If Santa Claus did not have Cyber Insurance
Santa Claus had been the victim of a significant cyber-attack by hackers who do not love Christmas (the hacker group, led by Scrooge, is called skroutzonimus) in order to control the naughty list he maintains with the reasoning for not sending the gifts.
The hackers went further by publishing the list on various websites, blackmailed Saint Basil demanding a ransom in bitcoin not to proceed with the sale of personal data of famous members of the list on the black market (Darknet), and defacement of the site.
In addition, the hackers threatened that if Santa Claus informs the police about the blackmail they will carry out cyberattack and turn off the distribution management & the gift production systems resulting in the damage of his reputation, which was a result of many years of his efforts.
Santa was in a lot of trouble and for a moment he thought that achieved until today will be destroyed. Therefore, he asked to meet all the members of the Crisis Management Group he had set up, whose aim was always the timely and efficient shipping of the gifts to the children from all over the world.
The Group was made up of
- Production & Distribution Engineer
- Lawyer
- Chief Information Security Officer
- Director of Communications & Marketing
- CFO
- Head of Compliance
- Director of Public Relations
- Risk Manager
During their meeting everyone started saying how to deal with the situation and Santa Claus got angry and asked to implement the Business Continuity Plan of the Company.
The Risk Managernformed the group members that they can seek the help of the experts available from the insurance company they were insured but this should not be leaked as the contract also covered ransom in case of blackmail.
They asked for help from the insurance company. The latter has sent a qualified lawyer and an expert in investigation electronic crimes to help.
With the arrival of the experts they started putting the Business Continuity Plan in action. They informed the authorities, they stopped the data leakage and they implemented additional protection measures to their systems.
They called the crisis management experts, set up the communication plan of the company and started informing their naughty list customers about the attack.
Some of the members of naughty list customers requested compensation from Santa Claus and led their case to court.
Finally Santa Claus, with the help of the experts, managed to:
- Reach an agreement with the members of naughty list enabling them to receive their gifts normally for the next years if they comply
- Not to give ransom to skroutzonimus
- Continue to offer the children the gifts they asked for.
* The story is fictional but can occur in any real company.