CASES FOR GROUP PRESENTATIONS

Rather than selecting cases that narrowly examine specific topics covered in RMI 601, the suggested cases deal with broader issues faced by the risk manager. All suggested cases present an integrated view of risk management. While questions are posed you are expected to go beyond the specific questions and take a holistic view as if you were the CEOs, COOs, and/or risk managers.

At a minimum, your case presentations should:

• address the questions posed
• identify the key lessons to be learned from the case
• consider current events/information that may influence recommendations and may not have been considered at the time.

You are expected to do independent research to augment the presentations. The main case material is part of the coursepack on hbsp.harvard.edu.

Mircom Technologies LTD.: Responding to a Ransomware Attack

In September 2019 Mircom Technologies Limited (Mircom) faced a serious crisis after undergoing a ransomware attach. This medium-sized manufacturer had been offering smart building solutions for nearly two decades. The attackers encrypted all of the company's data, halting all business systems and processes that relied on information technology, including email, voice-over-interent telebephones, manufacturing, billin, shipping and receiving. The company could not even conduct basic business operations. The attackers demanded a large payment in Bitcoin in exchange for a decryption key that would give Mircom access to its data. Over the next several weeks, the CEO and the CTO (chief technology officer) faced unforeseen challenges as they led efforts to recover the data, negotiate with the attackers and ultimately find a path to successful restoration of normal operations and build resiliency.

• Evaluate the treat that the ransomware attack posed to Mircom?
• How did the attack effect the company's ability to operate?
• What were the various challenges involved in responding to such an attack?

You are the new Risk Manager - consider:

• What factors would have made it easier or harder for Mircom or any other organization to address these challenges?
• How well did Mircom manage the ransomware attack and related impacts?
• What steps can be taken to reduce vulnerability and improve the capacity to respond to ransomware attacks?

In additon to those questions, each group should address what can be learned from their specific case study and be able to back it up?