‘We should change ourselves, but we can’t’: accounts of food and eating practices amongst British Pakistanis and Indians with type 2 diabetes

Objective(s). To look at food and eating practices from the perspectives of Pakistanis and Indians with type 2 diabetes, their perceptions of the barriers and facilitators to dietary change, and the social and cultural factors informing their accounts.

Method. Qualitative, interview study involving 23 Pakistanis and nine Indians with type 2 diabetes. Respondents were interviewed in their first language (Punjabi or English) by a bilingual researcher. Data collection and analysis took place concurrently with issues identified in early interviews being used to inform areas of investigation in later ones.

Results. Despite considerable diversity in the dietary advice received, respondents offered similar accounts of their food and eating practices following diagnosis. Most had continued to consume South Asian foods, especially in the evenings, despite their perceived concerns that these foods could be 'dangerous' and detrimental to their diabetes control. Respondents described such foods as 'strength-giving', and highlighted a cultural expectation to participate in acts of commensality with family/community members. Male respondents often reported limited input into food preparation. Many respondents attempted to balance the perceived risks of eating South Asian foodstuffs against those of alienating themselves from their culture and community by eating such foods in smaller amounts. This strategy could lead to a lack of satiation and is not recommended in current dietary guidelines.

Conclusions. Perceptions that South Asian foodstuffs necessarily comprise 'risky' options need to be tackled amongst patients and possibly their healthcare providers. To enable Indians and Pakistanis to manage their diabetes and identity simultaneously, guidelines should promote changes which work with their current food practices and preferences; specifically through lower fat recipes for commonly consumed dishes. Information and advice should be targeted at those responsible for food preparation, not just the person with diabetes. Community initiatives, emphasising the importance of healthy eating, are also needed.

The ascent of asymmetric risk in information security: an initial evaluation

Dramatic changes in the information security risk landscape over several decades have not yet been matched by similar changes in organizational information security which is still mainly based on a mindset that security is achieved through extensive preventive controls. As a result, maintenance cost of information security is increasing rapidly, but this increased expenditure has not really made an attack more difficult. The opposite seems to be true, information security attacks have become easier to perpetrate and appear more like information warfare tactics. At the same time, the damage caused by a successful attack has increased significantly and may sometimes become critical to an organization. In this paper we evaluate one particular extremely asymmetric risk where a strongly motivated attacker unleashes a prolonged attack on an organization with the aim to do maximum damage, and suggest that the probability of such an attack is increasing. We discuss how preventive controls are unlikely to ever be effective against such an attack and propose more advanced strategies that aim to limit the damage when such an attack occurs. One crucial lesson to be learned for those organizations that are dependant on their information security, such as critical infrastructure organizations, is the need to deny motivated attackers access to any information about the success of their attack. Successful deception in this area is likely to significantly reduce any potential escalation of the incident.

Undergraduate public relations education in Malaysia : a case study

Public relations worldwide often restricts itself to the bounds of an American context. This thesis argues that Malaysian public relations education and its professional practice should create its own unique model of public relations education and its professional practice due to its differences in politics, culture and the media environment.

Hypertension induced by ω-3 polyunsaturated fatty acid deficiency is alleviated by α-linolenic acid regardless of dietary source

Ω-3 polyunsaturated fatty acid deficiency, particularly during the prenatal period, can cause hypertension in later life. This study examined the effect of different sources of α-linolenic acid (canola oil or flaxseed oil) in the prevention of hypertension and other metabolic symptoms induced by an ω-3 fatty acid-deficient diet. Dams were provided one of three experimental diets from 1 week before mating. Diets were either deficient (10% safflower oil-DEF) or sufficient (7% safflower oil+3% flaxseed oil-SUF-F; or 10% canola oil-SUF-C) in ω-3 fatty acids. The male offspring were continued on the maternal diet from weaning for the duration of the study. Body weight, ingestive behaviors, blood pressure, body composition, metabolic rate, plasma leptin and brain fatty acids were all assessed. The DEF animals were hypertensive at 24 weeks of age compared with SUF-F or SUF-C animals; this was not evident at 12 weeks. These results suggest that different sources of ALA are effective in preventing hypertension related to ω-3 fatty acid deficiency. However, there were other marked differences between the DEF and, in particular, the SUF-C phenotype including lowered body weight, adiposity, leptin and food intake in SUF-C animals. SUF-F animals also had lower, but less marked reductions in adiposity and leptin compared with DEF animals. The differences observed between DEF, SUF-F and SUF-C phenotypes indicate that body fat and leptin may be involved in ω-3 fatty acid deficiency hypertension.

Information security governance : when compliance becomes more important than security

Current security governance is often based on a centralized decision making model and still uses an ineffective 20th century risk management approach to security. This approach is relatively simple to manage since it needs almost no security governance below the top enterprise level where most decisions are made. However, while there is a role for more corporate governance, new regulations, and improved codes of best practice to address current weak organizational security practices, this may not be sufficient in the current dynamic security environment. Organizational information security must adapt to changing conditions by extending security governance to middle management as well as system/network administrators. Unfortunately the lack of clear business security objectives and strategies at the business unit level is likely to result in a compliance culture, where those responsible for implementing information security are more interested in complying with organizational standards and policies than improving security itself.

Factors influencing the implementation of information systems security strategies in organisations

Many organizations still rely on deterrence to control insider threats and on purely preventive strategies to control outsider threats. Such a simple approach to organizational information security is no longer viable given the increasing operational sophistication of current security threat agents and the complexity of information technology infrastructure. Effective implementation of security requires organizations to select a combination of strategies that work in tandem and best suits their security situation. This paper addresses the identification and classification of factors that influence implementation of security strategies in organizations. In this paper, we develop a preliminary architecture that aims to assist organizations in deciding how strategies can be designed to complement each other to improve the cost-effectiveness of security.

Getting the real-time precise round-trip time for stepping stone detection

Stepping stone attacks are often used by network intruders to hide their identities. The Round Trip Times (RTT) between the send packets and corresponding echo packets for the connection chains of stepping stones are critical for detecting such attacks. In this paper, we propose a novel real-time RTT getting algorithm for stepping stones which is based on the estimation of the current RTT value. Our experiments show that it is far more precise than the previous real-time RTT getting algorithms. We also present the probability analysis which shows that our algorithm has a high matching rate and a high accurate rate.

CALD : surviving various application-layer DDoS attacks that mimic flash crowd

Distributed denial of service (DDoS) attack is a continuous critical threat to the Internet. Derived from the low layers, new application-layer-based DDoS attacks utilizing legitimate HTTP requests to overwhelm victim resources are more undetectable. The case may be more serious when suchattacks mimic or occur during the flash crowd event of a popular Website. In this paper, we present the design and implementation of CALD, an architectural extension to protect Web servers against various DDoS attacks that masquerade as flash crowds. CALD provides real-time detection using mess tests but is different from other systems that use resembling methods. First, CALD uses a front-end sensor to monitor thetraffic that may contain various DDoS attacks or flash crowds. Intense pulse in the traffic means possible existence of anomalies because this is the basic property of DDoS attacks and flash crowds. Once abnormal traffic is identified, the sensor sends ATTENTION signal to activate the attack detection module. Second, CALD dynamically records the average frequency of each source IP and check the total mess extent. Theoretically, the mess extent of DDoS attacks is larger than the one of flash crowds. Thus, with some parameters from the attack detection module, the filter is capable of letting the legitimate requests through but the attack traffic stopped. Third, CALD may divide the security modules away from the Web servers. As a result, it keeps maximum performance on the kernel web services, regardless of the harassment from DDoS. In the experiments, the records from www.sina.com and www.taobao.com have proved the value of CALD.

An integrated management systems approach to corporate sustainability

Purpose – This paper seeks to describe an integrated management systems (IMS) approach for the integration of corporate sustainability into business processes.
Design/methodology/approach – An extensive review of published literature was conducted. Building on existing research, the paper presents an original framework for structuring the integration of corporate sustainability with existing business infrastructure. The framework is supported by a detailed set of diagnostic questions to help guide the process. Both the framework and the diagnostic questions are based on the “Plan-Do-Check-Act” cycle of continuous improvement.
Findings – The paper highlights the need for a systematic means to integrate sustainability into business processes. Building on that point, the paper illustrates how an IMS approach can be used to structure the entire process of managing, measuring, and assessing progress towards corporate sustainability.
Practical implications – The paper should be of interest to both practitioners and researchers. The framework and diagnostic questions will help guide decision makers through the process of building sustainability into their core business infrastructure. Since the framework and diagnostic questions provide the flexibility to accommodate specific organizational contexts, it is anticipated that they will have wide applicability.
Originality/value – The paper makes several contributions. The framework provides a systematic approach to corporate sustainability that has not been elaborated on in previous publications. The unique set of diagnostic questions provides a means to evaluate the extent to which corporate sustainability has been integrated into an organization.

Towards a knowledge perspective in information security risk assessments - an illustrative case study

Many methodologies exist to assess the security risks associated with unauthorized leakage, modification and interruption of information for a given organisation. We argue that the traditional orientation of these methodologies, towards the identification and assessment of technical information assets, obscures key risks associated with the cultivation and deployment of organisational knowledge. Our argument is developed through an illustrative case study in which a well-documented methodology is applied to a complex data back-up process. This process is seen to depend, in subtle and often informal ways, on knowledge to sustain operational complexity, handle exceptions and make frequent interventions. Although typical information security methodologies identify people as critical assets, we suggest a new approach might draw on more detailed accounts of individual knowledge, collective knowledge, and their relationship to organisational processes. Drawing on the knowledge management literature, we suggest mechanisms to incorporate these knowledge-based considerations into the scope of information security risk methodologies.

Incorporating a knowledge perspective into security risk assessments

Purpose – Many methodologies exist to assess the security risks associated with unauthorized leakage, modification and interruption of information used by organisations. This paper argues that these methodologies have a traditional orientation towards the identification and assessment of technical information assets. This obscures key risks associated with the cultivation and deployment of organisational knowledge. The purpose of this paper is to explore how security risk assessment methods can more effectively identify and treat the knowledge associated with business processes.

Design/methodology/approach – The argument was developed through an illustrative case study in which a well-documented traditional methodology is applied to a complex data backup process. Follow-up interviews were conducted with the organisation’s security managers to explore the results of the assessment and the nature of knowledge “assets” within a business process.

Findings – It was discovered that the backup process depended, in subtle and often informal ways, on tacit knowledge to sustain operational complexity, handle exceptions and make frequent interventions. Although typical information security methodologies identify people as critical assets, this study suggests a new approach might draw on more detailed accounts of individual knowledge, collective knowledge and their relationship to organisational processes.

Originality/value – Drawing on the knowledge management literature, the paper suggests mechanisms to incorporate these knowledge-based considerations into the scope of information security risk methodologies. A knowledge protection model is presented as a result of this research. This model outlines ways in which organisations can effectively identify and treat risks around process knowledge critical to the business.

Does government linked companies (GLCs) perform better than non-GLCs? Evidence from Malaysian listed companies

The purpose of this paper is to examine the impact of an alternative ownership/control structure of corporate governance on firm performance. Specifically, we investigated the governance system of government linked companied (GLCs) in Malaysia. In this paper, we examine governance mechanism and firm performance of Malaysian GLCs and non-GLCs over a 11 year period from 1995 to 2005. We only select a sample of companies which are listed in Main Board. We chose a sample of 210 firms. We used Tobin’s Q which is an indicator of market performance is used as a proxy for company’s performances; meanwhile ROA is used to determine accounting performance. This paper is to determines whether after controlling firm specific characteristics such as corporate governance, agency cost, growth, risk and profitability, GLCs perform better than non-GLCs. Findings highlight that non-GLCs performance is better GLCs in term of corporate governance, and other firm specific characteristics. The relationship between ownership structure and firm performance has been issue of interest among academics, investors and policy makers as one of key issues in understanding the effectiveness of alternative governance systems where government ownership serves as a control mechanism.