Social engineering of data over the Internet through phishing involves social and technological tactics to acquire information from victims. Attackers often target naive users to unwittingly divulge critical information such as their usernames; passwords from social network sites, bank and financial web pages; and credit card details. Fraudsters create fake web pages that closely resemble the original site and spread the pages through emails, web and multimedia messages to reach the target users. Modern day phishing emails are more malicious than before. Almost 90% of phishing attacks originate from organized crime groups, and the rest originate from rogue-nation adversaries. The attackers are primarily after their targets’ login credentials.
Telemedicine is fast-growing as a mobile health care information system (HIS) in most parts of the world. Fast Internet, smart phones and increased comfort of physicians in using electronic communication are also helping telemedicine become more widely adopted. Telemedicine consultation can contribute to reducing cost, lessening the stress of patients and improving accessibility to specialized consultations. However, it is difficult to schedule correct telemedicine sessions without a deep understanding of the health care needs of the region. The use of machine learning for decision making and better treatment has been a highly researched topic. Machine learning is also used to monitor patients remotely. However, this technique is not currently used to monitor telemedicine session broadcasting. In our recent Journal article, we present the case of an Indian health care organization that broadcasts telemedicine sessions to associated hospitals in remote locations. For the purpose of telemedicine governance, we suggest the following steps while using machine learning techniques through the department-session-organization (DSO) model proposed in our article:
Data protection used to be a simple compliance task. Most of the data protection laws are based on the Organisation for Economic Co-operation and Development (OECD) Privacy Framework Basic Principles. The core of this framework can be summarized as transparency—the purposes of personal data collection are made known and justified to individuals and their implicit or explicit consent is obtained before collection and processing. Furthermore, if an enterprise wants to change the use of personal data to a new purpose, the enterprise must obtain individuals’ consent before proceeding.
It all sounds just about doable, but the enterprise must also consider somewhat disruptive big data analytics, which indiscriminately collects massive amounts of data with the hope that a previously unforeseen insight will suddenly be discovered. This being the case, one would wonder how the now-contradictory concepts of transparency and big data analytics can be reconciled when an enterprise begins with no idea of the use it may have for the personal data that are collected for big data analytics.
The Hexa-dimension metric is an initiative that was prompted by the phenomenon that ramifications for privacy breaches are seldom satisfactory, no matter how meticulous the decision-making process. The reason for this lack of satisfaction is that consequences are argued in rational, logical and financial terms only. This deficiency leads me to reflect on the status quo: the solution that is derived from the Herbert Simon decision-making model, which is the guiding light for decision making and deep-rooted in our thought and practice of management, is congenitally defective. We need to improve the decision formulation. The Simon doctrine does not deliver a satisfactory decision because decision makers are not always rational and are sometimes judgmental, emotional or reliant on escalation of commitment. In addition, the decision variables are considered in financial terms only, but risk and cost can be ethical, social, legal, technical and ecological in nature.
Modern companies routinely collect a large amount of data, which are used for a variety of purposes, including audits. Analyzing the data and deciphering the story that they are telling could be done with very simple techniques or can require quite complex and sophisticated techniques. A number of software packages, some of them free, perform such complex analyses. These techniques can be applied by most auditors, provided they understand what the techniques do, not necessarily how they work. In my recent Journal article, I present a number of such techniques that have proven useful in audits. These techniques have different scopes and purposes, e.g., clustering automatically finds groups of similar behavior, while case-based reasoning finds the most closely related data instance in the database.