Search results

The learning outcome of this paper is to identify and interpret the risks linked to cyber-security and their impact on the organization. Analyze business management regarding cyber-security and information technology (IT) risk management. Evaluate and propose decision-making strategies for IT projects.

Silver Bank is a financial entity with broad national coverage. Its growth was directly related to its investments in customer service. The entire organization is focused on satisfying its clients’ needs, improving their experience and making them loyal to the company. However, it did not pay enough attention to a threat that, with time, had become more pronounced: cyber-attacks. Its efforts to fight against this threat were only temporary solutions, as gaps in its IT system made it an easy target for criminals until the arrival of Iván Ramírez, who proposes a holistic solution to decrease the probability and severity of these attacks. However, past experiences, ignorance and budget constraints make it a difficult task to convince the bank’s board of directors to implement the proposed solution.

The case can be used as teaching material in upper-level undergraduate and graduate management courses: –undergraduate courses: information technology management, IT project analysis and management – MBA or graduate courses: information technology management, strategic management and security governance.

Teaching notes are available for educators only.

CSS 11: Strategy.

In January, 2007, TJX reported that it had suffered from a computer intrusion. The company was sure neither of the identity of the perpetrators nor of how many customers were affected. A deeper analysis revealed that the intrusion had started earlier and affected more customers than previously thought. Ensuing investigation concluded that TJX was collecting unnecessary information, keeping it for too long and employing obsolete and insufficient safeguards. TJX denied any wrongdoing but implemented most of the recommended remedies to strengthen their security.

The i-AM Tablet is an evolving gadget in a world of fast-paced technological change. Facing a new partnership with a major customer, the market for the i-AM is about to explode! This case explores the innovative concept of Supply Chain Resilience as the CEO of i-AM, Inc, develops a strategic plan for expansion. This case is based on theory and practices evolved at the Dow Chemical Company.

This field-based case describes the approach and decisions used by Harris Corporation's vice president of supply chain management and operations to establish a set of financial benchmarks. It requires students to use those benchmarks to decide what areas need focus to potentially raise the company's financial results and elevate its financial performance through specific actions within its supply-chain group.

Information Technology Security.

The case adds value for management students at all levels, as well as for practitioners. Work experience is not a requirement, as the case will expose some of the fundamental concepts pertaining to the scenario described. Assignment questions are designed from the perspective of teaching this case to a business student audience. The case could certainly be adjusted to fit the needs of students in more technical disciplines.

Set in October 2008, the case begins with the dilemmas facing Mr Ramanuj as he and his team from E-Infra Solutions prepared to address the damages caused by a major virus attach at OrangeInc headquarter at Bangalore, India. The virus attack destroyed all the important organizational documents residing on the computer systems and brought its business to a standstill. The catastrophe indicated the need for a comprehensive information technology (IT) security solution which was earlier overlooked by OrangeInc's management.

To teach the basic concepts of information security, in particular malware, and its impact on the business. To introduce the concepts and the importance of security awareness program. To teach the importance of IT infrastructure technology, process and procedures.

Teaching Notes are available for educators only. Please contact your library to gain login details or email support@emeraldinsight.com to request teaching notes.

In May 2009 the Office of the Chief Actuary for the U.S. Social Security Administration projected that by 2016 the Social Security Trust Fund would begin to spend more money than it took in through tax revenue. Further, by 2037 the balance in the Trust Fund would be down to zero, necessitating cuts in benefits to retirees. The U.S. Social Security system thus faced a long-term financial problem that needed to be addressed sooner rather than later. The experience of other countries in reforming their own systems of old-age insurance might provide some guidance for U.S. policymakers as they attempt to deal with the long-run fiscal challenges facing the U.S. Social Security system. This case focuses on reforms of old-age insurance systems in three countries: Australia, Mexico, and Sweden.

This case gives students the opportunity to debate the variety of approaches that could be used to reform the U.S. Social Security system. It also gives insight into how countries around the world have structured their old-age insurance systems.

In November 2005 Fidelity Homestead, a savings bank in Louisiana, began noticing suspicious charges from Mexico and southern California on its customers' credit cards. More than a year later, an audit revealed peculiarities in the credit card data in the computer systems of TJX Companies, the parent company of more than 2,600 discount fashion and home accessories retail stores in the United States, Canada, and Europe.

The U.S. Secret Service, the U.S. Justice Department, and the Royal Canadian Mounted Police found that hackers had penetrated TJX's systems in mid-2005, accessing information that dated as far back as 2003. TJX had violated industry security standards by failing to update its in-store wireless networks and by storing credit card numbers and expiration dates without adequate encryption. When TJX announced the intrusion in January 2007, it admitted that hackers had compromised nearly 46 million debit and credit card numbers, the largest-ever data breach in the United States.

After analyzing and discussing the case, students should be able to:

• Understand imbedded operational risks

• Analyze how operational risk decisions are made in a firm

• Understand the challenges in the electronic payment transmission process, which relies on each participant in the process to operate best-in-class safety systems to ensure the safety of the entire process

• Recognize the sophistication of IT security threats

Understand imbedded operational risks

Analyze how operational risk decisions are made in a firm

Understand the challenges in the electronic payment transmission process, which relies on each participant in the process to operate best-in-class safety systems to ensure the safety of the entire process

Recognize the sophistication of IT security threats

In 2008 San Francisco International Airport (known by its three-letter airport code, SFO) had announced a $383 million plan to renovate and reopen Terminal 2. Assistant deputy director of aviation security Kim Dickie and her team had selected Quantum Secure's SAFE software suite as the new Terminal 2 credentialing system, but she needed to develop a business case quickly that would convince senior management to give the green light to fund the purchase. The case describes a scenario that occurs frequently in the real world, in which a decision offers some real but qualitative value in ways that are difficult or impossible to quantify. The discussion and analysis gives students the opportunity to consider the factors that will drive the internal rate of return (IRR), net present value (NPV), and discounted payback period calculations without constructing comprehensive spreadsheet models. Analyzing the case suggests the limits of such approaches in cases where perceived value is difficult to quantify. The case prepares students to evaluate and justify purchasing requests when interacting with financial gatekeepers such as CFOs and CEOs by introducing a framework to analyze the quantifiable benefits of a capital expenditure while keeping in mind important intangible benefits.

After analyzing the case, students should be able to: Understand how return on investment (ROI) calculations work, with an emphasis on identifying incremental effects Decide how to use results from similar entities making similar purchases to estimate the incremental benefit of a proposed solution Identify and use the best data available in making assumptions Justify the validity of benefits that are difficult to quantify in conjunction with the presentation of a traditional ROI analysis

Quantifying the efficacy of marketing is an age-old challenge. As John Wanamaker said a century ago, “Half the money I spend on advertising is wasted; the trouble is I don't know which half.” The big difference today, however, is that the Internet enables detailed tracking of marketing campaigns in real time, or near time. Exemplifies how to leverage the Internet to dramatically improve the efficacy of marketing. Centers upon the Microsoft Security Guidance marketing campaign, which was designed to change IT professionals' perception of Microsoft's software product security. The integrated marketing campaign involved print media, analyst relations, and online advertising. The advertising was designed to drive IT professionals to a Web site on security guidance, then sign them up for free in-person security training classes. Illustrates two important best practices for marketing in the Internet age: first, the campaign was designed to be measured, and second, agility was specifically designed into the campaign. In addition to tracking weekly click-through data from the print and online advertising, the campaign also used online pop-up customer perception surveys. Analyzing the click-though data, Microsoft realized it had a problem at the end of the first week of the campaign–there were far fewer signups for the training sessions than anticipated. By the end of the second week the campaign was changed, resulting in a huge improvement in efficacy. Creates a scorecard illustrating the pros and cons of the Microsoft approach compared to a more traditional campaign. Illustrates how, rather than creating big-bang campaigns, high-performing marketing organizations today are continually experimenting. They build flexibility into campaigns and design them to be measured.

To learn how to leverage the Internet in marketing campaigns, analyze click-through data and online survey results acquired in near time, and learn how it is used to fine tune and dramatically improve a campaign. Furthermore, illustrates how nonfinancial metrics can be used to quantify marketing efficacy.

This case is meant for MBA students as a part of their leadership/information technology and system curriculum. It is suitable for classes in both offline and online mode.

Human resources management/information technology and systems.

The case discusses how Poppy Gustafsson (Gustafsson) (she), Cofounder and Chief Executive Officer of Darktrace plc, one of the world’s largest cyber-AI companies, is reinventing enterprise security by using artificial intelligence (AI) to detect and respond to cyberthreats to businesses and protect the public. Darktrace’s technology leverages the principles of the human immune system to autonomously defend organizations from cyberattacks, insider threats and AI warfare. In addition to leading a cutting-edge cybersecurity company, Gustafsson evangelizes gender diversity at Darktrace where 40% of employees and four C-level executives are women, a number nearly unheard of in the tech sector.The case chronicles the journey of Gustafsson and how she led the company to growth and success. Under her leadership, Darktrace has grown into a market leader in the AI cybersecurity space serving 5,600 customers in 100 countries, as of June 2021. Gustafsson not only redefined the cybersecurity space but also inspired women to pursue a career in the field of cybersecurity. She also collaborated with a social enterprise called WISE to encourage more girls to consider STEM careers.However, along the way, she faced several challenges including growing competition, procuring funds from investors, cybersecurity talent shortage and training personnel. Going forward, some of the challenges before Gustafsson would be to meet the changing cyber protection demands of customers; hire, train and retain highly skilled cybersecurity personnel; beat the competition in a saturated cybersecurity services space; sustain revenue growth; and post profits as Darktrace had incurred losses every year since its inception.

This case is designed to enable students to: understand the issues and challenges women face in the field of cybersecurity; understand the qualities required for a woman leader to lead a technology firm; study the leadership and management style of Gustafsson; understand the importance of transformational leadership in management; understand the role of Gustafsson in Darktrace’s growth and success; analyze the traits that Gustafsson possesses as a tech leader in an emerging cybersecurity space; understand the importance of gender diversity in cybersecurity; and analyze the challenges faced by Gustafsson going forward and explore ways in which she can overcome them.

CSS: 11 Strategy.