Within 24 hours of the ransom note’s receipt, the chief information security officer (CISO), his team of IT experts, and the digital forensics examiner feel confident the breach has been contained. The attacker has been isolated, and there is no more lateral movement on the Vulnerable Electric (VE) network.

DISCLAIMER: This case study depicts a fictional cyber incident based on real-life scenarios described by expert interviewees, media reports, and other publicly available resources. While the details surrounding the characters, company, and ransomware attack are imagined, the business concerns and legal issues raised are plausible and based on actual cases.

Learn More
Already a member? Sign in to an existing account.

Aly McDevitt is Data & Research Journalist at Compliance Week. She has a background in education and college consulting. Prior to teaching, she was an editor/author at Thomson Reuters, where she reported...