families. We performed complete sequencing of RAD51C in germline DNA of 286 female breast and/or ovarian cancer cases with a family history of breast and ovarian cancers, who had previously tested negative for mutations in BRCA1 and BRCA2. We screened 133 breast cancer cases, 119 ovarian cancer cases, and 34 with both breast and ovarian cancers. Fifteen DNA sequence variants were identified; including four intronic, one 5′ UTR, one promoter, three synonymous, and six non-synonymous variants. None were truncating. The in-silico SIFT and Polyphen programs were used to predict possible pathogenicity of the six non-synonomous variants based on sequence conservation. G153D and T287A were predicted to be likely pathogenic. Two additional variants, A126T and R214C alter amino acids in important domains of the protein such that they could be pathogenic. Two-hybrid screening and immunoblot analyses were performed to assess the functionality of these four non-synonomous variants in yeast. The RAD51C-G153D protein displayed no detectable interaction with either XRCC3 or RAD51B, and RAD51C-R214C displayed significantly decreased interaction with both XRCC3 and RAD51B (p<0.001). Immunoblots of RAD51C-Gal4 activation domain fusion peptides showed protein levels of RAD51C-G153D and RAD51C-R214C that were 50% and 60% of the wild-type, respectively. Based on these data, the RAD51C-G153D variant is likely to be pathogenic, while the RAD51C- R214C variant is hypomorphic of uncertain pathogenicity. These results provide further support that RAD51C is a rare breast and ovarian cancer susceptibility gene