Publications

Educators

2023
Article

MoPe: Model Perturbation-based Privacy Attacks on Language Models

By: Marvin Li, Jason Wang, Jeffrey Wang and Seth Neel

Recent work has shown that Large Language Models (LLMs) can unintentionally leak sensitive information present in their training data. In this paper, we present Model Perturbations (MoPe), a new method to identify with high confidence if a given text is in the training... View Details

Keywords: Large Language Model; AI and Machine Learning; Cybersecurity

March 2024
Teaching Note

SolarWinds Confronts SUNBURST

By: Frank Nagle and David Lane

Teaching Note for HBS Case Nos. 723-357 & 723-368. View Details

Keywords: Cybersecurity; Corporate Disclosure; Crisis Management; Information Technology Industry; United States

24 Apr 2023 - 27 Apr 2023
Conference Presentation

Diversity, Equity, & Inclusion: The Paradoxical Effect & Impact on Security

By: J. Carlos Vega, Hise O. Gibson, Nicole Gilmore and Larry Whiteside Jr.

Diversity, Equity, & Inclusion (DEI) is necessary to create the world class teams we need to defend against advanced threats and adversaries; however, the approach that most take often fails spectacularly. The panel challenges the current practices, the failings, and... View Details

Keywords: Diversity; Cybersecurity; Corporate Social Responsibility and Impact

Web

Contacts & Resources | Information Technology

faculty, staff, and Doctoral students can login to the HBS IT Services and Support Portal to search IT services and documentation, check service status, or submit a help ticket. Let us know if there are other topics on cybersecurity best... View Details

05 Feb 2019
News

Protecting the Power Grid

key component of solutions.” With increasing interdependence between the nation’s electric grid and the public internet, cybersecurity is gaining attention of both regulators and the public. “Foreign adversaries have regularly penetrated... View Details

Keywords: Ralph Ranalli; terrorism; Electric Power Generation, Transmission, Distribution; Utilities

Profile

Julio Cedeno

Julio met his wife, Sarah, at the university. After graduation, they moved to Houston where Julio began a six-year tenure with Chevron. Balancing act of work, marriage, and education Julio had interned with Chevron between his junior and senior years, contributing to... View Details

Keywords: Manufacturing/Energy

2022
Article

Data Poisoning Attacks on Off-Policy Evaluation Methods

By: Elita Lobo, Harvineet Singh, Marek Petrik, Cynthia Rudin and Himabindu Lakkaraju

Off-policy Evaluation (OPE) methods are a crucial tool for evaluating policies in high-stakes domains such as healthcare, where exploration is often infeasible, unethical, or expensive. However, the extent to which such methods can be trusted under adversarial threats... View Details

Keywords: Analytics and Data Science; Cybersecurity; Mathematical Methods

October 2022 (Revised September 2023)
Case

SolarWinds Confronts SUNBURST (A)

By: Frank Nagle, George A. Riedel, William R. Kerr and David Lane

On December 12, 2020, SolarWinds learned that malware had been inserted in its software, potentially granting hackers access to thousands and thousands of its 300,000 customers. General Counsel Jason Bliss needed to orchestrate the company response without knowing how... View Details

Keywords: Cyberattacks; Cybersecurity; Corporate Disclosure; Crisis Management; Customer Focus and Relationships; Legal Liability; Information Technology Industry; United States

Educators

March 2022
Article

From Proprietary to Collective Governance: How Do Platform Participation Strategies Evolve?

By: Siobhan O'Mahony and Rebecca Karp

When platform leaders change the rules guiding who can access and control a platform, the strategies of those who create value from the platform can be upended. Little research examines how platform participants adapt their strategies when a platform leader changes the... View Details

Keywords: Platform Governance; Access; Crowdsourcing; Applications and Software; Employees; Leadership Style; Cybersecurity; Risk Management

Find at Harvard

2021
Article

Evidence of Decreasing Internet Entropy: The Lack of Redundancy in DNS Resolution by Major Websites and Services

By: Samantha Bates, John Bowers, Shane Greenstein, Jordi Weinstock, Jonathan Zittrain and Yunhan Xu

This paper analyzes the extent to which the Internet’s global domain name resolution (DNS) system has preserved its distributed resilience given the rise of cloud-based hosting and infrastructure. We explore trends in the concentration of the DNS space since at least... View Details

Keywords: Domain Name System; Resilience; Entropy; Internet and the Web; Infrastructure; Performance Effectiveness; Safety; Cybersecurity

November 2024
Supplement

FedEx Cyberattack (B): Reflections and Lessons

By: Hise Gibson, Frank Nagle, Alicia Dadlani and Martha Hostetter

Set in 2024, this (B) case provides an update to the (A) case (no. 625-049) about a devastating cyberattack that destroyed thousands of computers and business systems at FedEx’s European division in 2017. It describes lessons learned and changes made in the wake of the... View Details

Keywords: Cybersecurity; Disruption; Crisis Management; Organizational Change and Adaptation; Europe

March 2022
Article

How to Prioritize the Improvement of Open-Source Software Security

By: Frank Nagle

Keywords: Open Source Distribution; Cybersecurity; Applications and Software

14 Nov 2019
Blog Post

Future Leaders Dive into the MS/MBA: Engineering Sciences Program

the program will help him expand on the cybersecurity work he did in the military. “For nine years, I concentrated on defense work, and I wanted to come here to get a broader experience and understand more of the business side—to see how... View Details

03 Mar 2016
News

3-Minute Briefing: Pamela Meyer (MBA 1986)

cybersecurity resulted in losses of $500 billion in 2014, but we’re only spending about $100 billion to address the problem. There’s a huge gap between the size of the threat and our ability to detect it. + ONLINE web-only content... View Details

Keywords: Julia Hanna

July 16, 2015
Article

How Small Businesses Can Fend Off Hackers

By: Lou Shipley

If you wanted to hack a business, which one would you pick: A Fortune 500 company with a large digital-security budget and a team dedicated to protecting its cyberassets? Or a small enterprise that doesn’t employ a single IT security specialist? Security breaches at... View Details

Keywords: Hack; Data Security; Small Business; Analytics and Data Science; Safety; Information Technology; Cybersecurity

Register to Read

01 Dec 2018
News

Preparing Our Students for a Changing World

participating in Israel: Startups and Venture Capital the experience of learning by doing in a country recognized globally as a tech hub. “I was fortunate to work with great teammates and an exciting partner —an automotive cybersecurity... View Details

October 2018
Case

Fundraising at St. Camillus Hospital

By: Srikant M. Datar and Caitlin N. Bowler

St. Camillus is a fictional non-profit hospital in rural Maine facing a serious budget deficit. As Director of Marketing, Victoria Stern is building a team to modernize the hospital fundraising efforts. An interview with a promising candidate, who is also a digital... View Details

Keywords: Data Analysis; Data Privacy; Data Governance; Non-profit; Health Care; Fundraising; Data Security; Analytics and Data Science; Safety; Governance; Ethics; Health Care and Treatment; Cybersecurity

Educators