Filter Results
:
(54)
Show Results For
-
All HBS Web
(110)
- News (23)
- Research (54)
- Multimedia (2)
- Faculty Publications (50)
Show Results For
-
All HBS Web
(110)
- News (23)
- Research (54)
- Multimedia (2)
- Faculty Publications (50)
Sort by
- 07 Jul 2019
- HBS Case
Walmart's Workforce of the Future
different universities; in June 2019, the program expanded to six universities and 14 areas of study, including cybersecurity and computer science. Widely hailed in the press for the opportunity it offers workers to graduate from college...
View Details
- 09 Jan 2020
- Book
Rethinking Business Strategy in the Age of AI
cybersecurity threats. During the past 10 years, Iansiti and Lakhani have researched AI’s impact on businesses and have helped several companies transform their strategies, including internet pioneers like Amazon, Microsoft, Mozilla, and...
View Details
Keywords:
by Dina Gerdeman
- 21 Sep 2020
- Research & Ideas
Are You Sabotaging Your Own Company?
locks, clogging toilets, messing with machinery, and slashing tires. Today, 76 years after the manual was written, cybersecurity breaches likely represent the most dreaded act of outside obstruction many companies face, Thomke notes. But...
View Details
Keywords:
by Dina Gerdeman
- April 2021
- Case
Transforming BlackBerry: From Smartphones to Software
By: Ranjay Gulati and Nicole Tempest Keller
On the verge of failure, BlackBerry brought in John Chen as CEO in 2013 to orchestrate a bold turnaround of the company. Once an iconic leader in the smartphone market, BlackBerry was best known for its tactile QWERTY keyboard, strong security, and a focus on business...
View Details
Keywords:
Pivot;
Managing Change;
Turnaround;
Smartphone;
Change Management;
Leading Change;
Transformation;
Organizational Change and Adaptation;
Digital Platforms;
Change;
Information Infrastructure;
Applications and Software;
Competitive Strategy;
Cybersecurity;
Technology Industry;
Transportation Industry;
Canada
Gulati, Ranjay, and Nicole Tempest Keller. "Transforming BlackBerry: From Smartphones to Software." Harvard Business School Case 421-052, April 2021.
- February 2023
- Case
Ransomware Attack at Springhill Medical Center
By: Suraj Srinivasan and Li-Kuan (Jason) Ni
In July, 2019, Springhill Medical Center (“SMC”) in Mobile, Alabama, fell prey to a malicious ransomware attack that crippled the hospital’s internal network systems and public-facing web page. While the hospital rushed to securely restore the network, medical...
View Details
Keywords:
Disruption;
Communication;
Communication Strategy;
Decision Making;
Decision Choices and Conditions;
Judgments;
Corporate Accountability;
Corporate Disclosure;
Corporate Governance;
Governance Controls;
Policy;
Employees;
News;
Cybersecurity;
Digital Strategy;
Information Infrastructure;
Information Management;
Internet and the Web;
Crisis Management;
Resource Allocation;
Risk Management;
Negotiation Tactics;
Failure;
Business and Stakeholder Relations;
Attitudes;
Behavior;
Perception;
Reputation;
Trust;
Public Opinion;
Social Issues;
Health Industry;
United States;
Alabama
Srinivasan, Suraj, and Li-Kuan (Jason) Ni. "Ransomware Attack at Springhill Medical Center." Harvard Business School Case 123-065, February 2023.
- May 2022
- Case
TikTok and National Security: Investment in an Age of Data Sovereignty?
By: Jeremy Friedman, Sarah Bauerle Danzman and David Lane
This case covers TikTok’s purchase of Musical.ly and the reaction of the United States government, including the review of the purchase by the Committee on Foreign Investment in the United States (CFIUS) and the reaction of the presidential administration of Donald...
View Details
Keywords:
Data Security;
Mergers and Acquisitions;
Cybersecurity;
Internet and the Web;
International Relations;
Laws and Statutes;
Globalized Firms and Management
Friedman, Jeremy, Sarah Bauerle Danzman, and David Lane. "TikTok and National Security: Investment in an Age of Data Sovereignty?" Harvard Business School Case 722-020, May 2022.
- 24 Feb 2020
- Research & Ideas
The Hidden Vulnerabilities of Open Source Software
industry and application security companies, including developer-first security company Snyk and the Synopsys Cybersecurity Research Center (SCRC), the Linux Foundation and LISH were able to combine private usage data with publicly...
View Details
- October 2022
- Background Note
Note on Cyberattacks and Regulatory Regimes
Describes common types of cyberattacks on enterprises and their costs, as well as the fragmentary regulatory regimes through which U.S. states and regulatory agencies at the start of 2021 attempted to encourage disclosure of cyberattacks and to pursue enforcement...
View Details
Keywords:
Regulations;
Regulatory Agencies;
Cyberattacks;
Governance;
Corporate Disclosure;
Cybersecurity;
Information Industry;
Information Technology Industry;
Health Industry;
Financial Services Industry;
United States
Nagle, Frank, George A. Riedel, William R. Kerr, and David Lane. "Note on Cyberattacks and Regulatory Regimes." Harvard Business School Background Note 723-392, October 2022.
- September 19, 2017
- Article
After Equifax Breach, Companies Advised to Review Open-Source Software Code
By: Ben DiPietro and Lou Shipley
It doesn’t make much sense: At a time when high-powered automated trading systems can execute stock sales in real time, some companies that rely on open-source software to help to run their businesses track their open-source use on spread sheets on paper.
Lou... View Details
Lou... View Details
Keywords:
Software;
Open-source;
Security Vulnerabilities;
Data Privacy;
Hack;
Applications and Software;
Safety;
Cybersecurity
DiPietro, Ben, and Lou Shipley. "After Equifax Breach, Companies Advised to Review Open-Source Software Code." Wall Street Journal (September 19, 2017).
- 2014
- Chapter
Better Timing of Cyber Conflict
By: Elisabeth Paulson and Christopher Griffin
In this paper, we construct a model of cyber-weapon deployment and attempt to determine an optimal deployment time for cyberweapons using this model. We compare and contrast our approach to that in Axelrod and Iliev (R. Axelrod and R. Iliev. Timing of cyber conflict....
View Details
Paulson, Elisabeth, and Christopher Griffin. "Better Timing of Cyber Conflict." In Proceedings of the Third ASE International Conference on Cyber Security. Los Angeles, CA: Academy of Science and Engineering, 2014.
- October 2022 (Revised September 2023)
- Case
SolarWinds Confronts SUNBURST (A)
On December 12, 2020, SolarWinds learned that malware had been inserted in its software, potentially granting hackers access to thousands and thousands of its 300,000 customers. General Counsel Jason Bliss needed to orchestrate the company response without knowing how...
View Details
Keywords:
Cyberattacks;
Cybersecurity;
Corporate Disclosure;
Crisis Management;
Customer Focus and Relationships;
Legal Liability;
Information Technology Industry;
United States
Nagle, Frank, George A. Riedel, William R. Kerr, and David Lane. "SolarWinds Confronts SUNBURST (A)." Harvard Business School Case 723-357, October 2022. (Revised September 2023.)
- March 2022
- Article
From Proprietary to Collective Governance: How Do Platform Participation Strategies Evolve?
By: Siobhan O'Mahony and Rebecca Karp
When platform leaders change the rules guiding who can access and control a platform, the strategies of those who create value from the platform can be upended. Little research examines how platform participants adapt their strategies when a platform leader changes the...
View Details
Keywords:
Platform Governance;
Access;
Crowdsourcing;
Applications and Software;
Employees;
Leadership Style;
Cybersecurity;
Risk Management
O'Mahony, Siobhan, and Rebecca Karp. "From Proprietary to Collective Governance: How Do Platform Participation Strategies Evolve?" Strategic Management Journal 43, no. 3 (March 2022): 530–562.
- 2023
- Article
MoPe: Model Perturbation-based Privacy Attacks on Language Models
By: Marvin Li, Jason Wang, Jeffrey Wang and Seth Neel
Recent work has shown that Large Language Models (LLMs) can unintentionally leak sensitive information present in their training data. In this paper, we present Model Perturbations (MoPe), a new method to identify with high confidence if a given text is in the training...
View Details
Li, Marvin, Jason Wang, Jeffrey Wang, and Seth Neel. "MoPe: Model Perturbation-based Privacy Attacks on Language Models." Proceedings of the Conference on Empirical Methods in Natural Language Processing (2023): 13647–13660.
- March 2024
- Teaching Note
SolarWinds Confronts SUNBURST
By: Frank Nagle and David Lane
Teaching Note for HBS Case Nos. 723-357 & 723-368.
View Details
- 24 Apr 2023 - 27 Apr 2023
- Conference Presentation
Diversity, Equity, & Inclusion: The Paradoxical Effect & Impact on Security
By: J. Carlos Vega, Hise O. Gibson, Nicole Gilmore and Larry Whiteside Jr.
Diversity, Equity, & Inclusion (DEI) is necessary to create the world class teams we need to defend against advanced threats and adversaries; however, the approach that most take often fails spectacularly. The panel challenges the current practices, the failings, and...
View Details
"Diversity, Equity, & Inclusion: The Paradoxical Effect & Impact on Security." Paper presented at the RSA Conference, San Francisco, CA, USA, April 24–27, 2023.
- 2021
- Article
Evidence of Decreasing Internet Entropy: The Lack of Redundancy in DNS Resolution by Major Websites and Services
By: Samantha Bates, John Bowers, Shane Greenstein, Jordi Weinstock, Jonathan Zittrain and Yunhan Xu
This paper analyzes the extent to which the Internet’s global domain name resolution (DNS) system has preserved its distributed resilience given the rise of cloud-based hosting and infrastructure. We explore trends in the concentration of the DNS space since at least...
View Details
Keywords:
Domain Name System;
Resilience;
Entropy;
Internet and the Web;
Infrastructure;
Performance Effectiveness;
Safety;
Cybersecurity
Bates, Samantha, John Bowers, Shane Greenstein, Jordi Weinstock, Jonathan Zittrain, and Yunhan Xu. "Evidence of Decreasing Internet Entropy: The Lack of Redundancy in DNS Resolution by Major Websites and Services." Journal of Quantitative Description: Digital Media 1 (2021).
- 2022
- Article
Data Poisoning Attacks on Off-Policy Evaluation Methods
By: Elita Lobo, Harvineet Singh, Marek Petrik, Cynthia Rudin and Himabindu Lakkaraju
Off-policy Evaluation (OPE) methods are a crucial tool for evaluating policies in high-stakes domains such as healthcare, where exploration is often infeasible, unethical, or expensive. However, the extent to which such methods can be trusted under adversarial threats...
View Details
Lobo, Elita, Harvineet Singh, Marek Petrik, Cynthia Rudin, and Himabindu Lakkaraju. "Data Poisoning Attacks on Off-Policy Evaluation Methods." Proceedings of the Conference on Uncertainty in Artificial Intelligence (UAI) 38th (2022): 1264–1274.
- March 2022
- Article
How to Prioritize the Improvement of Open-Source Software Security
By: Frank Nagle
Nagle, Frank. "How to Prioritize the Improvement of Open-Source Software Security." Brookings TechStream (March 2022).
- July 16, 2015
- Article
How Small Businesses Can Fend Off Hackers
By: Lou Shipley
If you wanted to hack a business, which one would you pick: A Fortune 500 company with a large digital-security budget and a team dedicated to protecting its cyberassets? Or a small enterprise that doesn’t employ a single IT security specialist? Security breaches at...
View Details
Keywords:
Hack;
Data Security;
Small Business;
Analytics and Data Science;
Safety;
Information Technology;
Cybersecurity
Shipley, Lou. "How Small Businesses Can Fend Off Hackers." Wall Street Journal (July 16, 2015).
- 2023
- Working Paper
Black-box Training Data Identification in GANs via Detector Networks
By: Lukman Olagoke, Salil Vadhan and Seth Neel
Since their inception Generative Adversarial Networks (GANs) have been popular generative models across images, audio, video, and tabular data. In this paper we study whether given access to a trained GAN, as well as fresh samples from the underlying distribution, if...
View Details
Olagoke, Lukman, Salil Vadhan, and Seth Neel. "Black-box Training Data Identification in GANs via Detector Networks." Working Paper, October 2023.