Search results

This case is meant for MBA students as a part of their leadership/information technology and system curriculum. It is suitable for classes in both offline and online mode.

Human resources management/information technology and systems.

The case discusses how Poppy Gustafsson (Gustafsson) (she), Cofounder and Chief Executive Officer of Darktrace plc, one of the world’s largest cyber-AI companies, is reinventing enterprise security by using artificial intelligence (AI) to detect and respond to cyberthreats to businesses and protect the public. Darktrace’s technology leverages the principles of the human immune system to autonomously defend organizations from cyberattacks, insider threats and AI warfare. In addition to leading a cutting-edge cybersecurity company, Gustafsson evangelizes gender diversity at Darktrace where 40% of employees and four C-level executives are women, a number nearly unheard of in the tech sector.The case chronicles the journey of Gustafsson and how she led the company to growth and success. Under her leadership, Darktrace has grown into a market leader in the AI cybersecurity space serving 5,600 customers in 100 countries, as of June 2021. Gustafsson not only redefined the cybersecurity space but also inspired women to pursue a career in the field of cybersecurity. She also collaborated with a social enterprise called WISE to encourage more girls to consider STEM careers.However, along the way, she faced several challenges including growing competition, procuring funds from investors, cybersecurity talent shortage and training personnel. Going forward, some of the challenges before Gustafsson would be to meet the changing cyber protection demands of customers; hire, train and retain highly skilled cybersecurity personnel; beat the competition in a saturated cybersecurity services space; sustain revenue growth; and post profits as Darktrace had incurred losses every year since its inception.

This case is designed to enable students to: understand the issues and challenges women face in the field of cybersecurity; understand the qualities required for a woman leader to lead a technology firm; study the leadership and management style of Gustafsson; understand the importance of transformational leadership in management; understand the role of Gustafsson in Darktrace’s growth and success; analyze the traits that Gustafsson possesses as a tech leader in an emerging cybersecurity space; understand the importance of gender diversity in cybersecurity; and analyze the challenges faced by Gustafsson going forward and explore ways in which she can overcome them.

CSS: 11 Strategy.

This chapter critically evaluates opportunities and challenges associated with developing diversity and embracing inclusion of cyber security talent in a multinational consultancy firm and offers recommendations on how to optimize inclusion of young talent in this sensitive business area within a multinational company. Drawing on one of the author's experience as a young cyber security professional with a non-technical background, entering the profession through a consultancy graduate development programme, this paper offers a unique perspective on how to enhance cohesion in diversity across linear and non-linear routes into cyber security.

While the scope is limited to cyber security talent in early careers, the competency-based approach means that recommendations around developing diversity and embracing inclusion can be applied to young talent in other business competence areas. Each recommendation can be used as a building block to influence and shape future equality, diversity and inclusion (ED&I) strategy in consultancy.

The transformation of the United Arab Emirates (UAE) into an important global economic player has been accompanied by digitalization that has also left it at a risk to cybercrime. Concurrent with the rise in technology use, the UAE fast became one of the most targeted countries in the world. The purpose of this paper is to discuss how the UAE has tried to cope with accelerating levels of cyber threat using legislative and regulatory efforts as well as public- and private-sector initiatives meant to raise cybersecurity awareness.

The paper surveys the UAE’s cybersecurity legislative, regulatory and educational initiatives from 2003 to 2019.

Because the human factor still remains the number one reason for security breaches, robust cyber laws alone are not enough to protect against cyber threats. Building public awareness and educating internet users about cyber risks and safety have become essential components of the UAE's efforts in building a more secure cyber environment for the country.

The paper relies on English-language translations of primary sources (laws) originally in Arabic, as well as English-language studies from local media. This should not be considered a problem, as English is established as the language of business and commerce in the UAE.

The paper provides a detailed overview of the country’s cybersecurity environment to guide and aide practitioners with risk assessment and legal and regulatory compliance.

The paper presents a comprehensive overview of the UAE’s cybersecurity legislative, regulatory and educational environment. It also surveys government and private sector initiatives directed in protecting the country’s cyberspace.

Cybersecurity advocates safeguard their organizations by promoting security best practices. This paper aims to describe the skills and characteristics of successful advocates.

This study involved 28 in-depth interviews of cybersecurity advocates.

Effective advocates possess not only technical acumen but also interpersonal skills, communication skills context awareness and a customer service orientation.

Non-technical skills are deemphasized in cybersecurity training, limiting career progression into the cybersecurity advocate role for existing security professionals and those from other disciplines. This paper suggests improvements for professional development that encourage greater security workforce diversity.

To the best of the authors’ knowledge, this study is the first to define and enumerate competencies for the role of cybersecurity advocate.

This research uses a multifaceted approach to develop an MPA/MPP curriculum to support a data science track within the existing MPA/MPP programs by identifying the core and elective areas needed.

The approach includes (1) identifying a suitable structure for MPA/MPP programs which can allow the program to develop its capacity to train students with the data science and general public administration skills to solve public policy problems and leave explicit space for local experimentation and modification; (2) defining bridging modules and required modules for the MPA/MPP programs; and (3) developing of data science track thought to make suggestions for the inclusion of suitable data science modules into the data science track and benchmarking the data science modules suggested with the best practices developed by other professional bodies. The authors review 46 NASPAA-accredited MPA/MPP programs from 40 (or 22.7%) schools to identify the suitable required modules and some potential data science and analytics courses that MPA/MPP programs currently provide as electives.

The proposal includes a three-course (six–nine credits, not counted in the program but as prerequisites) bridging module, a nine-course (27 credits) required module and a five-course (15 credits) data science track/concentration.

This work can provide a starting point for the public administration education community to develop graduate programs focusing on data science to cater to the needs of both public managers and society at large.

The objective of this chapter is to identify the key characteristics of Global Services businesses that will thrive and achieve success in the future. These factors are integrated into three main pillars, which we refer to as the Triple-Win. The first and most obvious pillar is technology as a tool. The second pillar is the design and sustainability of the business model, without which the previous factor would be merely a cost and not an investment. And last but not the least, there is the purpose which gives meaning to the proposal, focusing on the human being and their environment. The DIDPAGA business model sits at the intersection of these three elements.

The impact of stress on personal and work-related outcomes has been studied in the information systems (IS) literature across several professions. However, the cybersecurity profession has received little attention despite numerous reports suggesting stress is a leading cause of various adverse professional outcomes. Cybersecurity professionals work in a constantly changing adversarial threat landscape, are focused on enforcement rather than compliance, and are required to adhere to ever-changing industry mandates – a work environment that is stressful and has been likened to a war zone. Hence, this literature review aims to reveal gaps and trends in the current extant general workplace and IS-specific stress literature and illuminate potentially fruitful paths for future research focused on stress among cybersecurity professionals.

Using the systematic literature review process (Okoli and Schabram, 2010), the authors examined the current IS research that studies stress in organizations. A disciplinary corpus was generated from IS journals and conferences encompassing 30 years. The authors analyzed 293 articles from 21 journals and six conferences to retain 77 articles and four conference proceedings for literature review.

The findings reveal four key research opportunities. First, the demands experienced by cybersecurity professionals are distinct from the demands experienced by regular information technology (IT) professionals. Second, it is crucial to identify the appraisal process that cybersecurity professionals follow in assessing security demands. Third, there are many stress responses from cybersecurity professionals, not just negative responses. Fourth, future research should focus on stress-related outcomes such as employee productivity, job satisfaction, job turnover, etc., and not only security compliance among cybersecurity professionals.

This study is the first to provide a systematic synthesis of the IS stress literature to reveal gaps, trends and opportunities for future research focused on stress among cybersecurity professionals. The study presents several novel trends and research opportunities. It contends that the demands experienced by cybersecurity professionals are distinct from those experienced by regular IT professionals and scholars should seek to identify the key characteristics of these demands that influence their appraisal process. Also, there are many stress responses, not just negative responses, deserving increased attention and future research should focus on unexplored stress-related outcomes for cybersecurity professionals.