Professor, Information Systems, Pepperdine University
Charla Griffy-Brown is currently Professor of Information Systems at Pepperdine University’s Graziadio School of Business and Management. She is also the Editor-in-Chief of Technology in Society, an International journal published by Elsevier.
Dr. Griffy-Brown is an accomplished multi-disciplined leader with 15 plus years of experience helping executives, boards and organizations to leverage new opportunities in business process redesign, digital innovation and information security to achieve their strategic objectives. Her most recent work with executives and corporate boards includes user-behavior analytics and a risk-based approach to information security and strategic planning.
She has conducted research at companies such as Honda, Hilton Hotels and Pratt-Whitney Rocketdyne/Boeing as well as public and private companies throughout the Asia-Pacific region. She has published widely including the Journal of Information Technology Management, Technovation and Technology Forecasting and Social Change.
Research Workshop: Privacy and Security
Sunday, 15 January 2017
Cyber criminals and online criminal gangs have two things in common: they are malicious actors and they have new business models. Today's cyber criminals are well organized and business savvy. They combine social engineering, viruses, trojans and spyware with sophisticated profit models, business plans and organization. There are several questions that we must try and understand in order to effectively manage risk for firms who increasingly have to protect an environment without a perimeter: What are the emerging cybercriminal business models and how easy are they to set up? Through which channels are cyber criminals generating revenues and who is receiving this money, eventually?
This paper will attempt to shed some light on these questions using qualitative and quantitative methodology exploring recent cases. This paper will also share how using a risk-based approach and user behavior analytics creates a methodology and repeatable process for business leaders to address these growing concerns. Importantly, risk increases and the ability to respond is compromised without clearer insight into the revenue generating schemes behind cyber-attacks.