Sunday, February 17, 2019

Cyber Security at The National Bank of Ukraine

Cyber attack is a modern way of executing crime using digital technology. The National Bank of Ukraine is among the numerous organizations that have reported being offended through external hacking, which is one of the ways of executing the cyber attack. The National Bank of Ukraine is a financial organization that provides a variety of financial products and services. The type of cyber attack that occurred is hacking, which affected the functionality of the electronic infrastructure of the bank. The organization responded to it by scanning all its work stations for viral and suspicious files. Additionally, the bank redoubled its awareness of the cyber defense and warned other financial institutions in the country of a potential external attacker (The National Bank of Ukraine, 2017, para 2). Certainly, such a strategy would help to minimize the chances of the attack spreading to other organizations.
The electronic infrastructure of the bank, which includes the internal computer network and electronic payment system, was affected by the attack. Delayed customer service due to the slowdown in the operations of the bank led to financial loss. Thus, the cost of the attack is the financial loss suffered by the organization. Noteworthy, the IT infrastructure is the major target of the cyber attackers (Bordoff, Chen, & Yan, 2017, p. 3).  The bank responded to the attack by strengthening its cyber defense system.  In particular, it changed its operating procedure to ensure that all suspicious files are scanned to minimize the risk of future attacks. However, the organization should ensure that its IT infrastructure acquire sophisticated security systems that facilitate white listing of authorized sites and disable suspicious applications (Conteh & Schmick, 2016, p. 34). Other steps that the bank can take include strengthening encryptions and providing advanced training to support the efforts of IT department staff in curbing cyber attacks. The sophistication of the IT security systems will enable the company to detect and abort all forms of cyber threats before they can affect its operating infrastructure and information systems.
Bordoff, S., Chen, Q., & Yan, Z. (2017). Cyber attacks, contributing factors, and tackling strategies: The current status of the science of cybersecurity. International Journal of Cyber Behavior, Psychology and Learning (IJCBPL), 7(4), 68-82. 
Conteh, N. Y., & Schmick, P. J. (2016). Cybersecurity: Risks, vulnerabilities and countermeasures to prevent social engineering attacks. International Journal of Advanced Computer Research, 6(23), 31-38.
The National Bank of Ukraine (2017, June 27). The National Bank of Ukraine warned banks and other financial market participants about an external hacker attack. Retrieved from

Saturday, February 16, 2019

Cyber Security Measures

Organizations must have regular security checks and data backups. For an unexpected attack or data breach, it is really helpful to have an organization back up their data. To have a successful business, you must keep a habit of automatic or manual data backup on a weekly or daily basis.
In addition, the data should be protected through updated software and efficient anti-virus tools. However, to attain this, you must have progressive and efficient IT department. Make sure you are hiring someone with the right skills who you can trust to do the job properly.
An organization should be locked away with strong passwords. Making stronger passwords is necessary for fighting a number of password hacking tools that are easy to get on the market. Try ensuring that there are a combination of different characters including alphabets, numbers, symbols and other capital letters.
 Therefore, organizations should keep unique passwords for all employees as well as the departments. This can be easily managed using a password manager tool and ensuring that all employees receive proper data security training and password tips.

Friday, February 15, 2019

Non-Profits and Data Privacy Issues

I really went back and forth for awhile on this one, especially since I volunteer with a non-profit organization. Initially, my ethical thought was absolutely not, which was completely biased just on my own feelings. Then as I started to find different sources about data and understanding it more, I changed my mind. The struggle of fundraising for non-profits is a real one and I know at the non-profit that I am with, the technology and funding is just not there to make any of the data about clients secure. Everything is still hand written on paper and filed in a locked file-cabinet. This is also not efficient to use for any kind of analysis, which makes it likely that high quality decisions are not always being made by the organization. 

I think in an ideal world, we'd like to think the mortgage company just wants to engage in their community and help people, but they are a for-profit business and $10 million is a significant amount of money. It doesn't seem unreasonable for them to want something in exchange for that and I think the idea of waiting for a more aggressive investor to come along who thinks the data is more valuable could present a potentially unethical situation. To me that seems as though the non-profit is actively seeking out the selling of their client's data to the highest bidder, rather than an opportunity being presented to them with a company that from what is stated in the initial post, wants to provide services that would be useful to their clients. If bankruptcy of the non-profit was a concern, perhaps an ethical dilemma could be avoided by renegotiating the terms of the partnership for the data sharing to be for a specific amount of time to allow for continued partnership with the company in the future, if each organization is finding the partnership to be mutually beneficial, rather than shopping for another investor.

 The firm currently collects data and clients are already required to acknowledge that their data is being collected and analyzed and they must give permission for their data to be shared anonymously. Is this just for protection?  Does this mean that the non-profit is already sharing anonymous data with no compensation? This makes me think that a mortgage company offering $10 million dollars would not accept a renegotiation for anonymous data that is already being shared elsewhere.

Thursday, February 14, 2019

What is the difference between management and leadership?

When running a successful company, leaders and managers must work hand in hand to make sure things are running efficiently and effectively.    Leaders and managers play important roles when assisting in running a company, but there is a difference between leadership and management and their strategic decision making. 
Before I go on, my position on leadership and management is that before learning the differences between the two, I honestly thought the two were the same and had the same roles and responsibilities.    After doing my research, I do understand the two are different but to me they are still lead roles or positions.  According to Maccoby, leadership is a relationship between leaders and the led that can energize an organization whereas management is a function that must be exercised in any business (Maccoby, 2000).  Leaders and managers differ by the way they motivate the people who work with and around them.   Leaders create a vision and turn it into reality by inspiring, encouraging and engaging their people.  Managers focus more on setting, measuring and achieving or exceeding goals.  Being a leader and a manager takes patience and experience which not everyone has.  An example of a leader is some one who can lead an individual or a group to success.  And it is not only success, but it is also about teaching and passing down knowledge.   Dr. Martin Luther King, Jr.  was a great leader who influenced and inspired people to stand up for what they believed in.    An example of a manager is someone who assists the leader.  A coach who assists his athletic director is an example of a manager because they will assist the coach in leading a team to win by putting in the work.
When it comes to having strategic leadership and decision making, a strategic leader utilizes decision making teams as a powerful asset.  Leaders use their teams to improve their decision making and to solve problems.  In the long run, effective strategic leaders employ a strategic team to help them in the visioning process and gain insight into how to achieve long-term objectives.  A leader gets everyone involved in this process. 
In management strategic decision making, it is about setting goals, the actions needed to achieve those goals and resources and actions that will be used to get there.  Strategic management activities transform the static plan into a system that provides strategic performance feedback to decision making and enables the plan to evolve and grow as requirements and other circumstances change ( 
Leadership strategic decision making can impact the lives of individuals, communities, competition, markets, society, and culture.  In doing my research, I read in an article that “strategic leadership and decision making occurs within environmental contexts, both internal and external, and it is significantly influenced by the leader who, as an individual, possesses skills, abilities, filters, biases, and “baggage”.  Also, coping with the strategic environment requires understanding different cultures, different kinds of national objectives, and different means by which other nations aspire to achieve their objectives which leads to competitive advantages for the U.S.” (Fernandes, 2009).

Strategic Planning Basics. (n.d). Retrieved January 30, 2019, from

Wednesday, February 13, 2019

What is a cyber attack?

a cyber-attack is an attempt by hackers to cause damage a computer network or system. I remember when i used to work in a governmental sector, a cyber-attack hit the computer system. It's a cyber-attack that hit around 15 government agencies and authorities and it's called " Shamoon". In fact, that was a second wave of the attack ( on 2016) the first was back on 2012. 
the cyber-attack was so strong it hits the system as a whole, even the attendance fingerprint. Shamoon wipes data and takes control of the computer’s boot record, which prevents the PC from being turned back on." (Smith,2017)
the impact was so harsh on the business. i remember the system immediately was down after the attack and the business stopped suddenly. No one can do anything because everything in my organization was on the system. all the clients were coming to us and we could not do anything. The business was shut down for a whole week or two. Since it's governmental sector, there is not a lot of cost accrued regarding the organization accrued because the ministry of finance is the one responsible for the whole costs of the organization but doing nothing for the business for the whole week or two of course there are costs comes with it. What the organization did to prevent those type of attacks is to have a full back up to the system so once anything strange happens it can move to the backup system and the business would go on. I believe the most important thing to do if i was a manager, i would prevent any external email coming in or out to all employees emails unless the employees gets an authorization for it after verifying the email and making sure it's clean. 

Smith, & Smith. (2017, January 24). Saudi Arabia again hit with disk-wiping malware Shamoon 2. Retrieved from

Tuesday, February 12, 2019

Not Accepting the Partnership Offer

Not Accepting the Partnership Offer
Ethically, no I will not accept the partnership offer. Given our company’s objective to offer reliable and trustworthy services for those who are less fortunate. While the clients choose to sign a “intent to collect and analyze data” disclosure, they are more likely than not, not actually reading that disclosure. More importantly, if they are reading it, they might be willing to take the risk, depending on their situation, for collection of anonymous data. By accepting this partnership offer, you might potentially alienate people who really need the services but aren’t willing to have their data be public knowledge.
In addition, regardless of nonprofit or for-profit organizations, data needs to be used in the same anonymous manner (Woods, 2014). Because this entity is seen as a financial services provider and is held at a higher standard for privacy practices which would not be upheld in this deal as written (Woods, 2014).
My reasoning for the decline of this offer stems back to my previous research on the Facebook and Cambridge Analytica scandal in 2018. While Facebook is a publicly traded company and not similar to a non-profit organization, the data sharing concept is relevant. Facebook executives made a choice to allow third party application users to have access to profile information from users and this led to the sale of data to Cambridge Analytica who then used the information in 2016 Presidential Campaigns (Tuttle, 2018).
While this data is anonymous for the firm, I would argue that it could potentially still be used for improvement purposes of the organization which in turn could eventually been seen as effective revenue. If the firm uses their data to determine how many times people are using their services, their financial state over time, etc. They can use this information to see if their services are effective. If they are not, then they can use this information to improve upon their processes and methods in order to be more effective. “Nonprofits are taking on business strategies and outcome metrics, often seeking to generate earned revenue to wean themselves from dependency on charity” (Woods, 2014).
New Proposal
If the mortgage company is still interested in partnering with our firm and willing to renegotiate, I would propose that they find a way to use anonymous data. In addition, they would receive demographics, behaviors and financial records, but no personal information tied to them. This could still be of use when marketing products to different individuals.
One of the primary hesitations for my refusal of the first offer is “The Mortgage company also reserves the right to sell your clients’ data.” This clause will be removed from the new proposal. Instead, if the mortgage company wants to use our data, it will agree to eliminate the sale of the data. This clause will be upheld by semi-annual audits in order to ensure that the data is remaining confidential.
Andrew K. Woods, "Do Civil Society's Data Practices Call for New Ethical Guidelines?" Stanford University, 2014. Retrieved from: 
Tuttle, H. (2018). Facebook Scandal Raises Data Privacy Concerns. Risk Management,65(5), 6-9. Retrieved January 27, 2019, from

Monday, February 11, 2019

What is the Internet of Things (IoT)?

Internet of Things (IOT)
            Internet of Things (IOT) is providing various challenging opportunities in different industries among significant growing applications. These systems and applications incremental growth is developed throughout the use of parallelly developed systems such as radio-frequency identification (RFID), mobile devices, sensors and wireless that prescribes the use of the application upon the IOT innovations and solutions. Significant growth of IOT applications is expected to enhance the productivity, efficiency and prosperity of many industries in the current market.

IOT emerging was initiated upon the linkage of any system that identity’s an object throughout RFID Xu and He and Li (2014).  Consequentially, IOT solutions were developed with more advanced technologies such as sensors, GPS devices, mobiles, actuators and automation systems.
The significant increase in IOT innovations is led by various industries such as health care, food processing, transportation, weather monitoring and many other industries in today’s market.

IOT can be defined as the composition of network infrastructure on various devices that are connected throughout sensors, communication network or any other information technology Xu and He and Li (2014).  IOT enables interconnectedness of different information technology devices anywhere, anytime on the planet by utilizing all the internet compensations on the normal daily life Want and Schilit and Jenson (2015). Zanella and Bui and Castellaniand Vangelista and Zorzi, (2014) defined IOT as “a recent communication paradigm that envisions a near future, in which the objects of everyday life will be equipped with microcontrollers, transceivers for digital communication, and suitable protocol stacks that will make them able to communicate with one another and with the users, becoming an integral part of the Internet”.
Key IOT Technologies
Many organizations are interested in IOT solutions as a factor of tremendous economic benefits. Consequentially, many countries have had a significant increase in IOT investments as the UK government invested 5 million Euro to develop IOT projects and China was planning to invest 800 million USD in IOT industries since 2015 Xu and He and Li (2014). Organizations are developing IOT projects in different applications that depend on the organization’s comparative advantage. The following paragraphs provides some examples of how some key industries implement IOT solutions.
Health care and IOT. Health care industry has an opportunity for developing IOT applications by using RFID of people, equipment, medicines, etc. for identifying patient’s identity and retrieving records. One of the applicable implementation of IOT applications in health care is the connectedness of related information which are used for patient’s health status follow up by their doctors through special sensors which then transfer the required medicines to the pharmacy as an electronic prescription that would automatically select the required medicines and prepare them for logistics support to deliver them to the patient’s place.  The implementation of IOT solutions in health care can help to improve doctor-patient follow up and can help to reduce the impact of late illness discovering. Furthermore, the connectivity between healthcare stakeholders is a key factor to increase productivity for the service providers in the whole process. 

IOT and food supply chain application. The vast increasing in social economy plays an important role on covering a large geographical area throughout a complex operating process. Since this process includes many stakeholders that are participating through the whole operating process, IOT solutions implementation in this industry is considered challenging. Anyhow, the IOT researchers are considering a massive coverage of the food supply chain that is expected to cover the whole operating process called farm-to-plate manner. Which means from the agriculture operations to food industries operations until food consuming. Using multiple IOT solutions to improve the efficiency and connectivity of the business process which is considered a great opportunity for IOT innovations and solutions.

Use in transportation. IOT can provide a massive change in transportation as this industry applications and IOT solutions are growing incrementally by many transportation entities. For example, IOT can help for tracking any vehicle and record its movement and predict any future practices. As one of the most IOT solutions provider in transportation, BMW developed an IOT technology called (I Drive system) that includes many sensors and tags to monitor the vehicle’s location, movements, tracks, roads condition to provide driving directions Xu and He and Li (2014).

Smart Cities and IOT applications. Smart cities market is expected to invest hundreds of billion dollars by 2020 with an annual spending which might be near to 16 billion Zanella and Bui and Castellaniand Vangelista and Zorzi, (2014). These cities include various implications of smart systems such as smart utilities, smart buildings, smart environment, smart governance, etc. The expansion of smart cities development is still lacking due to various challenges such as political, technical and financial barriers Zanella and Bui and Castellaniand Vangelista and Zorzi, (2014). Political barriers are found upon information privacy and security to the different stakeholders in these cities. These political obstacles can be minimized throughout the development of an institutional processes and practices reference for all stakeholders to clarify any conflict of political dimensions. Secondly, the vast scope that is included in the smart city master plan required many technological solutions in terms of infrastructure and buildings in order to develop IOT solutions. Therefore, the huge need of technological innovative solutions might lack the development process of the smart cities projects. Finally, smart cities recent emerging is considered as a lack of an ambiguous business model through the large scope of the technical requirements mentioned earlier. Therefore, the investment in smart cities is still considered risky for some markets.  

PADOVA Smart City Project. The University of Padova in Italy initiated a project called Padova Smart city. This project was built in cooperation with public and private sector for running a model of smart city. The municipality as a project financial sponsor provides all required infrastructure for the developers. Many sensors and actuators have been installed in Padova for the implementation of the IOT design for the smart city concept. The IOT network in this project consist of traffic lights, road lights, wireless network, entrances gates, environment sensors and temperature and humidity sensors. This project can be considered as a good example of smart city implementation as many activities of the city are connected through various technological devices to ensure safe and updated traffic and whether effective monitoring and operations.

            IOT as an integration of information technology that has inbuilt sensing, communication, processing and networking features. The implementation of IOT applications in various industries can foster the productivity and efficiency of process management, communication, data analysis, monitoring and controlling. It can be seen as an effective innovative solution for all stakeholders involved in any particular industry. The threat that would impedes organizations form investing in IOT can be seen as an opportunity for the developers to come over the technology challenges by impressive innovations. Furthermore, other threats such as political and financial barriers can be resolved throughout the market growth on IOT applications which would increase the experience and maturity of IOT developers and end-users.

Want, R., Schilit, B. N., & Jenson, S. (2015). Enabling the internet of things. Computer, 48(1), 28-35. doi:10.1109/MC.2015.12

Xu, L. D., He, W., & Li, S. (2014). Internet of things in industries: A survey. IEEE Transactions on Industrial Informatics, 10(4), 2233-2243. doi:10.1109/TII.2014.2300753

Zanella, A., Bui, N., Castellani, A., Vangelista, L., & Zorzi, M. (2014). Internet of things for smart cities. IEEE Internet of Things Journal, 1(1), 22-32. doi:10.1109/JIOT.2014.2306328

Pollard, C., Turban, E., Wood, G. (2018). Information technology for management: On-demand strategies for performance, growth, and sustainability (11th ed.). Hoboken, NJ: John Wiley & Sons, Inc. ISBN: 9781118890790

Sunday, February 10, 2019

Using Web Forms in Email Marketing

While an email marketing tool or campaign may generate its own data, this is best leveraged with existing customer and marketing data, and these should work together to build out a unified database. Using web forms, analytics, sales data, leads, event attendee lists, survey data, demographics, and other data sources an email marketing campaign can become highly effective. The more detailed and segmented the contacts can be broken into the more focused a campaign can be, and the more meaningful the analytics acquired from the said campaign can be in fine-tuning the message for that target audience (Dodson, 2016).
Dodson, I. (2016)The Digital Marketing Playbook. [Purdue University Global Bookshelf]. Retrieved from  

Saturday, February 9, 2019

Tasnee Cyber-security Crisis

A case study on the Tasnee Cyber-security Crisis.


As I have mentioned in my previous discussions, the modern war of these days is cybersecurity attacks. Cybersecurity attacks can be significantly impactful to organizations on the public and /or private sectors. Instead of risking the thousands of soldiers to perform and assault attack against a specific government, the same attack could be performed to make an impact that might be equal if not more that the military intervention. Nowadays, the most trending topic in the world is the cybersecurity. According to the American Federal Bureau of Investigation “FBI”, protecting the United States against cyber-based attacks and high-technology crimes is one of the top eight priorities of the bureau (FBI Website, 2016). Recently in 2017, the Kingdome of Saudi Arabia has suffered from a number of cybersecurity attacks targeted to attack a number of governmental entities and major industrial companies in kingdom. Tasnee, the National Industrialization Company, a leading petrochemical company and one of the largest titanium producer in the world, was a victim of a vicious cyber assault. 


In January 2017, Tasnee’s computers suddenly malfunctioned and company’s data was wiped clean. According to Symantec investigation, a leading company in cybersecurity, a known virus called Shamoon was deployed by hackers with an intent of not only destroying Tasnee’s computers but to sabotage the firm’s operations and trigger an explosion. Hopefully, with the grace of god the explosion did not take place due to a mistake in the attackers’ computer code. investigators believe that such an attack could successful take place again on other organizations as most probably hackers have realized the computer code mistake and they have fixed it by now to lunch another attacks (Perlroth & Kraus, 2018). Tasnee started working to recover its business and operations, but unfortunately, the same unexpected attack was lunched against Tasnee on August 2018.   


Unfortunately, Tasnee was not ready in both of the hackers’ assaults to defend its infrastructure of such attack. Although, a specific cost was not publicly announce to quantify the impact, however, Tasnee has paid millions of dollars to replace the damaged computers infrastructure, investigate what happened and implement recent technologies and technique to prevent such incident to happen again. Tasnee suffered around a complete year trying to reconfigure its systems by restoring the backup tapes manually, which was the only solution at that time. All system configurations and data were lost in the attack. In order to mitigate cybersecurity assault incident from happening again, Tasnee has engaged IBM and Symantec to investigate the incident and to revamp the entire cybersecurity standers with the organization. Tasnee has engaged with a number of information security firms to implement a security operation center, enterprise incident response, conduct periodic vulnerability assessment and penetration testing exercises (S, 2018). 


Tasnee has learned a lot from this experience, but learned such lesson in the difficult way. If were a business manager, I would implement a number of measured to ensure such assault never take place in the same form and even if such thing happens, the firm is resilient enough to survive and walk out of this war with a victory. Implement a complete business continually management system as per the ISO 22301 standard. Implementing the latest concepts of the ISO 27001 information security management and significantly increase the cybersecurity awareness on the corporate level by conducting training sessions, sending emails and implementing phasing framework to educate end-users and to increase the incident response resilience. Lastly, implementing a complete crisis management program to ensure that Tasnee has the mitigating measures if such crisis occur in the future.


Tuesday, February 5, 2019


Cleaning Database

With the inheritance of 10,000 subscribers has made this time for my company to first perform a data cleanup before we conduct our email marketing campaign. The steps used to clean up our database beginning with data collection in forms of opt-in subscribers. Next, through segmentation of your accumulated data, you will be able to optimize the use of which data is essential for your business to keep. You will divide subscribers list into segments and then defining those segments in accordance with your subscribers' attributes, likes, dislikes, and requirements. Think of it as a Venn diagram. A Venn diagram, like segmentation, allows you to create distinct sets, or segments, of data based on both different and shared characteristics. Simply put, segmentation allows you to personalize your email communications based on these specific characteristics of your target audience. It's important to remember that when you are segmenting your target audience you should create clearly identifiable segments or groups of subscribers with similar defining feature These features could include:

Demographics. Demographics refers to the gender, education, culture, or age of your subscribers; in other words, the email content you target a teenage audience with might not be applicable to older recipients.

Geography. Equally important is the location of your subscribers. If you are the owner of a brick-and-mortar store in Vancouver and your email marketing campaign is centered on an in-store promotion, you won't want to target users on your email list who are based in England.

History. Don't forget to harness the history you have built up among those subscribers who an also customers. You are already familiar with their buying habits you know when they buy, how they buy, and why they buy particular products. This kind of insight is invaluable because you can use it to anticipate what they might want to buy next! So if, for example, a customer bought paper from your office supplies store, you could anticipate future purchases such as ink, toner, and pens and use that knowledge to inform your next marketing email to them.

Relationship. Your relationship with your subscriber's matters. It is something incredibly valuable. Something profound. If nurtured and cared for properly, it can result in those three little words that make a marketer's insides flutter: return on investment. Let's put it into context. Would it make more sense to send an email announcing price increases to someone who has purchased consistently from you for the past five years, or to have that be the first communication you send to a brand new acquisition? Navigate your relationship with consideration and tact, and you will be able to use it to your email marketing advantage.
Customer lifecycle. You will have a subscriber list of individuals who are all at very different stages in the customer lifecycle. Whether they have yet to make a purchase or are dormant customers who haven't purchased in years, this information can provide you with an understanding of how you should be communicating with them. In the case of the dormant customer segment, for example, you could use a targeted campaign filled with special offers and incentives to re-engage that segment.

Dynamic segmentation. Closely related to the idea of tailoring marketing emails based on buying history and customer lifecycle is the concept of dynamic segmentation. This type of segmentation is based on information gathered throughout the customer lifecycle(Ellinger, D., 2018). 


Creating an email campaign using Dodson’s four-stage email marketing process will include; Data collection, segmentation, and management. Step two, design, email clients interaction process, sender, subject, copy, images, and risks. Step three, delivery, ESP’s, scheduling. Step four, discovery, interaction scale, campaign report, subscriber report, and split test(The Art of Digital Marketing, 2018).  


Ellinger, D. (2018). How to Manage Your Candidate Database | BullhornBullhorn. Retrieved 20

The Art of Digital Marketing. (2018). Google Books. Retrieved 20 November 2018, from (2018). Retrieved 20 November 2018, from


Featured Post

Johns Hopkins Aramco Healthcare Business Case Study

Business Case:   Johns Hopkins Aramco Healthcare    Operations Management Report   Table of Content...