Guest lecture to UKZN 2014 MBA Class : Security & Ethics

Justin   |   No Comments » Posted on August 24, 2014

In this past week I once again had the pleasure of speaking with the UKZN MBA Class. It is always a pleasure to speak to a large group of some of the brightest minds in KZN. Unlike other presentations, these sessions are normally quite interactive and the class willing to share their ideas, experiences and questions.

What stands out for me in this set of discussions were three key diversions.

1. Bank fraud, and the divergence in opinions between the bank representatives and victims (customers)

There is always a lot of interest in, and debate over on-line frauds as they affect individuals. We all know someone, if not ourselves, who has been hit through some kind of bank fraud. In the class were a number of (un-named) employees of various (nameless) banks. They were adamant that the banks do their utmost to refund their customers in the event of frauds. The victims, however, had a polar opposite view and experience. They contended that the banks make it difficult to get your money back, denying, obstructing and delaying in the process while the victim suffers through no having access to the affected funds. For a bank dealing with hundreds of thousands of affected customers and millions in losses, a month may be a short period to resolve such an incident. For a victim needing access to their funds, a month is a payday away and that money could mean the difference between being able to pay your bills or defaulting.

2. Online identities (and password management)

Online identities are increasingly becoming integrated with your professional life. When being hired more and more organisations scan these to see whether they wish to employ you. Whether this is done as part of the background checks (for which prospective employees normally sign permission) or through other means varies. However, needing to take control of and responsibility for your on-line identity is important. Also don’t forget about your children. They may not yet comprehend the gravity of the situation, and could be creating a fun-filled but wholly undesirable persona that they come to regret later in life when they join the job market and are unable to control or erase their past sharings.

Related to this discussion was the age old one of passwords and password re-use. The dangers of password re-use were discussed in detail with some schemes for password protection. The example of people using the same password across all on-line services, and then having the local camera club hacked, with usernames and passwords being revealed and then those same passwords being used to log into gmail, a facebook “I lost my password” event resulting in the password being mailed to gmail, and very quickly the entire on-line identity can be stolen.

Some tips :  Use different passwords on-line, and at very least don’t use your primary mail account password anywhere else. It is better to use a password manager on your mobile (LastPass, Blackberry password keeper etc) then to re-use passwords. Also don’t use your phone address book to store passwords or bank pins and account numbers. If you use an iPhone or Android phone then this information is generally synchronised to the cloud, so when that Gmail account is hacked they also have all of your phone book without you ever knowing.

3. Return to old school

There was a comment / view put forward that with all of the information security breaches and discoveries of organisations and nation states lying to citizens about what is happening in this space that it would be better to return to the (golden) “olden days” . While that may appear to be the case, memory can be a strange thing. We often remember the good and forget the bad. Not so many years ago when cheques were still in common use cheque fraud was rife. The banks didnt like to disclose information on fraud (and still don’t) but some of the stats I remember seeing flashed up at fraud conferences indicate that the fraud we are seeing now is just a fraction of what was experienced at the peak of cheque fraud. Social media and the online information era just increase the level and speed of information sharing. The fewer incidents that happen now are just more widely reported and shared then ever before. Instances of misrepresentation and abuse by companies(and countries) are now more widely shared and reported, what is not clear is whether the actual occurrences are on the rise or just more visible.

We cannot go back in time, we need to move with the times. That said a dose of healthy skepticism in all we are doing can only be a good thing. Ask questions until your are satisfied with the answers. You may choose to trust, but trust and verify, don’t trust blindly.

Finally

Embedded below is a link to download the slides. Thanks for attending the sessions and for participating.  Feel free to drop me any questions you may have (or leave them here).

Information Security and Ethics 2014 August 2014

 

Thanks Andrew for the invitation and facilitating the discussion.

 

Written by Justin Durban, Privacy, Security   |   Tags: , , , , , ,

UKZN MBA presentation 8th August 2013 : Information Security & Ethics

Justin   |   No Comments » Posted on August 11, 2013

On Thursday the 8th August 2013 I was once again privileged to be the guest lecturer for the UKZN MBA programme. Despite Friday being a holiday and the start of the long weekend there was a great turnout. Thanks to all the students for all your questions and contributing to making it an entertaining session.

Below is the link to the slides. Please feel free to contact me if you have an questions or would like to discuss the subject further.

security and ethics UKZN MBA August 2013

Written by Justin Durban, Security   |   Tags: , , , , ,

Award winning presentation on director interlocks on the JSE (SAAA conference June 2013)

Justin   |   No Comments » Posted on July 14, 2013

 

SAAA biennial conference logo

My MBA dissertation was entitled “An analysis of director interlocks on the JSE -with reference to the top 40 listed companies” and took me quite some years to complete. There were complexities of having to collect all my own data due to inaccuracies in the CIPC database, having to relearn that matrix mathematics that I thought I would never use again after first year university 20 years ago, then figure out how all these analytical tools work.

During the completion process a few people commented that the only people who would ever read the document would be my supervisor and the two examiners (and even then I would be operating on faith). After all the work I had put in this was quite disheartening. When Leo Deodutt (my supervisor) suggested that we create a paper from the dissertation and submit it for the Southern African Accounting Association Biennial Conference to be held in Cape Town in June I jumped at the chance. What an opportunity to get the message out. Leo did a lot of hard work to cut down the dissertation to a 20 page paper, and in the process we had to restrict the paper to just one of the research questions covered in the dissertation. When the comments came back from the blind peer reviewer there was a nomination for best paper award, which was most gratifying. What an honour just to be nominated.

The presentation itself was again a challenge: to try to fit into 20m what took years to research, and to try to simplify the complexities and distil the message to one that can easily be conveyed to a broad audience. In the end this was achieved and the final presentation is attached. Leo is looking for opportunities to further present the work, and it is likely that we will present again at UKZN in the coming months. Mail me if you have ideas of appropriate forums who may be interested.

The day after the presentation I was absolutely thrilled to discover that we did indeed win the best paper award. I am pretty sure I didn’t stop smiling for a week. Thanks to Leo for all his hard work in making this happen.

Enjoy the presentation and leave any questions in the comments or drop me a mail.

Justin

Download a copy of the presentation :  SAAA conference June 2013 – director interlocks on the JSE final

 

Written by Justin Research   |   Tags: , , , , , , ,

Security and Ethics presentation UKZN MBA Class 2012

Justin   |   3 Comments » Posted on August 19, 2012

Friday night (17 August 2012) I had the privilege presenting to the University of KwaZulu Natal 2012 MBA Class on information security. Given it was a Friday night the attendance was relatively small but it was good to see that the majority of the class stayed for the 2 hours we had together. Some interesting and insightful questions was raised and discussed. It is good to see people “get it”.

The presentation is attached for those who are interested. Get it here: security and ethics 2012 UKZN MBA Aug 2012 (updated)

Update 2012/09/12 : Apologies, the previous PDF was corrupted somehow. It has been re-uploaded and checked.  

Written by Justin Durban, Security   |   Tags: , , , , ,

MBA 3rd year student research : Employee Attitudes towards Employment Equity survey : Please assist

Justin   |   2 Comments » Posted on July 14, 2011

Please assist an MBA student complete their research by filling in the questionnaire below. Thanks.

Dear all,

I am a 3rd year MBA student at UKZN  Graduate School of Business. I would like to invite you to participate in my survey entitled “Employee Attitudes towards Employment Equity” by clicking on the link below: http://questionpro.com/t/AGjDrZKycO

Your participation in this regard will be greatly appreciated.

Thank you, Zithulele Buthelezi

Written by Justin Research   |   Tags: , , ,

Help out an MBA student by completing questionnaire on Phishing

Justin   |   1 Comment » Posted on July 23, 2010

I, RAJAN MUNIEN, an MBA student, at the Graduate School of Business, University of Kwazulu-Natal, hereby invite you to participate in a research project entitled “Internet Phishing – Hook, Line and Hopefully not Sunk…” The aim of this study is to gain a better understanding about online user’s awareness to the problem of Internet Phishing (IP). Through your participation I hope to determine the level of awareness amongst users and to present a strategy in creating further awareness on the problem. The results are intended to contribute towards implementing an awareness programme that will prevent further users from becoming victims to the threat of Internet Phishing. Your participation in this project is voluntary. You may refuse to participate or withdraw from the project at any time with no negative consequence. There will be no monetary gain from participating in this survey group. Confidentiality and anonymity of records identifying you as a participant will be maintained by the Graduate School of Business, UKZN.

If you agree to the above and want to proceed to the questionnaire, please click on the link below. This survey will take you approximately 10 minutes to complete.

http://internetphishing.questionpro.com

If you have questions at any time about the survey or the procedures, you may contact the author hereunder:
Rajan Munien, Cell : 084 – 5800 176, email : rajan.munien@gmail.com

Written by Justin Privacy, Research, Security   |   Tags: , , , ,

Paying the rent

Close block

Paying that rent

Close block

Post history

Close block
July 2015
S M T W T F S
« Jun    
 1234
567891011
12131415161718
19202122232425
262728293031  
%d bloggers like this: