Nicole's PhD related toHI-risk: A Socio-technical Method to Identify and Monitor Healthcare Information Security Risks in the information society, and its scope was:
Information security research was
traditionally based on the concept of containment, where information was kept safe
from outsiders within a secure perimeter. Yet, almost 60 years of evolution of
information security management has changed the perception of risk, and
nowadays it is necessary that information security risks are analysed from a
wider societal perspective. This is probably even more the case in modern
healthcare, which is perceived as a complex environment where technology, people,
scope of services, and environment cannot always be separated from each other,
and where it is difficult to define the boundaries of what is outside
(untrusted) or what is inside (trusted). Traditional risk analysis methods have not adapted to this modern perception, and only a little anecdotal evidence of the successful implementation of traditional risk management approaches in healthcare can be found in literature.
This thesis describes the HI-risk method for information security risk identification. The aim is to contribute to the existing information security risk analysis methods and to create an improved match to modern healthcare. It is based on the vision that information security risk analysis should include both human and societal factors, and that collaboration amongst organisations and experts is essential to improve knowledge about potential risks.
The HI-risk method creates new knowledge about information security risks, through a new approach, and which was designed following the rigorous process of data science . The empirical methods used to evaluate the method are qualitative and include a simulation (through an analysis of historical security incident data that was obtained from 117 organisations and expert elicitation through a Delphi study), along with an evaluation in a health care organization.
The method has potential to be further developed as a knowledge-based system or expert system, where security incident data from several organisations translate into overviews of potential risks, which are continuously moderated by an expert panel. This system could also be used: as a tool for managers to benchmark their organisations against others; to make security investment decisions; to learn from past incidents; and to provide input for policy makers.
Affiliate advertising is changing the way that people do business online. Retailers are now offering incentives to third-party publishers for advertising goods and services on their behalf in order to capture more of the market. Online advertising spending has already over taken that of traditional advertising in all other channels in the UK and is slated to do so worldwide as well. In this highly competitive industry, the livelihood of a publisher is intrinsically linked to their web site performance.
Understanding the strengths and weaknesses of a web site is fundamental to improving its quality and performance. However, the definition of performance may vary between different business sectors or even different sites in the same sector. In the affiliate advertising industry, the measure of performance is generally linked to the fulfilment of advertising campaign goals, which often equates to the ability to generate revenue or brand awareness for the retailer.
This thesis aims to explore the correlation of web site evaluation metrics to the business performance of a company within an affiliate advertising programme. In order to explore this correlation, an automated evaluation framework was built to examine a set of web sites from an active online advertising campaign. A purpose-built web crawler examined over 4,000 sites from the advertising campaign in approximately 260 hours gathering data to be used in the examination of URL similarity, URL relevance, search engine visibility, broken links, broken images and presence on a blacklist. The gathered data was used to calculate a score for each of the features which were then combined to create an overall HealthScore for each publishers. The evaluated metrics focus on the categories of domain and content analysis. From the performance data available, it was possible to calculate the business performance for the 234 active publishers using the number of sales and click-throughs they achieved.
When the HealthScores and performance data were compared, the HealthScore was able to predict the publisher’s performance with 59% accuracy.