Search results

The learning outcome of this paper is to identify and interpret the risks linked to cyber-security and their impact on the organization. Analyze business management regarding cyber-security and information technology (IT) risk management. Evaluate and propose decision-making strategies for IT projects.

Silver Bank is a financial entity with broad national coverage. Its growth was directly related to its investments in customer service. The entire organization is focused on satisfying its clients’ needs, improving their experience and making them loyal to the company. However, it did not pay enough attention to a threat that, with time, had become more pronounced: cyber-attacks. Its efforts to fight against this threat were only temporary solutions, as gaps in its IT system made it an easy target for criminals until the arrival of Iván Ramírez, who proposes a holistic solution to decrease the probability and severity of these attacks. However, past experiences, ignorance and budget constraints make it a difficult task to convince the bank’s board of directors to implement the proposed solution.

The case can be used as teaching material in upper-level undergraduate and graduate management courses: –undergraduate courses: information technology management, IT project analysis and management – MBA or graduate courses: information technology management, strategic management and security governance.

Teaching notes are available for educators only.

CSS 11: Strategy.

Quantifying the efficacy of marketing is an age-old challenge. As John Wanamaker said a century ago, “Half the money I spend on advertising is wasted; the trouble is I don't know which half.” The big difference today, however, is that the Internet enables detailed tracking of marketing campaigns in real time, or near time. Exemplifies how to leverage the Internet to dramatically improve the efficacy of marketing. Centers upon the Microsoft Security Guidance marketing campaign, which was designed to change IT professionals' perception of Microsoft's software product security. The integrated marketing campaign involved print media, analyst relations, and online advertising. The advertising was designed to drive IT professionals to a Web site on security guidance, then sign them up for free in-person security training classes. Illustrates two important best practices for marketing in the Internet age: first, the campaign was designed to be measured, and second, agility was specifically designed into the campaign. In addition to tracking weekly click-through data from the print and online advertising, the campaign also used online pop-up customer perception surveys. Analyzing the click-though data, Microsoft realized it had a problem at the end of the first week of the campaign–there were far fewer signups for the training sessions than anticipated. By the end of the second week the campaign was changed, resulting in a huge improvement in efficacy. Creates a scorecard illustrating the pros and cons of the Microsoft approach compared to a more traditional campaign. Illustrates how, rather than creating big-bang campaigns, high-performing marketing organizations today are continually experimenting. They build flexibility into campaigns and design them to be measured.

To learn how to leverage the Internet in marketing campaigns, analyze click-through data and online survey results acquired in near time, and learn how it is used to fine tune and dramatically improve a campaign. Furthermore, illustrates how nonfinancial metrics can be used to quantify marketing efficacy.

Information Technology Security.

The case adds value for management students at all levels, as well as for practitioners. Work experience is not a requirement, as the case will expose some of the fundamental concepts pertaining to the scenario described. Assignment questions are designed from the perspective of teaching this case to a business student audience. The case could certainly be adjusted to fit the needs of students in more technical disciplines.

Set in October 2008, the case begins with the dilemmas facing Mr Ramanuj as he and his team from E-Infra Solutions prepared to address the damages caused by a major virus attach at OrangeInc headquarter at Bangalore, India. The virus attack destroyed all the important organizational documents residing on the computer systems and brought its business to a standstill. The catastrophe indicated the need for a comprehensive information technology (IT) security solution which was earlier overlooked by OrangeInc's management.

To teach the basic concepts of information security, in particular malware, and its impact on the business. To introduce the concepts and the importance of security awareness program. To teach the importance of IT infrastructure technology, process and procedures.

Teaching Notes are available for educators only. Please contact your library to gain login details or email support@emeraldinsight.com to request teaching notes.

In January, 2007, TJX reported that it had suffered from a computer intrusion. The company was sure neither of the identity of the perpetrators nor of how many customers were affected. A deeper analysis revealed that the intrusion had started earlier and affected more customers than previously thought. Ensuing investigation concluded that TJX was collecting unnecessary information, keeping it for too long and employing obsolete and insufficient safeguards. TJX denied any wrongdoing but implemented most of the recommended remedies to strengthen their security.

In November 2005 Fidelity Homestead, a savings bank in Louisiana, began noticing suspicious charges from Mexico and southern California on its customers' credit cards. More than a year later, an audit revealed peculiarities in the credit card data in the computer systems of TJX Companies, the parent company of more than 2,600 discount fashion and home accessories retail stores in the United States, Canada, and Europe.

The U.S. Secret Service, the U.S. Justice Department, and the Royal Canadian Mounted Police found that hackers had penetrated TJX's systems in mid-2005, accessing information that dated as far back as 2003. TJX had violated industry security standards by failing to update its in-store wireless networks and by storing credit card numbers and expiration dates without adequate encryption. When TJX announced the intrusion in January 2007, it admitted that hackers had compromised nearly 46 million debit and credit card numbers, the largest-ever data breach in the United States.

After analyzing and discussing the case, students should be able to:

• Understand imbedded operational risks

• Analyze how operational risk decisions are made in a firm

• Understand the challenges in the electronic payment transmission process, which relies on each participant in the process to operate best-in-class safety systems to ensure the safety of the entire process

• Recognize the sophistication of IT security threats

Understand imbedded operational risks

Analyze how operational risk decisions are made in a firm

Understand the challenges in the electronic payment transmission process, which relies on each participant in the process to operate best-in-class safety systems to ensure the safety of the entire process

Recognize the sophistication of IT security threats

In August 2007 the Mainsail II SIV-Lite was frozen by its trustee as a result of the ongoing credit crisis. The state of Maine held $20 million of Mainsail commercial paper in its Cash Pool portfolio, a short-term portfolio that puts temporary, excess state revenues to work. When word of the potential loss became public, the Treasurer came under attack. The case introduces the functions of a state Treasury department, with particular emphasis on the investment objectives and guidelines for the cash pool as well as its composition. The case reviews the events leading up to and including August 2007, the month when the credit markets first began to seize and when the financial crisis effectively began. It examines securitization, structured finance, and the Mainsail SIV-Lite structure in some detail.

International Business, International Entrepreneurship, International Marketing.

Advanced undergraduate and graduate students are the primary audience. The case can also be used in executive classes with emerging economies as a focus.

Kaspersky Lab is a provider of information technology (IT) security products such as anti-virus, anti-spam and network security software. It is Russia's largest software company and the only Russian firm that ranked among the world's top 100 software companies. This case presents several interesting features of the company and its environment. The foci of the case are on potential barriers facing firms based in emerging economies in their internationalization initiatives and negative country of origin effects associated with emerging economies.

The learning objectives of this case include:

• To identify internal and external sources of competitive advantage for a developing world originated successful entrepreneurial firm.

• To assess the potential barriers facing an emerging economy-based firm in the internationalization process and analyse whether such barriers differ across economies of various characteristics.

• To evaluate whether the natures of obstacles and challenges faced by an emerging economy-based firm is different in a newly evolving industry.

• To analyze how an emerging economy-based firm can overcome some of the barriers to internationalization.

To identify internal and external sources of competitive advantage for a developing world originated successful entrepreneurial firm.

To assess the potential barriers facing an emerging economy-based firm in the internationalization process and analyse whether such barriers differ across economies of various characteristics.

To evaluate whether the natures of obstacles and challenges faced by an emerging economy-based firm is different in a newly evolving industry.

To analyze how an emerging economy-based firm can overcome some of the barriers to internationalization.

In a typical strategy course, growth strategies like mergers and acquisitions (corporate strategy) are introduced in the second half of the course. To analyze the case, students will use strategies such as Porter’s five forces and resource-based view and will discuss why firms pursue mergers as a growth strategy, along with sources of synergies and risks in mergers. Finance theory used includes analyzing a given discounted cash flow analysis and perform a comparable multiples analysis to find the value of a merger target.

The industry and financial information in the case comes from publicly available sources, including company 10K reports, business press reports and publicly available industry reports. The information about Lockheed Martin’s strategy comes from interviews with Peter Clyne, former vice president for Lockheed Martin’s IS&GS division. He then held the same position for Leidos Holding Corp., after the IS&GS division was divested and incorporated into Leidos.

This case is an interdisciplinary case containing aspects of strategy and finance. Lockheed Martin made a strategic move in 2016, to divest its Information Systems & Global Strategies Division (IS&GS), which engaged in government consulting, primarily in the defense and aerospace industries. Lockheed wanted to reassess its decision to divest consulting, given the high growth rates expected in this business, particularly in cybersecurity consulting. On the other hand, if Lockheed decided to maintain its hardware focus, it wanted to expand its offerings. In addition to a strategy analysis, two possible target firms can be analyzed: Fortinet and Maxar.

This case raises a broad set of issues related to the evaluation of M&A transactions across two different industries and corporate strategy, as it relates to strategic fit of the potential targets and LM’s current capabilities. It is appropriate for the core course in strategy at the MBA or senior undergraduate level. It can also be assigned to specialized courses in Mergers and Acquisitions. It is not appropriate for a lower level strategy or finance course, as it requires students to have prior knowledge of basic finance valuation techniques.

The case illustrates an entrepreneurial voyage and venture creation and through it helps in identifying the reasons and causes for that venture's failure. It also enables discussion on the importance of planning a venture, more importantly; financing, managing, growing, and ending a venture and on how to avoid the pitfalls that befall such enterprises. This case can be used in Entrepreneurship courses as well as MBA, PGP and Executive Education programmes on Entrepreneurship.

In May 2009 the Office of the Chief Actuary for the U.S. Social Security Administration projected that by 2016 the Social Security Trust Fund would begin to spend more money than it took in through tax revenue. Further, by 2037 the balance in the Trust Fund would be down to zero, necessitating cuts in benefits to retirees. The U.S. Social Security system thus faced a long-term financial problem that needed to be addressed sooner rather than later. The experience of other countries in reforming their own systems of old-age insurance might provide some guidance for U.S. policymakers as they attempt to deal with the long-run fiscal challenges facing the U.S. Social Security system. This case focuses on reforms of old-age insurance systems in three countries: Australia, Mexico, and Sweden.

This case gives students the opportunity to debate the variety of approaches that could be used to reform the U.S. Social Security system. It also gives insight into how countries around the world have structured their old-age insurance systems.