學門類別
最新個案
- Leadership Imperatives in an AI World
- Vodafone Idea Merger - Unpacking IS Integration Strategies
- V21 Landmarks Pvt. Ltd: Scaling Newer Heights in Real Estate Entrepreneurship
- Snapchat’s Dilemma: Growth or Financial Sustainability
- Did I Just Cross the Line and Harass a Colleague?
- Predicting the Future Impacts of AI: McLuhan’s Tetrad Framework
- Porsche Drive (A) and (B): Student Spreadsheet
- Porsche Drive (B): Vehicle Subscription Strategy
- TNT Assignment: Financial Ratio Code Cracker
- Winsol: An Opportunity For Solar Expansion
Mircom Technologies Ltd.: Responding To A Ransomware Attack (A)
內容大綱
In September 2019, Mircom Technologies Limited faced a serious crisis after sustaining a ransomware attack. The medium-sized manufacturer based in Toronto, Canada had been offering smart building solutions for almost two decades. The attackers encrypted all of the company’s data, halting all business systems and processes that relied on information technology, including email, voice-over-Internet phones, manufacturing, billing, shipping, and receiving. The company was suddenly unable to conduct basic business operations. The attackers demanded a large payment in bitcoin in exchange for a decryption key that would allow the company to access its data. Over the next several weeks, Mircom Technologies Limited faced unforeseen challenges in its attempt to recover its data, negotiate with the attackers, and eventually find a way to successfully restore normal operations.
學習目標
This case is suitable for courses in decision-making, risk management, risk governance, resilience, crisis management, cyber-security, operations, and IT leadership at the undergraduate, executive, and pre- and post-experience master levels. It can be taught as part of a series of cases aimed at providing students with an understanding of the different types of cyber-attacks (e.g., denial-of-service, malware, ransomware, nation state) and the short- and long-term implications of each type for business continuity. The case provides students with opportunities to analyze and discuss issues related to preparing for and preventing serious incidents such as ransomware attacks, managing real-time crises, building organizational resiliency, and avoiding cyber-security risk. The case demonstrates that cyber-security issues are not purely technical, they require the attention of the organization’s top management team. After preparing and discussing this case, students will be able to<ul><li>recognize the full scope of cyber-security issues, beyond their technical aspect to their implications for the organization’s senior management team;</li><li>understand what a ransomware attack is and how it may unfold;</li><li>assess the risks that ransomware attacks can pose to a business’s operations and continuity;</li><li>identify what characteristics make an organization attractive to attackers;</li><li>understand which organizational and behavioural factors can reduce or enhance the risk of ransomware attacks;</li><li>understand the value and design of a robust system to back up an organization’s data;</li><li>assess the level of readiness and resilience required to manage and recover from a ransomware attack;</li><li>develop a ransomware recovery plan;</li><li>identify the factors that enable an organization to survive a ransomware attack; and</li><li>discuss how decision-making and risk management processes can improve the chance a favourable outcome.</li></ul>