Cyber insurance of information systems: Security and privacy cyber insurance contracts for ICT and helathcare organizations

Nowadays, more-and-more aspects of our daily activities are digitalized. Data and assets in the cyber-space, both for individuals and organizations, must be safeguarded. Thus, the insurance sector must face the challenge of digital transformation in the 5G era with the right set of tools. In this paper, we present CyberSure-an insurance framework for information systems. CyberSure investigates the interplay between certification, risk management, and insurance of cyber processes. It promotes continuous monitoring as the new building block for cyber insurance in order to overcome the current obstacles of identifying in real-time contractual violations by the insured party and receiving early warning notifications prior the violation. Lightweight monitoring modules capture the status of the operating components and send data to the CyberSure backend system which performs the core decision making. Therefore, an insured system is certified dynamically, with the risk and insurance perspectives being evaluated at runtime as the system operation evolves. As new data become available, the risk management and the insurance policies are adjusted and fine-tuned. When an incident occurs, the insurance company possesses adequate information to assess the situation fast, estimate accurately the level of a potential loss, and decrease the required period for compensating the insured customer. The framework is applied in the ICT and healthcare domains, assessing the system of medium-size organizations. GDPR implications are also considered with the overall setting being effective and scalable

New Ideas to Help the Aquino Administration Achieve its Health Agenda

One of the inaugural commitments made by the Philippines` new administration is the provision of quality and affordable health care for each and every Filipino. To achieve this, a strategic health agenda is needed. This Policy Note offers a few new ideas that may help the administration achieve its health agenda.health sector, health care, health insurance, hospitals, health care financing, Philippines, health

Software-Defined Cloud Computing: Architectural Elements and Open Challenges

The variety of existing cloud services creates a challenge for service providers to enforce reasonable Software Level Agreements (SLA) stating the Quality of Service (QoS) and penalties in case QoS is not achieved. To avoid such penalties at the same time that the infrastructure operates with minimum energy and resource wastage, constant monitoring and adaptation of the infrastructure is needed. We refer to Software-Defined Cloud Computing, or simply Software-Defined Clouds (SDC), as an approach for automating the process of optimal cloud configuration by extending virtualization concept to all resources in a data center. An SDC enables easy reconfiguration and adaptation of physical resources in a cloud infrastructure, to better accommodate the demand on QoS through a software that can describe and manage various aspects comprising the cloud environment. In this paper, we present an architecture for SDCs on data centers with emphasis on mobile cloud applications. We present an evaluation, showcasing the potential of SDC in two use cases-QoS-aware bandwidth allocation and bandwidth-aware, energy-efficient VM placement-and discuss the research challenges and opportunities in this emerging area.Comment: Keynote Paper, 3rd International Conference on Advances in Computing, Communications and Informatics (ICACCI 2014), September 24-27, 2014, Delhi, Indi

EFFICIENT AND FLEXIBLE MANAGEMENT OF ENTERPRISE INFORMATION SYSTEMS

The growing awareness of the substantial environmental footprint of Information System has increasingly focused corporate transformation efforts on the efficient usage of Information Technology. In this context, we provide a new concept to enterprise IS operation and introduce a novel adaptation framework that harmonizes operational requirements with efficiency goals. We concretely target elastic n-tier applications with dynamic on-demand resource provisioning for component servers and implement an adaptation engine prototype. Our framework forecasts future user behavior, analyzes the impact of workload on system performance, evaluates the economic impact of different provisioning strategies, and derives an optimal operation strategy. More generally, our adaptation engine optimizes IT system operation based on a holistic evaluation of the key factors of influence. In the evaluation, we systematically investigate practicability, optimization potential, as well as effectiveness. Additionally, we show that our framework allows flexible IS operation with up to a 40 percent lower cost of operation

IT GOVERNANCE AND BUSINESS CORPORATE STRATEGY – BASED ON EMBEDDING THE PROGRAM AND PROJECT MANAGEMENT WITH THE IT&C VALUE CHAIN

This paper presents the key concepts related to the current process of IT Governance in modern corporations. The first part addresses the definitions of IT Governance and its life-cycle model, the covered strategic areas and the effective governance management ways, the IT value management for ensuring value delivery, and the IT value chain based on projects and programs together with the organizational value of the IT&C programs and projects. The second part deals with the IT value chain based on operations, the strategic-factors of success and the services delivery chain, the value chain management and the contribution measurement to the organizational business, with a final presentation of practical applicability of the mobile value chain to the 3G mobile communication services. Recent IT&C and corporate strategic management field references bring an additional support to the paper value.IT Governance