Publication database

The report gives an overview on the current situation on cybersecurity and the political handling of that topic. It also recaps the goals and failures of the last four years and recommends action areas.

The paper summarizes the key elements of business strategies as well as corporate strategies and puts them together as a synchronized framework.

The report shows that a reporting of vulnerabilities used by the state for active measures is likely to have only a minor effect on the increase in overall technical IT security. On the other hand, the value of the work of the security authorities is in many cases considered high, due to the high tactical enablement against potential malicious actors. The demand of some, that state authorities should refrain from pro-actively exploiting vulnerabilities for active measures therefore does not seem to make much sense; the net effect in security would be negative. Nevertheless, processes can be introduced that allow a more precise assessment and an informed, accountable and cautious handling of offensively used vulnerabilities.

The healthcare industry is undergoing great technological transformations. Hospitals are going digital and medical devices – whether implanted in patients’ bodies or stationed in hospitals – are equipped with increasing computing power and wireless connectivity. Connected healthcare can offer safer, more efficient, and timely medical service delivery. It also presents great economic opportunities – according to a Roland Berger consultancy firm study, the digital healthcare market is set to grow at average annual growth rates of 21 percent until 2020. Yet, the integration of computing and communication technologies in safety-critical medical systems will expose them to the same network and information security (cyber security) threats as other information technology (IT) systems. Research and real-world incidents have shown that IT security risks in healthcare are systemic. Cyber attacks’ impact on the privacy of patient data has already been established. More recently, their potential impact on patient health and safety has been raising concerns for healthcare organizations, regulators, and medical device manufacturers alike. The management and governance of related risks requires comprehensive standardization, regulation, and best practices to encompass both IT security and safety. DSI has analyzed the convergence of safety and security risks in healthcare and the Internet of Things through a review of the relevant literature, as well as expert interviews and a workshop with representatives from health organizations, medical device manufacturers, IT security experts, safety engineers, regulators, and certification bodies. On this basis, DSI has developed recommendations for policy and industry, which are presented by this paper after a short analysis of the current status of security in connected healthcare.

Our current environment has been typified as Volatile, Uncertain, Complex and Ambiguous or VUCA (e.g., Bennett & Lemoine, 2014; Horney, Pasmore, & O'Shea, 2010) – even before largely unpredicted developments in the political arena such as Brexit and the US presidential election. It may be argued that organizations themselves become VUCA, witness the accelerating pace at which firms rise and fall (Govindarajan & Srivastava, 2016). In that context, more and more decisions may be analyzed as errors in the making, as errors refer to “unintended and potentially avoidable deviations from organizationally specified goals and standards&x201D; (Lei, Naveh, & Novikov, 2016: 2). Insofar as errors may challenge critical organizational goals and resources, strategic error management becomes a critical challenge for leaders including top executives. Errors are pervasive at all levels of organizations (Hunter, Tate, Dzieweczynski, & Bedell-Avers, 2011; Makary & Daniel, 2016; Panko, 2008), and as we are shifting from managing stable operations to managing innovation and change, errors come in increasing numbers and kinds, with opportunities to learn from them. Errors can no longer be avoided by enforcing stability on organizations; instead, they must be managed as part of the innovation, growth, learning, and change process. This thought- provoking symposium brings together international scholars who share the idea that research on organizational errors and error management may provide insights and inform leaders at the strategic level. Our panelists will offer conclusions from recent research that will interest both scholars and practitioners in this under-explored area, and spark a debate on how to better detect, report and ultimately manage errors, for the benefit of not only organizations themselves, but also hopefully the society at large."

With permission of the Academy of Management

This paper develops a new suggestion on how to break the sovereign-bank nexus. This nexus, which is due to significant holdings of domestic sovereign debt by Euro zone banks, endangers financial stability. Our suggestion does not involve pooling and/or tranching and is fully consistent with standard Basel capital requirements. At the same time, it does not require capital provision for sovereign portfolios held as collateral for liquidity operations with the lender of last resort (LOLR). Rather, it differentiates between the purpose of collateral for LOLR liquidity operations and the individual investment decision of which sovereign debt to hold. In this way, our methodology is market-driven and can foster financial integration in Europe.