Raphael Kyle Caoile Manansala discusses how since its 2014 iteration of iOS, also known as iOS 8, Apple has taken an unprecedented step of introducing full-disk encryption as a feature dubbed as Data Protection when an iPhone user sets a passcode lock. This pioneered the idea in Silicon Valley that the data on smart technology devices like the iPhone belonging to its users. Apple has been known for its attention to detail. As we further explore its design decisions, we will see just how Apple took careful considerations in making decisions based on the security and privacy of its customers.
Read MoreWater in Trouble
Clarissa Pendleton discusses the criticality of the Water and Wastewater Systems Sector, both to life and the operation of the nation. However, the sector has operational flaws that could have severe consequences. This paper explores the risks and vulnerabilities of the sector by analyzing its current state and examining the private and public sector from an operational risk lens.
Read MoreEssex Lorry Deaths: A Tragedy of Human Smuggling
Ting-Yen Tsai describes the tragic death of 39 Vietnamese people in Essex, England, who suffocated in the air-tight cargo container in an attempt to be smuggled over the border into the United Kington. The analysis focuses on the event’s significance, the risks it poses, and potential recommendations for the UK government and law enforcement authorities.
Read MoreInstagram and Mental Health — Profits or Positivity?
Connor Tatman discusses the risks facing the picture-sharing application Instagram, a social media giant, as it explores ways to balance the mental health of its users and the way it currently generates its revenue, namely advertisement through direct sponsorship and marketing via social media influencers. If Instagram shifts its user experience away from “likes” being publicly visible, it must consider a number of potential risks to its current business model. The author identifies some of these risks, and potential steps to mitigate that exposure.
Read MoreCybersecurity in the Pharmaceutical Industry
Allessandra Quevedo discusses the heightened levels of risk exposure spanning across the entire technological infrastructure connected to the pharmaceutical industry, from research and manufacturing, and from distribution and hospitals. Companies in the pharmaceutical industry contain increasingly growing (and massive) bodies of sensitive data, including proprietary information related to products as well as consumer healthcare information. Therefore, it is imperative that companies adapt systems and processes to making sure their proprietary and sensitive data remains secure and accessible from emerging cybersecurity threats.
Read MoreHuawei Company Risk Management
Bingyan Wang discusses the system and external event risks faced by the global communications technology company Huawei in recent years. For this company—whose mission is to “bring digital to every person, home and organization for a fully connected, intelligent world” —the author explores the increased areas of risk exposure and provides potential recommendations for risk management.
Read MoreAn Analysis of the Indian Adoption Project and Current Migrant Family Separation Policies
Amanda Phillips discusses the devastating failures of the U.S. government to properly implement information management principles during the enactment of family separation policies, both as part of the Indian Adoption Project of 1958 and the separation of migrant families in 2018. Like Native American tribes have experienced for the last 50+ years, the children of asylum seekers and other migrant families have been separated from their loved ones, through information management failures, many of these children have been systematically deprived of their parents and culture as a result. Consequently, a new generation of vulnerable children face the increased risk of experiencing cultural genocide due to the U.S. separation policies resulting in a loss of fundamental cultural knowledge systems, languages, and identities.
Read MoreA Need for Increased Support of Cybersecurity Education
Peyton Lyons discusses the current state of cybersecurity education programs in the U.S. and the need for increased support from the government to meet the demands of the growing industry. This paper goes on to examine China and Israel to discuss how other countries are approaching cybersecurity education and how programs in the U.S. compare. With increasing demands for cybersecurity professionals, the U.S. needs to invest more in STEM education and offer hands-on learning opportunities that support developing the necessary skills to be successful in the cybersecurity industry.
Read MoreWash Your Hands and Update Your Software
Roger St. Louis discusses how cybercriminals are exploiting the new opportunities and exposures stemming from the coronavirus pandemic to increasingly acquire personal information and profit from the misery of others. As the coronavirus pandemic in 2020 has created new vulnerabilities, there is a need to strengthen cybersecurity approaches in three specifically categories
Read MoreIoT and SCADA Risk
Alex Osuch discusses the emerging risk associated with the new systems of automation and networked devices becoming embedded in the critical energy sector’s infrastructure. The nation’s energy infrastructure is becoming increasingly connected and continues to converge, producing new kinds of vulnerabilities and areas of exposure, including in the realm cybersecurity. This paper examines advanced metering, substation automation, and nation-state risks in the smart grid.
Read MoreThe Evolution of Aadhaar in India
Ashritha Dsouza analyzes and identifies the biometric-based identity program Aadhaar in India, and the challenges it faced from various stakeholders. This paper discusses the gaps in processes and external events of the Aadhaar project and suggests ways to address those gaps.
Read MoreAI and Policing - Bias, Failures, and A Path Forward
Peyton Lyons discusses the intersection of artificial intelligence and policing by examining facial recognition surveillance and predictive policing technology. These technologies have a large impact on individuals and communities and run the risk of being impacted by institutionalized and internalized bias. The way forward requires regulation, incorporating diverse perspectives, and including the public and community leaders in conversations about artificial intelligence as a policing tool.
Read MoreFollowing Up on the Internet Bill of Rights
Maeve Edstrom examines the feasibility of implementing the Internet Bill of Rights proposed by Congressman Ro Khanna in 2018. The policy topics of data collection and security, net neutrality and data autonomy are evaluated through past precedence, a return on investment analysis and a survey of the current political landscape.
Read MoreGDPR Enforcement and Google’s €50 Million Fine
Alex Osuch discusses the enforcement of the European Union’s (EU) General Data Protection Regulation (GDPR). This paper specifically looks at the case of Google incurring a record-setting €50 million fine from CNIL, the French Data Protection Authority, for failing to properly acquire consumer consent during the Android phone activation process. The implications of this ruling suggest thorny design issues with which all information organizations operating within the EU must contend.
Read MoreThe Implications to the Lack of Ethical Conduct
Julia Summers explores the growing imperative to define the social and ethical responsibilities that are emerging as advanced technologies are becoming ubiquitous tools in our daily lives. The author examines the ethical practices of International Business Machines (IBM) Corporation throughout the years and across the world, and evaluates the reputational and security implications of company’s past and present decision-making patterns within this context.
Read MoreThe Dubious Merits of Meritocracy
Melanie Keane discusses the prevalence and impact of the social norm of meritocracy in a variety of social contexts, including the workplace and in the criminal justice system. The paper explores the substantial body of research that reveals how meritocracy is associated with increased acceptance of inequality as well as negative attitudes.
Read MoreOperational Risks in Healthcare IT
Elizabeth Crooks discusses the operational risks related to information technology (IT) within the Healthcare and Public Health sector. This critical infrastructure sector’s faces particularly challenging risks due to its size, its diversity of organizations, and its inherently open-to-the-public nature. The analysis examines common operational risks that face both the public and private sides of the healthcare IT subsector across all dimensions of operational risk - people, processes, systems, and external events.
Read MoreEmpowering Students to Prevent School Shootings
Phoebe Keleman discusses the uniquely American epidemic of gun violence – specifically mass shootings – currently occurring in schools. The author believes that regardless of the cause, a new approach needs to be taken for risk mitigation and prevention within the current context. The recommendations include suggestions for how students can work together with their teachers and administrators to help prevent school shootings.
Read MoreThe Worst Sexual Abuse Scandal in Athletics
Malory Rose discusses how Dr. Larry Nassar was able to sexually abuse hundreds of underage athletes for over twenty years while under the failed oversight of two organizations. The safety and risk mitigation systems - and the individuals who were responsible for implementing them - failed these athletes. There are lessons to be learned in order to prevent similar abuse from happening in the future.
Read MoreOperational Risk Challenges for the CDC
Elizabeth Crooks discusses the major operational risks facing the Centers for Disease Control and Prevention (CDC) – threats of funding cuts, and the impact of political appointments and whims.
Read More