All Compliance Week articles in Spring 2022
Ransomware Attack case study-
ArticleTI 2021 corruption index shows world not willing to make real change
The adage that “no news is good news” doesn’t apply to Transparency International’s 2021 Corruption Perceptions Index. That corruption levels remain at a global standstill or have worsened highlights a disturbing trend for companies, governments, and citizens alike.
-
PremiumChapter 1, Part 1: Betsy’s human error triggers ransomware crisis
When one of fictional private utility company Vulnerable Electric’s most dedicated employees falls victim to a social engineering hack, her actions in the immediate aftermath are crucial to what will soon become a crisis for the C-suite.
-
PremiumChapter 1, Part 2: All hands on deck in C-suite ransomware response
Following the events that triggered a double extortion ransomware attack, the CEO of fictional private utility company Vulnerable Electric mobilizes her cyber incident response team to begin assessing the path forward to dealing with the cybercriminal(s).
-
ArticleCW case study offers 360-degree view of ransomware attack
Learn through the eyes of the C-suite at Vulnerable Electric, a fictional private utility company impacted by a significant ransomware attack, as part of Compliance Week’s third case study.
-
PremiumChapter 2, Part 1: Containment key to ransomware defense
With Day 2 of fictional private utility company Vulnerable Electric’s ransomware crisis comes the need to grasp the extent of its situation. The cyber incident response team’s synchronized efforts are pivotal as time is of the essence.
-
PremiumChapter 2, Part 2: Ransomware damage control and when to alert stakeholders
Systems at fictional private utility company Vulnerable Electric remain impacted in the aftermath of a ransomware attack, but the chief executive decides it’s time to be forthright with employees and customers.
-
PremiumChapter 3: Ransomware eradication prompts tough choice: To pay or not to pay?
No matter what, the deck is stacked against fictional private utility company Vulnerable Electric as it weighs whether to pay the $5 million ransom demanded by a cybercriminal who breached its systems. Which path do you take?
-
PremiumRansomware case study glossary
The field of cybersecurity features a growing list of terminology to describe the many forms, channels, and motivations behind cyberattacks and hacking culture. Learn further definitions for some key terms featured throughout the ransomware case study.
-
PremiumChapter 4: Recovery and lessons learned post-ransomware attack
Whether fictional private utility company Vulnerable Electric pays the ransom or not in the aftermath of its cyber incident, the two pathways quickly splinter off in different directions with varied endings, each with important lessons to be learned.
-
PremiumEpilogue: What happened to Betsy?
The “patient zero” of fictional private utility company Vulnerable Electric’s ransomware crisis learns her fate.
-
ArticleHow Accor manages global data privacy compliance
Marie-Christine Vittet, vice president of compliance at hospitality chain Accor, shares with Compliance Week the company’s journey toward a global data privacy compliance program.
-
ArticleTransparency key to navigating modern employee monitoring risk landscape
The opening session of Compliance Week’s virtual Cyber Risk & Data Privacy Summit addressed the challenges of using technology to monitor employees while considering regulatory and ethical risks.
-
ArticleBlockFi ruling leaves big crypto question unresolved
The SEC’s determination regarding BlockFi’s crypto lending product is a landmark resolution, yet the ruling does little to settle the larger question still looming: Are cryptocurrencies securities or currencies?
-
ArticleCompany cybersecurity certifications: Business case and where to start
Rachael Pashkevich Koontz, senior corporate counsel of cybersecurity compliance at T-Mobile, shared her opinions on cybersecurity certifications and determining the right fit for certain organizations at CW’s virtual Cyber Risk & Data Privacy Summit.
-
ArticleBest practices to achieve a continuous assurance cybersecurity model
A panel of cybersecurity experts shared tips for achieving continuous assurance and getting necessary buy-in at CW’s virtual Cyber Risk & Data Privacy Summit.
-
ArticleWhy high-growth companies should prioritize data privacy
A group of experts at CW’s virtual Cyber Risk & Data Privacy Summit explained how complying with data privacy regulations from Day 1 can provide high-growth companies with certain competitive advantages.
-
ArticleStrategies for complying with multiple data privacy regimes
Complying with multiple data privacy regimes is not simple, but it is increasingly becoming expected. A panel at CW’s virtual Cyber Risk & Data Privacy Summit offered their advice regarding the current global privacy landscape.
-
ArticleThird-party cybersecurity monitoring: Tips for keeping vendors honest
A continuous monitoring cybersecurity strategy for third-party risks goes a long way toward proactively identifying external vulnerabilities. At CW’s virtual Cyber Risk & Data Privacy Summit, a panel of experts shared leading practices.
-
ArticleMy Compliance Library: ‘The Behavioral Code’ explores tension between code and conduct
Benjamin van Rooij and Adam Fine’s book is an exposition on shaping laws and codes to “human and organizational behavior” that lends to the discussion on how behavioral science can inform ethics and compliance programs.
-
Article‘The Betrayal’ offers AML lessons from undercover mission that nearly comes undone
Drug Enforcement Administration undercover agent Robert Mazur’s new book chronicles his infiltration of Colombia’s notorious Cali drug cartel and the money laundering practices he observed firsthand.