Wednesday 2 May 2012



Case Study: Chapter 3

Trading Scandal at Society General

Questions to Consider:

1. Peter Gumble, European editor for Fortune magazine, comments, "Kerviel is a stunning example of a trader breaking the rules, but he's by no means alone. One of the dirty little secrets of trading floors around the world is that every so often, somebody is caught concealing a position and is quickly - and quietly - dismissed... [This] might be shocking for people unfamiliar with the macho, high-risk, high-reward culture of most trading floors, but consider this: the only way banks can tell who will turn into a good trader and who even the most junior traders to take aggressive positions. This leeway is supposed to be matched by careful controls, but clearly they aren't foolproof." What is your reaction to this statement by Mr. Gumble?

- In trading you should know the person or company that you are trading and know their backgrounds for you able to know if they are safe or not. Trading also Is a way of Dealing a person thing and know if it is in good condition to be trade.

2. What explanation can there be for the failure of SocGen's internal control system to detect Kerviel's transactions while Eurex detected many suspicious transactions?

Significant deficiencies in internal controls, unauthorized trading activities, computer hacking and the breach of trust involving a conscious effort by the rogue trader to deceive his managers were noticed. Jérôme Kerviel is accused of creating a huge loses by a single unauthorized trader in financial history. In the course of 2007 he made unauthorized trade worth € 30 bn. on European stock market futures, winning € 1.4 bn. by the end of the year. Having disguised the importance of his exposure, and earnings, with fictitious trades, he went on in January 2008 to make even bigger trades. The bank stated that he deliberately set out to lose money in 2008 to bring down the suspicious size of his 2007 earnings.

Source http://www.hg.org/article.asp?id=6028

Whistle-Blower Divides IT Security Community

Discussion Questions and Answers:

1. Do you think that Mike Lynn acted in a responsible manner? Why or Why not?

-For me Mike Lynn did not act responsible , because he lie on the people and just protect himself for him not to be fired from his work.

2. Do you think that Cisco and ISS were right to pul the plug on Lynn's presentation at the Black Hat conference? Why or why not?

-Yes, So that people will know the truth about the conference and what’s going on in that conference so that people will also have idea and opinion about it.

3. Outline a more reasonable approach toward communicating the flaw in the CIsco routers that would have led to the problem being promptly addressed without stirring up animosity among the parties involved.

In monitoring in regardless of the way ML was treated, I certainly hope you would have taken this corrective action. The threat is much greater now, if you don't take any new action to strengthen your systems (something you haven't done in the past), his new information MUST increase the overall risk.

Source: http://taosecurity.blogspot.com/2005/07/new-cisco-advisory-and-statements-i.html

Case Study: Chapter 4

Discussion Questions and Answer:

1. What type of security breaches of medical records are common today?

-For me Digital technology, which encompasses electronic mail, facsimile, and the Internet, is increasingly becoming the preferred means of maintaining and sharing medical records.

2. What measures are being taken by the government and private industry to safeguard EHRs?

-The measures are being taken by the government and private industry to safeguard EHR’s is to implement the health Insurance portability and accountability Act (HIPAA), commonly called the administrative simplification provisions, mandates the creation of standards to protect the confidentiality of electronic transactions within the healthcare system. The HIPAA Security Rule safeguards the confidentiality of electronic patient information. In implementing the Security Rule, the U.S. Department of Health and Human Services (HHS) regulated enforcement tasks to the Centers for Medical and Medicaid Services (CMS). CMS has the authority to interpret the provisions, conduct compliance review, and impose monetary penalties on organizations that do not comply with HIPAA security regulations. It recommends system features and practices that will help secure sensitive information in EHR’s and also begun auditing all the hospital to determine whether CMS reliance on complaints was sufficient to promote compliance with the HIPAA privacy provisions. This higher degree of control is thin the context of the electronic health record (EHR).


3. How do you think the implementation of ARRA will affect the privacy of our healthcare and personal data? What breaches do you foresee? How can they be forestalled?

-Base on that I have research , the ARRA have a good objectives in the community and the primary objective for ARRA was to save and create jobs almost immediately. Secondary objectives were to provide temporary relief programs for those most impacted by the recession and invest in infrastructure, education, health, and ‘green’ energy.

Discussion Questions and Answer: 

1. How does Google's business model use personal data?

Google is firmly committed to the privacy of our advertisers and users. [ While Google does add a cookie to a user's computer when he/she clicks on an ad, this cookie expires in 30 days, and Google does not associate a user's search activity with his/her ad click history. Further, Google does not collect or track personally identifying information, and does not reveal individual information to third parties. Users who do not wish to participate in tracking activities can easily disable Google's conversion tracking cookie in their Internet browser's user preferences settings. These users will not be included in your conversion tracking statistics. ]

Source: http://www.weegy.com/?ConversationId=DEE133EE

2. What do you think are the major privacy concerns raised by Google's business model and applications?

-The major privacy raised by Google’s business model and application is that there company is open for all the people who browse in it.

3. Do you think Google has taken adequate measures to protect its user's privacy? Explain your answer.

- For me NO , because google we all know that it has many information around us and reveal it in the public that browse in it,







Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)