Chapter 2, Part 1: Containment key to ransomware defense

Ransomware Chapter 2_1

With Day 2 of fictional private utility company Vulnerable Electric’s ransomware crisis comes the need to grasp the extent of its situation. The cyber incident response team’s synchronized efforts are pivotal as time is of the essence.

DISCLAIMER:  This case study depicts a fictional cyber incident based on real-life scenarios described by expert interviewees, media reports, and other publicly available resources. While the details surrounding the characters, company, and ransomware attack are imagined, the business concerns and legal issues raised are plausible and based on actual cases.

It is now Day 2.

In the conference room, several red binders are placed on the glossy table along with coffee cups and bottles of water. The binders are identical from front to back, their pages crisp, barely touched since they were collated last year. In each binder, there is a printed version of VE’s cyber incident response playbook, including a list of the full cyber incident response team (CIRT). Names, roles, contact information, and potential alternates for each role are documented.

The chief executive sits at one of the far ends of the table. She’s making a valiant effort to stay calm under the circumstances. She’s leaning forward in her chair, awaiting each member of her team to speak their piece. Several key stakeholders are on the secure conference bridge, and there are no empty seats at the table.

This is members-only premium content

JOIN NOW

If you are already a member, SIGN IN now.