Search results

The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of cyber threat information sharing.

This paper uses a quantitative methodology to identify the most popular cyber threat intelligence (CTI) elements and introduces a lightweight approach to correlate those with potential forensic value, resulting in the quick and accurate triaging and identification of patterns of malicious activities.

While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics (DF) domain.

The proposed model can help organizations to improve their DFR posture, and thus minimize the time and cost of cybercrime incidents.

This paper aims to develop an effective information security policy (ISP), which is an important mechanism to combat insider threats.

A general framework based on the Nine-Five-circle was proposed for developing, implementing and evaluating an organisation's ISP.

The proposed framework outlines the steps involved in developing, implementing and evaluating a successful ISP.

The study took place in Germany, and most of the data was collected virtually due to the different locations of the organisation.

In practice, this study can be a guide for managers to design a robust ISP that employees will read and follow.

Employee compliance with the ISP is a critical aspect in any organisation and therefore a rigorous strategy based on a systematic approach is required.

The main contribution of the paper is the application of a comprehensive and coherent model that can be the first step in defining a “checklist” for creating and managing ISPs.

This chapter reviews traditional intelligence work, primarily how intelligence was perceived and conducted in the industrial economy. The review includes economic sectors with dedicated intelligence functions such as military, law enforcement, and national security. The review also includes secondary intelligence work in all other economic sectors. Looking across all these examples, the authors present a traditional life cycle model of intelligence work and highlight this traditional view of intelligence’s tactical and reactive approach. The chapter details the historical evolution and common intelligence elements in military, business, law enforcement, judicial forensics, national security, market, financial, medical, digital, and computer forensics.

This paper aims to explore how the regulator of a global financial centre (GFC) under an international trend of adopting emerging technologies for financial services (Fintech) articulates such opportunities and risks strategically.

With a literature review on the global regulatory environment and the underlying risks related to Fintech, it looks into the formulation and implementation of complementary regulatory policies in the case of Hong Kong as a GFC. Relevant policy documents disclosed by the financial regulator on cybersecurity and pertinent issues are examined.

Adopting a strategic approach that seizes opportunities associated with Fintech, the financial regulator harnesses comprehensive risk-based mechanisms to embrace exposures to cyber risks while promoting institutionalization of cybersecurity among the regulated firms with strategic controls. This study suggests a pathway for the evolution of a profession with both technical and ethical competence for mitigating the emerging risks arising from Fintech. However, such an approach is yet to be tested with respect to efficacy for the unexplored territories of fraud exposures, resulting from swift Fintech developments across borders.

As Fintech has only emerged rapidly in the recent years, it is not conclusive in this review of performance and effectiveness of the financial regulator in its strategic approach. Further studies may utilize a longitudinal method to analyze and examine the regulatory measures undertaken by financial regulators in various GFCs.

This study reveals a strategic approach adopted by an emerged GFC in embracing Fintech innovation that however brings about unidentified risks and potential frauds to its financial services sector. Pertinent anti-fraud and cybersecurity measures are highlighted.

In a typical strategy course, growth strategies like mergers and acquisitions (corporate strategy) are introduced in the second half of the course. To analyze the case, students will use strategies such as Porter’s five forces and resource-based view and will discuss why firms pursue mergers as a growth strategy, along with sources of synergies and risks in mergers. Finance theory used includes analyzing a given discounted cash flow analysis and perform a comparable multiples analysis to find the value of a merger target.

The industry and financial information in the case comes from publicly available sources, including company 10K reports, business press reports and publicly available industry reports. The information about Lockheed Martin’s strategy comes from interviews with Peter Clyne, former vice president for Lockheed Martin’s IS&GS division. He then held the same position for Leidos Holding Corp., after the IS&GS division was divested and incorporated into Leidos.

This case is an interdisciplinary case containing aspects of strategy and finance. Lockheed Martin made a strategic move in 2016, to divest its Information Systems & Global Strategies Division (IS&GS), which engaged in government consulting, primarily in the defense and aerospace industries. Lockheed wanted to reassess its decision to divest consulting, given the high growth rates expected in this business, particularly in cybersecurity consulting. On the other hand, if Lockheed decided to maintain its hardware focus, it wanted to expand its offerings. In addition to a strategy analysis, two possible target firms can be analyzed: Fortinet and Maxar.

This case raises a broad set of issues related to the evaluation of M&A transactions across two different industries and corporate strategy, as it relates to strategic fit of the potential targets and LM’s current capabilities. It is appropriate for the core course in strategy at the MBA or senior undergraduate level. It can also be assigned to specialized courses in Mergers and Acquisitions. It is not appropriate for a lower level strategy or finance course, as it requires students to have prior knowledge of basic finance valuation techniques.

Universities must build curricula that prepare students for the fourth industrial revolution (4IR). However, given the pace of change, we cannot be certain of the attributes necessary to navigate the fourth industrial age (4IA). This chapter argues we can prepare graduates for this unknowable future through integrative, competence-based curricula, outlines how we conceptualize, design, teach and assess competence-based HE, and invest in those involved in teaching and learning at the University of Hull, UK.

To be competent is to have the necessary experience, knowledge and self-awareness to do something successfully. Competencies are “taught in practice and assessed in application” (Lawrence et al., 2020). Students learn by applying disciplinary knowledge to professional practice, where possible attending to live briefs or authentic teaching and assessment relevant to study, work and life. This has the potential to benefit the local region and students as they build educational, cultural and social capital.

To sustain the currency of competence-based HE, we work with the learning community (student sponsors, prospective, and current students, employers, and providers of voluntary and other services) in designing our programs of study. We facilitate mutual learning to design and deliver integrative curricula that are meaningful and relevant to all.

With the growing penetration of financial technology, financial firms and banking institutions have seen a rise in the volume of cyber-attacks in recent years. Cyber criminals are using more sophisticated techniques to beat traditional passive defences. The purpose of this paper is to explore, analyse and recommend various active cyber defence strategies and techniques that can be implemented by organizations in financial sector to secure and safeguard their assets and cyber space.

This paper adopts a secondary research approach on the various techniques that can be used effectively to adopt active cyber defence strategy.

Based on the existing strategies and techniques available and those being currently developed, this paper proposes a holistic approach that can be adopted by banks and financial institutions to secure their cyber space. This involves a combination of active and passive cyber defence techniques and effective threat intelligence.

The following paper has been checked for plagiarism and is within the acceptable standards for publishing in this journal. Appropriate references have been duly cited, and the formulation of the final recommendation is the original work of the authors.