Case - Guiding Principles and Grading Criteria
Your paper must be written in a manner consistent with graduate-level writing (grammar, spelling, organization, etc.). Moreover, your literature review portion for this assignment must be an analysis. A summary or description is not an analysis. An analysis has a summary and description, but it goes further. When you do an analysis, you first describe in your own words what you read (from the article[s]), and then you explain why it is and what you conclude from it. A description is the "what" of the paper. An analysis is an explanation of the "why" of the paper. You should conclude with ideas about "what needs to be done" based on the analysis.
What do I mean by an analysis? A summary is not an analysis. An analysis has a summary, but it goes further. When you do an analysis, you first describe in your own words what you read (from the case and your supporting articles), then you draw conclusions and explain why it is and what to do about it. Therefore:
- A description is the "what" of the paper.
- An explanation is the "why" of the paper.
- Then an analysis draws upon the above for conclusions and states: "what needs to be done."
Theory and logic are what EXPLAIN a phenomenon. Hence, you need to draw upon theory and logic (inductive and/or deductive) to explain why a thing is the way it is. Thus, after you describe in your own words the problem you are addressing, you should draw from theory or empiricism to explicate the reasons for why it is the way it is, then you would conclude by stating what needs to be done based on the "what" and the "why."
Please note that no plagiarism will be tolerated. All sources must be referenced, and no verbatim copies are allowed with the exception of a single sentence quote, which must be properly cited according to the APA guidelines, or there will be consequences.
Now, some people think that how professors grade case studies is completely subjective (and even arbitrary). However, skilled graders of case studies use logic as the basis for their assessments (or at least I do!).
Many people associate logic with computers, but logic also has everyday uses; in fact we use logic when we write formal argumentation (such as in a case study). Indeed, logic is defined as the science that evaluates arguments, and it forms the basis of face validity of papers we write, such as proposals and recommendations. Face validity means that premises are connected with conclusions in such a way as to create a "warrant," which is a fully justified (and logical) argument.
With deductive logic, true premises necessarily lead to a true conclusion (e.g. all circles are round). With inductive logic, true premises lead to a probably true conclusion because it is based on valid previous experience, for example; because all previous automobiles I have ridden in have used gasoline, the next automobile will I ride in will probably use gasoline (but I know about the electric powered Tesla).
This "probably" often means using statistics -such as, if I flip a coin, the odds are that I will get either heads (50%) or tails (50%) - but if you flip a coin 10 times, you might get 3 heads and 7 tails. Or, since 10 of 15 students who took the midterm got an "A", probably 10 of 15 students will get an "A" on the final.
The assumption is probably but not necessarily true.
On the other hand, if I wrote the following syllogism with premises leading to the conclusion thus: All wines are beverages. Chardonnay is a wine. Therefore chardonnay is a beverage: this is a valid deductive assertion.
In most of our work, though, most of what we will write will be inductive. For example, we are more likely to see something like the following argument:
"Not all successful social engineering episodes result from duplicity; some people willingly give up sensitive information in spite of their awareness of the pervasive threats. For example, while people generally state that they are concerned about information security and privacy, and even claim that they are willing to pay a fee to protect their personal information, in many cases they are willing to trade-off privacy for convenience, or even bargain the release of very personal information in exchange of relatively small rewards."
And because these assertions are inductive, in formal (research) literature, we see citations of other theory or studies to back up the claims, e.g.:
"Not all successful social engineering episodes result from duplicity; some people willingly give up sensitive information in spite of their awareness of the pervasive threats (Calluzzo & Cante, 2004)." ...
Now, when writing for business or school, use a moderately formal style and never use a colloquial style in these venues (unless you are told to do so).
You can make your formal writing more engaging and personal by writing first person, active voice, yet still formally. Consider the following three examples. You must pick one of the latter two styles and stick with it throughout the paper:
Colloquial (NEVER USE THIS): There's lots of reasons why conflict at work is bad, so I'm not going to give any more details since you already can read them for yourself.
Formal, first person, active voice (closer distance): You have read many reasons for why group conflict can be bad; thus there is no reason for me to elaborate.
Formal, third person, passive-voice (further distance): Many reasons have been postulated for why group conflict can be dysfunctional; therefore it is unnecessary to elaborate. CASE Background
The ability to spread information (and misinformation) over the Internet has become accompanied by the growing pattern of cyber harassment by trolls and bloggers who fabricate stories to try to promote themselves, or intimidate, defame, or interfere with other people's legitimate ventures for their own self-serving interests. We have seen these problems in harassment of school-aged children mainly, but there is a growing trend to use the Internet for harassing or defaming adults, and even companies.
Cyber harassment can evolve and become manifest through a series of escalations. A difficulty for victims is in determining appropriate responses during the escalation given that it can unfold quickly into an attack even despite the best attempts to placate the attacker. As a mitigating strategy, one may conceptualize this as a type of social engineering problem.
Social engineering has typically been associated with acquiring information for the purpose of committing fraud and other thefts. However, with the rise of the social networking phenomenon, this form of social engineering has flourished and is analogous to a denial of service attack in computer security because rather than trying to gain information, these kinds of attacks disseminate misleading or
false information to damage their targets and prevent them from conducting business.This form of social engineering attack may even function as an act of extortion because for the most part it leaves the victim in the position of having pursue the issue on his/her own through expensive civil litigation for defamation, harassment, or tort interference, or it may be difficult if even possible to pursue, such as when the attacks originate from abroad. Consequently, and out of fear of further attacks, victims often refrain from taking defensive actions (implying acquiescence to the fabrication), or comply with demands, or they try to placate the attacker by sycophancy and hence in essence unwittingly become complicit in subsequent attacks on others by fueling their motives. Given this grounding, consider the case study below, and then make recommendations to address it according to the instructions that will follow (keep in mind what you read about defamation versus SLAPP).
CASE Scenario
As both technologies and social media advance, there are many opportunities for companies to make an impact (positive or negative) on the marketplace and in the lives of people, but a lot rides on what is said in social media. T. Friedman and others like him have stated that the Internet democratizes the conversation, but he (and those others) noted by Friedman and his book "The World is Flat" is (in our opinion) just plain FLAT Wrong!
Reasoning: there are ways various people can dominate Internet conversations. People with a lot of money can create many Websites and cross link them, and promote them. People can post things on high-traffic Websites to raise visibility in search engines; people can use promotion utilities (or companies that do promotions) to get a better position (e.g. pay-per-click on page 1 of a Google search); people can post across Websites and cross-list them to other Websites; in other words, there are many, many ways to dominate the Internet conversation. The Internet is anything BUT democratic!
Given this assertion, we start here by noting that there are numerous accounts of very innovative products that have been destroyed by "bad press" or that were somehow associated with unrelated bad-press. Now, companies are facing major problems relative to their brands that are tarnished by people with "an axe to grind" using social media. This is the basis of our case study that we present to you. We ask that you consider both sides of the argument in the case presented as follows...
The Gist: The EZ Company had produced a new information integration and visualization technology, and they had begun negotiation for a sale of their company to a savvy suitor. The product had been sold to many domain knowledge experts in several multi-billion dollar companies worldwide and to several US government agencies, all of whom had carefully inspected the technology and considered their returns on investment.
The Problem: However, the prospective suitor told the board of directors of EZ that the valuation of the company had been diminished as the result of "attacks" by a single blogger using many self-promoting web pages and on trash talk blogs in which the attacker proclaimed himself: "an expert in information visualization."
It is important to note for this case that the blogger had completed no formal education in the field (in fact only had degree in religious studies and communications), nor had he published any original reviewed scholarly research; yet in an apparent grudge that began years earlier in a dispute with some of the company principals, the blogger dogmatically attacked EZ along with people associated with EZ, their customers, and even against researchers who he claimed were vested in EZ because they had published favorable original studies on the information visualization method and technology. In one high-traffic blog, the attacker wrote the following false information: The paper published by a professor named Dr. Sobar showing improved understanding of the data using the EZ product is because Dr. Sobar is employed by EZ and is biased so that she can line her own pockets. I have tested EZ myself, and it does NOT work. EZ continues to pay lots of money to Sobar, the Gartner Group and other industry promoters so that they place high in their quadrants, but my own assessment shows their product to be a sham, and professors such as Dr.
Sobar are liars for their own gain.
-Along with posts to many social media outlets with 1 star (and Thumbs Down) ratings...
Situation and What to do?
Now, for the purpose of this case, note that the blogger took out of context bits of personal email messages sent to him by some of his victims who made attempts to be conciliatory, to clarify, and point out some of his incorrect statements; and the he manipulated them and distributed the fabrication in a "newsletter" and posted it online with his stated intention to prevent the company from selling its product. Nevertheless, several independent studies by a myriad of investigators, and several directors of research and development from Fortune 10 companies had studied and purchased the product.
However, the relentless onslaught from social media by the attacker served to doom EZ from reaching its potential. What to do? You shall assume the role of "expert" and provide professional advice.
Tasks
1. Drawing upon what you have read in your textbook about managing security behaviors, the additional readings and materials you have been given, and doing additional secondary research about the subject (which be sure to cite fully using APA format), develop an overall assessment of what you think are this attacker's motives. (Note: a useful analog resource might be to look up on the Web about the Honeynet Project - Why People Attack Computer Systems).
2. Based on these motivational assumptions, develop an analysis of the problem (who, what, where, and why -fully justified).
3. From the previous premises, develop a sophisticated solution or set of recommendations, written professionally (something you might provide to this client, your boss, or maybe publish in a news article -that particular style is up to you, but key is professional).