Search results
11 – 20 of over 5000Nikolaos Serketzis, Vasilios Katos, Christos Ilioudis, Dimitrios Baltatzis and George J. Pangalos
The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of cyber…
Abstract
Purpose
The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of cyber threat information sharing.
Design/methodology/approach
This paper uses a quantitative methodology to identify the most popular cyber threat intelligence (CTI) elements and introduces a lightweight approach to correlate those with potential forensic value, resulting in the quick and accurate triaging and identification of patterns of malicious activities.
Findings
While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics (DF) domain.
Originality/value
The proposed model can help organizations to improve their DFR posture, and thus minimize the time and cost of cybercrime incidents.
Details
Keywords
This paper aims to develop an effective information security policy (ISP), which is an important mechanism to combat insider threats.
Abstract
Purpose
This paper aims to develop an effective information security policy (ISP), which is an important mechanism to combat insider threats.
Design/methodology/approach
A general framework based on the Nine-Five-circle was proposed for developing, implementing and evaluating an organisation's ISP.
Findings
The proposed framework outlines the steps involved in developing, implementing and evaluating a successful ISP.
Research limitations/implications
The study took place in Germany, and most of the data was collected virtually due to the different locations of the organisation.
Practical implications
In practice, this study can be a guide for managers to design a robust ISP that employees will read and follow.
Social implications
Employee compliance with the ISP is a critical aspect in any organisation and therefore a rigorous strategy based on a systematic approach is required.
Originality/value
The main contribution of the paper is the application of a comprehensive and coherent model that can be the first step in defining a “checklist” for creating and managing ISPs.
Details
Keywords
Brian McBreen, John Silson and Denise Bedford
This chapter reviews traditional intelligence work, primarily how intelligence was perceived and conducted in the industrial economy. The review includes economic sectors with…
Abstract
Chapter Summary
This chapter reviews traditional intelligence work, primarily how intelligence was perceived and conducted in the industrial economy. The review includes economic sectors with dedicated intelligence functions such as military, law enforcement, and national security. The review also includes secondary intelligence work in all other economic sectors. Looking across all these examples, the authors present a traditional life cycle model of intelligence work and highlight this traditional view of intelligence’s tactical and reactive approach. The chapter details the historical evolution and common intelligence elements in military, business, law enforcement, judicial forensics, national security, market, financial, medical, digital, and computer forensics.
Artie W. Ng and Benny K.B. Kwok
This paper aims to explore how the regulator of a global financial centre (GFC) under an international trend of adopting emerging technologies for financial services (Fintech…
Abstract
Purpose
This paper aims to explore how the regulator of a global financial centre (GFC) under an international trend of adopting emerging technologies for financial services (Fintech) articulates such opportunities and risks strategically.
Design/methodology/approach
With a literature review on the global regulatory environment and the underlying risks related to Fintech, it looks into the formulation and implementation of complementary regulatory policies in the case of Hong Kong as a GFC. Relevant policy documents disclosed by the financial regulator on cybersecurity and pertinent issues are examined.
Findings
Adopting a strategic approach that seizes opportunities associated with Fintech, the financial regulator harnesses comprehensive risk-based mechanisms to embrace exposures to cyber risks while promoting institutionalization of cybersecurity among the regulated firms with strategic controls. This study suggests a pathway for the evolution of a profession with both technical and ethical competence for mitigating the emerging risks arising from Fintech. However, such an approach is yet to be tested with respect to efficacy for the unexplored territories of fraud exposures, resulting from swift Fintech developments across borders.
Research limitations/implications
As Fintech has only emerged rapidly in the recent years, it is not conclusive in this review of performance and effectiveness of the financial regulator in its strategic approach. Further studies may utilize a longitudinal method to analyze and examine the regulatory measures undertaken by financial regulators in various GFCs.
Originality/value
This study reveals a strategic approach adopted by an emerged GFC in embracing Fintech innovation that however brings about unidentified risks and potential frauds to its financial services sector. Pertinent anti-fraud and cybersecurity measures are highlighted.
Details
Keywords
Susan White and Protiti Dastidar
In a typical strategy course, growth strategies like mergers and acquisitions (corporate strategy) are introduced in the second half of the course. To analyze the case, students…
Abstract
Theoretical Basis
In a typical strategy course, growth strategies like mergers and acquisitions (corporate strategy) are introduced in the second half of the course. To analyze the case, students will use strategies such as Porter’s five forces and resource-based view and will discuss why firms pursue mergers as a growth strategy, along with sources of synergies and risks in mergers. Finance theory used includes analyzing a given discounted cash flow analysis and perform a comparable multiples analysis to find the value of a merger target.
Research Methodology
The industry and financial information in the case comes from publicly available sources, including company 10K reports, business press reports and publicly available industry reports. The information about Lockheed Martin’s strategy comes from interviews with Peter Clyne, former vice president for Lockheed Martin’s IS&GS division. He then held the same position for Leidos Holding Corp., after the IS&GS division was divested and incorporated into Leidos.
Case overview/synopsis
This case is an interdisciplinary case containing aspects of strategy and finance. Lockheed Martin made a strategic move in 2016, to divest its Information Systems & Global Strategies Division (IS&GS), which engaged in government consulting, primarily in the defense and aerospace industries. Lockheed wanted to reassess its decision to divest consulting, given the high growth rates expected in this business, particularly in cybersecurity consulting. On the other hand, if Lockheed decided to maintain its hardware focus, it wanted to expand its offerings. In addition to a strategy analysis, two possible target firms can be analyzed: Fortinet and Maxar.
Complexity Academic Level
This case raises a broad set of issues related to the evaluation of M&A transactions across two different industries and corporate strategy, as it relates to strategic fit of the potential targets and LM’s current capabilities. It is appropriate for the core course in strategy at the MBA or senior undergraduate level. It can also be assigned to specialized courses in Mergers and Acquisitions. It is not appropriate for a lower level strategy or finance course, as it requires students to have prior knowledge of basic finance valuation techniques.
Details
Keywords
Rebecca Huxley-Binns, Jenny Lawrence and Graham Scott
Universities must build curricula that prepare students for the fourth industrial revolution (4IR). However, given the pace of change, we cannot be certain of the attributes…
Abstract
Universities must build curricula that prepare students for the fourth industrial revolution (4IR). However, given the pace of change, we cannot be certain of the attributes necessary to navigate the fourth industrial age (4IA). This chapter argues we can prepare graduates for this unknowable future through integrative, competence-based curricula, outlines how we conceptualize, design, teach and assess competence-based HE, and invest in those involved in teaching and learning at the University of Hull, UK.
To be competent is to have the necessary experience, knowledge and self-awareness to do something successfully. Competencies are “taught in practice and assessed in application” (Lawrence et al., 2020). Students learn by applying disciplinary knowledge to professional practice, where possible attending to live briefs or authentic teaching and assessment relevant to study, work and life. This has the potential to benefit the local region and students as they build educational, cultural and social capital.
To sustain the currency of competence-based HE, we work with the learning community (student sponsors, prospective, and current students, employers, and providers of voluntary and other services) in designing our programs of study. We facilitate mutual learning to design and deliver integrative curricula that are meaningful and relevant to all.
Details
Keywords
Yorrick Creado and Vidyavati Ramteke
With the growing penetration of financial technology, financial firms and banking institutions have seen a rise in the volume of cyber-attacks in recent years. Cyber criminals are…
Abstract
Purpose
With the growing penetration of financial technology, financial firms and banking institutions have seen a rise in the volume of cyber-attacks in recent years. Cyber criminals are using more sophisticated techniques to beat traditional passive defences. The purpose of this paper is to explore, analyse and recommend various active cyber defence strategies and techniques that can be implemented by organizations in financial sector to secure and safeguard their assets and cyber space.
Design/methodology/approach
This paper adopts a secondary research approach on the various techniques that can be used effectively to adopt active cyber defence strategy.
Findings
Based on the existing strategies and techniques available and those being currently developed, this paper proposes a holistic approach that can be adopted by banks and financial institutions to secure their cyber space. This involves a combination of active and passive cyber defence techniques and effective threat intelligence.
Originality/value
The following paper has been checked for plagiarism and is within the acceptable standards for publishing in this journal. Appropriate references have been duly cited, and the formulation of the final recommendation is the original work of the authors.
Details