News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Aly McDevitt2022-02-01T13:00:00
DISCLAIMER: This case study depicts a fictional cyber incident based on real-life scenarios described by expert interviewees, media reports, and other publicly available resources. While the details surrounding the characters, company, and ransomware attack are imagined, the business concerns and legal issues raised are plausible and based on actual cases.
Within 24 hours of the ransom note’s receipt, the chief information security officer (CISO), his team of IT experts, and the digital forensics examiner feel confident the breach has been contained. The attacker has been isolated, and there is no more lateral movement on the Vulnerable Electric (VE) network.
Sitting at the far end of the table across from the chief executive (CEO), the CISO addresses the whole team gathered in the war room. Following the incident response process, he reviews the facts, business impact, and root cause determination:
An attacker gained access to the network by tricking an employee to click on a virus-laden hyperlink, installing software onto the employee’s workstation and giving the attacker a backdoor to the company’s intranet. From there, the attacker scanned the corporate intranet for machines running software with known vulnerabilities.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Take this self-directed, interactive immersive study of a fictional cyber event based on real-life scenarios to deepen your understanding of the importance of crisis management planning and put you in the shoes of a compliance leader during a ransomware attack.
2024-07-02T20:35:00Z By Adrianne Appel
Three former executives of Chicago-based Outcome Health, a healthcare technology company, were sentenced for misleading an auditor, clients, lenders, and investors about a scheme to sell $45 million in overbilled advertisements.
2024-07-02T19:43:00Z By Aaron Nicodemus
The U.S. Supreme Court extended the statute of limitations for businesses attempting to challenge some federal regulations, allowing regulated entities a longer timeline to appeal a decision.
2024-03-21T16:00:00Z By Aly McDevitt
Both JPMorgan Chase and Deutsche Bank retained their respective Jeffrey Epstein relationships for too long. Yet, there is a case to be made for why exiting a high-risk relationship too soon can become an inverse form of recklessness.
2024-03-20T16:00:00Z By Aly McDevitt
Why did JPMorgan Chase retain Jeffrey Epstein for more than a dozen years? How did the relationship persist despite glaring red flags? The “why” is straightforward; the “how” is more complicated.
2024-03-19T16:00:00Z By Aly McDevitt
Jeffrey Epstein’s designation as a high-risk client should have subjected him to enhanced due diligence that never appeared to occur, most notably at Deutsche Bank. Instead, Epstein was allowed to continue his misconduct despite numerous red flags.
Site powered by Webvision Cloud