- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Aly McDevitt2022-02-03T13:00:00
DISCLAIMER: This case study depicts a fictional cyber incident based on real-life scenarios described by expert interviewees, media reports, and other publicly available resources. While the details surrounding the characters, company, and ransomware attack are imagined, the business concerns and legal issues raised are plausible and based on actual cases.
It is impossible to quantify the comparative costs of the ransomware attack in Vulnerable Electric’s (VE) two parallel universes. According to a chief information security officer (CISO) who wished to remain anonymous, “The ransom payment almost always comes down to the recovery time cost versus ransom payment cost. The secondary factor is the public image or brand damage.”
Although VE’s two pathways start off with the same binary question—pay the ransom or not—the resultant narratives quickly splinter off in different directions with varied endings.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Register for free
Access one free, non-premium article each month.
Complimentary CPE webcasts, resources, and e-Books.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Take this self-directed, interactive immersive study of a fictional cyber event based on real-life scenarios to deepen your understanding of the importance of crisis management planning and put you in the shoes of a compliance leader during a ransomware attack.
Tens of millions of noncompete clauses included in employee contracts nationwide will be null and void by about Labor Day under a final rule issued by the Federal Trade Commission.
Food processing company ADM announced Chief Financial Officer Vikram Luthar, who was placed on administrative leave in January amid a probe into the company’s accounting practices, will resign.
Both JPMorgan Chase and Deutsche Bank retained their respective Jeffrey Epstein relationships for too long. Yet, there is a case to be made for why exiting a high-risk relationship too soon can become an inverse form of recklessness.
Why did JPMorgan Chase retain Jeffrey Epstein for more than a dozen years? How did the relationship persist despite glaring red flags? The “why” is straightforward; the “how” is more complicated.
Jeffrey Epstein’s designation as a high-risk client should have subjected him to enhanced due diligence that never appeared to occur, most notably at Deutsche Bank. Instead, Epstein was allowed to continue his misconduct despite numerous red flags.
