Publications

September 2016
Case

Hewlett Packard Enterprise: The Dandelion Program

By: Gary P. Pisano and Robert D. Austin

This case describes Hewlett Packard Enterprise’s “Dandelion Program," which has developed a new service offering for the company’s clients by drawing on the special talents of people with autism. The company has deployed “pods” organized around 8 or 9 employees with... View Details

Keywords: Organizational Behavior; Information Technology; Organizational Change and Adaptation; Leadership; Talent and Talent Management; Service Operations; Training; Diversity; Innovation and Invention; Technology Industry

Teaching Interest

Overview

By: Frank Nagle

Prof. Nagle has taught a wide variety of topics to various types of students including everything from computer programming and e-commerce for undergraduates to cyber security for the FBI and HBS Executive Education participants to innovation and technology management... View Details

12 Questions About Hybrid Work, Answered by Tsedal Neeley

At the beginning of the pandemic, I View Details

January 2025
Case

Cyber Oversight: SolarWinds Board of Directors

By: Lynn S. Paine

In 2020, just two years after its IPO, information technology company SolarWinds discovered that it was the victim of an attack on its information systems by Russian hackers. The incident, known as the Sunburst attack, was costly for the company, and certain... View Details

Keywords: Corporate Governance; Corporate Accountability; Governing and Advisory Boards; Cybersecurity; Lawsuits and Litigation; Legal Liability; Business and Shareholder Relations; Information Technology Industry; United States; Texas; Delaware

2022
White Paper

Census II of Free and Open Source Software - Application Libraries

By: Frank Nagle, James Dana, Jennifer Hoffman, Steven Randazzo and Yanuo Zhou

Produced in partnership with Harvard Laboratory for Innovation Science (LISH) and the Open Source Security Foundation (OpenSSF), Census II is the second investigation into the widespread use of Free and Open Source Software (FOSS). The Census II effort utilizes data... View Details

Keywords: Open Source Software; Applications and Software; Cybersecurity; Open Source Distribution

Read Now

March 2023
Case

Ransomware Attack at Colonial Pipeline Company

By: Suraj Srinivasan and Li-Kuan Ni

On the morning of May 7, 2021, Colonial Pipeline Company became aware that the company had been the victim of a malicious ransomware attack that had stolen and locked up company data. The extortionists demanded 75 bitcoins (worth about $4.4 million at the time) in... View Details

August 2022
Supplement

Atlanta Ransomware Attack (B)

By: Amit Goldenberg and Julian Zlatev

This case describes the March 2018 Ransomware attack on the information technology (IT) systems of the city of Atlanta and the response by Mayor Keisha Lance Bottoms and her administration. The case includes a brief background on Bottoms and her young administration at... View Details

August 2022
Case

Atlanta Ransomware Attack (A)

By: Amit Goldenberg and Julian Zlatev

This case describes the March 2018 Ransomware attack on the information technology (IT) systems of the city of Atlanta and the response by Mayor Keisha Lance Bottoms and her administration. The case includes a brief background on Bottoms and her young administration at... View Details

March 2023
Teaching Note

Ransomware Attack at Colonial Pipeline Company

By: Suraj Srinivasan and Li-Kuan Ni

Teaching Note for HBS Case No. 123-069. On the morning of May 7, 2021, Colonial Pipeline Company became aware that the company had been the victim of a malicious ransomware attack that had stolen and locked up company data. The extortionists demanded 75 bitcoins (worth... View Details

Do your business students plan to use the internet at work? Then they need to know about cybersecurity. Threats to computer systems grow and evolve daily, putting the operations, information, and reputation of companies—as well as individuals—constantly at risk.... View Details

September 2017 (Revised July 2018)
Case

CyberArk: Protecting the Keys to the IT Kingdom

By: Raffaella Sadun, David Yoffie and Margot Eiran

CyberArk was the recognized leader in the Privileged Account Management (PAM) space, a cybersecurity subsegment it had essentially created to secure organizations’ IT systems and sensitive data. Over 17 years, the Israeli company had grown to a market capitalization of... View Details

Keywords: Strategy; Growth and Development Strategy; Organizational Culture; Competitive Advantage; Information Technology; Cybersecurity; Information Technology Industry; Israel; United States

April 2020
Supplement

Cisco Systems and OpenDNS: Strategic Integration (B)

By: Andy Wu and David Wang

With more than 72,000 employees and revenues approaching the $50B mark, Cisco Systems is one of the largest information technology and networking firms globally. As the company grew and expanded into different lines of businesses, Cisco consistently looked outwards for... View Details

Keywords: Mergers and Acquisitions; Integration; Corporate Strategy; Change Management; Entrepreneurship; Organizational Culture; Information Technology Industry

February 2017 (Revised May 2017)
Case

Rapid7

By: Mitchell Weiss, Paul Gompers and Silpa Kovvali

That Corey Thomas, vice president at Boston-based Rapid7, Inc., was about to enter his investor’s boardroom to negotiate a potential acquisition of Metasploit, LLC, was already an unlikely achievement of sorts. After all, Rapid7 was a venture-backed, corporate... View Details

Keywords: Acquisition; Computer Hacking; Open-source; Corey Thomas; Rapid7; Exploit Testing; Mergers and Acquisitions; Cybersecurity; Computer Industry; North and Central America; Boston

January 2025
Technical Note

AI vs Human: Analyzing Acceptable Error Rates Using the Confusion Matrix

By: Tsedal Neeley and Tim Englehart

This technical note introduces the confusion matrix as a foundational tool in artificial intelligence (AI) and large language models (LLMs) for assessing the performance of classification models, focusing on their reliability for decision-making. A confusion matrix... View Details

Keywords: AI; Reliability; Confusion Matrix

April 2018
Case

Cisco Systems and OpenDNS: Strategic Integration

By: Andy Wu, George Gonzalez and David Wang

With more than 72,000 employees and revenues approaching the $50B mark, Cisco Systems is one of the largest information technology and networking firms globally. As the company grew and expanded into different lines of businesses, Cisco consistently looked outwards for... View Details

Keywords: Mergers and Acquisitions; Integration; Corporate Strategy; Change Management; Entrepreneurship; Organizational Culture; Information Technology Industry

January 2022 (Revised November 2023)
Supplement

Uber in China (C): The Cost of Success for Didi

By: William C. Kirby and Noah B. Truwit

On June 30, 2021, ride-hailing giant Didi Chuxing (Didi) raised $4.4 billion in its initial public offering (IPO) on the New York Stock Exchange (NYSE), the largest IPO of a Chinese company listed on an American exchange since Alibaba raised $25 billion in 2014.... View Details

Keywords: Uber; Didi Chuxing; Start-up Growth; Regulation; Ride-sharing; Transportation; Business Startups; Business and Government Relations; Cross-Cultural and Cross-Border Issues; Growth and Development; Policy; Competition; Laws and Statutes; Transportation Industry; Technology Industry; China

2024
Working Paper

Navigating Software Vulnerabilities: Eighteen Years of Evidence from Medium and Large U.S. Organizations

By: Raviv Murciano-Goroff, Ran Zhuo and Shane Greenstein

How prevalent are severe software vulnerabilities, how fast do software users respond to the availability of secure versions, and what determines the variance in the installation distribution? Using the largest dataset ever assembled on user updates, tracking server... View Details

Keywords: Cybersecurity; Applications and Software; Technology Adoption; Consumer Behavior

Find at Harvard