Filter Results:
(48)
Show Results For
- All HBS Web
(122)
- Faculty Publications (48)
Show Results For
- All HBS Web
(122)
- Faculty Publications (48)
Page 1 of 48
Results →
- January 2025
- Technical Note
AI vs Human: Analyzing Acceptable Error Rates Using the Confusion Matrix
By: Tsedal Neeley and Tim Englehart
This technical note introduces the confusion matrix as a foundational tool in artificial intelligence (AI) and large language models (LLMs) for assessing the performance of classification models, focusing on their reliability for decision-making. A confusion matrix... View Details
- January 2025
- Case
Cyber Oversight: SolarWinds Board of Directors
By: Lynn S. Paine
In 2020, just two years after its IPO, information technology company SolarWinds discovered that it was the victim of an attack on its information systems by Russian hackers. The incident, known as the Sunburst attack, was costly for the company, and certain... View Details
- November 2024
- Case
FedEx Cyberattack (A): Navigating the NotPetya Storm
By: Hise Gibson, Frank Nagle, Alicia Dadlani and Martha Hostetter
In 2017, FedEx’s European division — acquired the year before for $5 billion — was hit by a devastating cyberattack that destroyed thousands of computers and business systems across several countries. Corporate Chief Information Officer Rob Carter put the company’s... View Details
Gibson, Hise, Frank Nagle, Alicia Dadlani, and Martha Hostetter. "FedEx Cyberattack (A): Navigating the NotPetya Storm." Harvard Business School Case 625-049, November 2024.
- 2024
- Working Paper
Navigating Software Vulnerabilities: Eighteen Years of Evidence from Medium and Large U.S. Organizations
By: Raviv Murciano-Goroff, Ran Zhuo and Shane Greenstein
How prevalent are severe software vulnerabilities, how fast do software users respond to the availability of secure versions, and what determines the variance in the installation distribution? Using the largest dataset ever assembled on user updates, tracking server... View Details
Murciano-Goroff, Raviv, Ran Zhuo, and Shane Greenstein. "Navigating Software Vulnerabilities: Eighteen Years of Evidence from Medium and Large U.S. Organizations." NBER Working Paper Series, No. 32696, July 2024.
- March 2024
- Teaching Note
CyberArk: Fearlessly Forward in a Digital World
By: David B. Yoffie
CyberArk was a leader in privileged access management and was an emerging leader in security identity. This case explores strategies in cybersecurity and whether big bets are needed to become a global leader. View Details
- March 2024
- Teaching Note
SolarWinds Confronts SUNBURST
By: Frank Nagle and David Lane
Teaching Note for HBS Case Nos. 723-357 & 723-368. View Details
- March 2024 (Revised August 2024)
- Case
Darktrace: Scaling Cybersecurity and AI (A)
By: Jeffrey F. Rayport and Alexis Lefort
In 2023, Darktrace CEO Poppy Gustafsson was contemplating her growth strategy at a leading U.K.-based cybersecurity venture, launched in 2013 by a group of anti-terror cyber specialists, University of Cambridge mathematicians, and artificial intelligence (AI) experts.... View Details
Keywords: Technology; Talent; Scaling; Entrepreneurship; Cybersecurity; Leadership; Business Growth and Maturation; Recruitment; Resignation and Termination; AI and Machine Learning; Growth and Development Strategy; Organizational Culture; Going Public; Technology Industry; United Kingdom; Europe; United States
Rayport, Jeffrey F., and Alexis Lefort. "Darktrace: Scaling Cybersecurity and AI (A)." Harvard Business School Case 824-092, March 2024. (Revised August 2024.)
- March 2024 (Revised August 2024)
- Supplement
Darktrace: Scaling Cybersecurity and AI (B)
By: Jeffrey F. Rayport and Alexis Lefort
Rayport, Jeffrey F., and Alexis Lefort. "Darktrace: Scaling Cybersecurity and AI (B)." Harvard Business School Supplement 824-179, March 2024. (Revised August 2024.)
- February 2024 (Revised May 2024)
- Case
Johnson Security Bureau: Building Multigenerational Success
By: Henry McGee, Annelena Lobb and David Muoser
Jessica Johnson-Cope, CEO of Johnson Security Bureau (JSB), pondered options for scaling the firm. JSB was the oldest Black-owned security firm in New York, and among the oldest Black-owned security firms in the United States. It provided mostly unarmed security guards... View Details
Keywords: Business Growth and Maturation; Gender; Race; Cybersecurity; Growth and Development Strategy; Competitive Strategy; Expansion; New York (state, US)
McGee, Henry, Annelena Lobb, and David Muoser. "Johnson Security Bureau: Building Multigenerational Success." Harvard Business School Case 824-040, February 2024. (Revised May 2024.)
- December 2023
- Case
TikTok: The Algorithm Will See You Now
By: Shikhar Ghosh and Shweta Bagai
In a world where attention is a scarce commodity, this case explores the meteoric rise of TikTok—an app that transformed from a niche platform for teens into the most visited domain by 2021—surpassing even Google. Its algorithm was a sophisticated mechanism for... View Details
Keywords: Social Media; Applications and Software; Disruptive Innovation; Business and Government Relations; International Relations; Cybersecurity; Culture; Technology Industry; China; United States; India
Ghosh, Shikhar, and Shweta Bagai. "TikTok: The Algorithm Will See You Now." Harvard Business School Case 824-125, December 2023.
- 2023
- Article
MoPe: Model Perturbation-based Privacy Attacks on Language Models
By: Marvin Li, Jason Wang, Jeffrey Wang and Seth Neel
Recent work has shown that Large Language Models (LLMs) can unintentionally leak sensitive information present in their training data. In this paper, we present Model Perturbations (MoPe), a new method to identify with high confidence if a given text is in the training... View Details
Li, Marvin, Jason Wang, Jeffrey Wang, and Seth Neel. "MoPe: Model Perturbation-based Privacy Attacks on Language Models." Proceedings of the Conference on Empirical Methods in Natural Language Processing (2023): 13647–13660.
- October 2023 (Revised March 2024)
- Case
Fortinet: Cybersecurity Pioneer Ken Xie Considers the Long Game
By: Tsedal Neeley, Jeff Huizinga and Emily Grandjean
Ken Xie, cofounder of cybersecurity giant Fortinet, faced a critical decision that would validate his leadership. Fortinet became the industry’s second-largest pureplay cybersecurity firm by developing differentiated hardware and investing in R&D. However, after a... View Details
Keywords: Leadership Development; Leadership Style; Marketing Strategy; Communication Strategy; Cybersecurity; Competitive Advantage; Information Technology Industry; United States; Sunnyvale
Neeley, Tsedal, Jeff Huizinga, and Emily Grandjean. "Fortinet: Cybersecurity Pioneer Ken Xie Considers the Long Game." Harvard Business School Case 424-016, October 2023. (Revised March 2024.)
- 2023
- Working Paper
Black-box Training Data Identification in GANs via Detector Networks
By: Lukman Olagoke, Salil Vadhan and Seth Neel
Since their inception Generative Adversarial Networks (GANs) have been popular generative models across images, audio, video, and tabular data. In this paper we study whether given access to a trained GAN, as well as fresh samples from the underlying distribution, if... View Details
Olagoke, Lukman, Salil Vadhan, and Seth Neel. "Black-box Training Data Identification in GANs via Detector Networks." Working Paper, October 2023.
- September 2023 (Revised June 2024)
- Case
CyberArk: Fearlessly Forward in a Digital World
By: David B. Yoffie and Daniela Beyersdorfer
CyberArk was a leader in privileged access management and was an emerging leader in security identity. This case explores strategies in cybersecurity and whether big bets are needed to become a global leader. View Details
- 24 Apr 2023 - 27 Apr 2023
- Conference Presentation
Diversity, Equity, & Inclusion: The Paradoxical Effect & Impact on Security
By: J. Carlos Vega, Hise O. Gibson, Nicole Gilmore and Larry Whiteside Jr.
Diversity, Equity, & Inclusion (DEI) is necessary to create the world class teams we need to defend against advanced threats and adversaries; however, the approach that most take often fails spectacularly. The panel challenges the current practices, the failings, and... View Details
"Diversity, Equity, & Inclusion: The Paradoxical Effect & Impact on Security." Paper presented at the RSA Conference, San Francisco, CA, USA, April 24–27, 2023.
- March 2023 (Revised June 2023)
- Teaching Note
Ransomware Attack at Springhill Medical Center
By: Suraj Srinivasan and Li-Kuan (Jason) Ni
Teaching Note for HBS Case No. 123-065. In July, 2019, Springhill Medical Center (“SMC”) in Mobile, Alabama fell prey to a malicious ransomware attack that crippled the hospital’s internal network systems and public-facing web page. While the hospital rushed to... View Details
Keywords: Disruption; Communication; Communication Strategy; Decision Making; Decision Choices and Conditions; Judgments; Corporate Accountability; Corporate Disclosure; Corporate Governance; Governance Controls; Policy; Employees; News; Cybersecurity; Digital Strategy; Information Infrastructure; Information Management; Internet and the Web; Crisis Management; Business or Company Management; Resource Allocation; Risk Management; Negotiation Tactics; Failure; Business and Stakeholder Relations; Attitudes; Behavior; Perception; Reputation; Trust; Public Opinion; Social Issues; Health Industry; Alabama; United States
- March 2023
- Teaching Note
Ransomware Attack at Colonial Pipeline Company
By: Suraj Srinivasan and Li-Kuan Ni
Teaching Note for HBS Case No. 123-069. On the morning of May 7, 2021, Colonial Pipeline Company became aware that the company had been the victim of a malicious ransomware attack that had stolen and locked up company data. The extortionists demanded 75 bitcoins (worth... View Details
Keywords: Disruption; Communication; Communication Strategy; Decision Making; Decision Choices and Conditions; Judgments; Corporate Accountability; Corporate Disclosure; Corporate Governance; Governance Controls; Policy; Employees; News; Cybersecurity; Digital Strategy; Information Infrastructure; Information Management; Internet and the Web; Crisis Management; Business or Company Management; Resource Allocation; Risk Management; Negotiation Tactics; Failure; Business and Stakeholder Relations; Attitudes; Behavior; Perception; Reputation; Trust; Public Opinion; Social Issues; Infrastructure; Distribution Industry; United States; Alabama
- March 2023
- Case
Ransomware Attack at Colonial Pipeline Company
By: Suraj Srinivasan and Li-Kuan Ni
On the morning of May 7, 2021, Colonial Pipeline Company became aware that the company had been the victim of a malicious ransomware attack that had stolen and locked up company data. The extortionists demanded 75 bitcoins (worth about $4.4 million at the time) in... View Details
Keywords: Disruption; Communication; Communication Strategy; Decision Making; Decision Choices and Conditions; Judgments; Corporate Accountability; Corporate Disclosure; Corporate Governance; Governance Controls; Policy; Employees; News; Cybersecurity; Digital Strategy; Information Infrastructure; Information Management; Internet and the Web; Crisis Management; Business or Company Management; Resource Allocation; Risk Management; Negotiation Tactics; Failure; Business and Stakeholder Relations; Attitudes; Behavior; Perception; Reputation; Trust; Public Opinion; Social Issues; Infrastructure; Distribution Industry; United States; Alabama
Srinivasan, Suraj, and Li-Kuan Ni. "Ransomware Attack at Colonial Pipeline Company." Harvard Business School Case 123-069, March 2023.
- February 2023
- Case
Ransomware Attack at Springhill Medical Center
By: Suraj Srinivasan and Li-Kuan (Jason) Ni
In July, 2019, Springhill Medical Center (“SMC”) in Mobile, Alabama, fell prey to a malicious ransomware attack that crippled the hospital’s internal network systems and public-facing web page. While the hospital rushed to securely restore the network, medical... View Details
Keywords: Disruption; Communication; Communication Strategy; Decision Making; Decision Choices and Conditions; Judgments; Corporate Accountability; Corporate Disclosure; Corporate Governance; Governance Controls; Policy; Employees; News; Cybersecurity; Digital Strategy; Information Infrastructure; Information Management; Internet and the Web; Crisis Management; Resource Allocation; Risk Management; Negotiation Tactics; Failure; Business and Stakeholder Relations; Attitudes; Behavior; Perception; Reputation; Trust; Public Opinion; Social Issues; Health Industry; United States; Alabama
Srinivasan, Suraj, and Li-Kuan (Jason) Ni. "Ransomware Attack at Springhill Medical Center." Harvard Business School Case 123-065, February 2023.
- October 2022 (Revised September 2023)
- Case
SolarWinds Confronts SUNBURST (A)
On December 12, 2020, SolarWinds learned that malware had been inserted in its software, potentially granting hackers access to thousands and thousands of its 300,000 customers. General Counsel Jason Bliss needed to orchestrate the company response without knowing how... View Details
Keywords: Cyberattacks; Cybersecurity; Corporate Disclosure; Crisis Management; Customer Focus and Relationships; Legal Liability; Information Technology Industry; United States
Nagle, Frank, George A. Riedel, William R. Kerr, and David Lane. "SolarWinds Confronts SUNBURST (A)." Harvard Business School Case 723-357, October 2022. (Revised September 2023.)