學門類別
哈佛
- General Management
- Marketing
- Entrepreneurship
- International Business
- Accounting
- Finance
- Operations Management
- Strategy
- Human Resource Management
- Social Enterprise
- Business Ethics
- Organizational Behavior
- Information Technology
- Negotiation
- Business & Government Relations
- Service Management
- Sales
- Economics
- Teaching & the Case Method
最新個案
- A practical guide to SEC ï¬nancial reporting and disclosures for successful regulatory crowdfunding
- Quality shareholders versus transient investors: The alarming case of product recalls
- The Health Equity Accelerator at Boston Medical Center
- Monosha Biotech: Growth Challenges of a Social Enterprise Brand
- Assessing the Value of Unifying and De-duplicating Customer Data, Spreadsheet Supplement
- Building an AI First Snack Company: A Hands-on Generative AI Exercise, Data Supplement
- Building an AI First Snack Company: A Hands-on Generative AI Exercise
- Board Director Dilemmas: The Tradeoffs of Board Selection
- Barbie: Reviving a Cultural Icon at Mattel (Abridged)
- Happiness Capital: A Hundred-Year-Old Family Business's Quest to Create Happiness
The Danger from Within
內容大綱
The 2013 cyberattack on Target is just one recent example of a growing phenomenon: attacks involving connected companies or direct employees. According to various estimates, at least 80 million of these attacks occur in the United States each year--but the number may be much higher, because they often go unreported. Upton and Creese head an international research project whose goal is to aid organizations in detecting and neutralizing threats from insiders. Their team includes computer security specialists, management educators, psychologists, and criminologists, and their findings challenge conventional views and practices. "The doors that leave organizations vulnerable to insider attacks," they write, "are mundane and ubiquitous." In this article they discuss the causes of growth in the number of insider cyberattacks, the reasons behind them, and five ways to tackle the problem: Adopt a robust insider policy at every level of the organization; raise awareness of phishing and other ploys; screen new hires thoroughly; employ rigorous subcontracting processes; and monitor employees, letting them know that you will observe their cyberactivity to the extent permitted by law.