You have no items in your shopping cart.

Cyberattack on Abank
Korinek, Anton; Allayannis, George (Yiorgos) Case F-1979 / Published March 8, 2022 / 14 pages. Collection: Darden School of Business
Format Price Quantity Select
PDF Download
$6.95
EPUB Download
$6.95
Printed Black & White Copy
$7.25

Product Overview

Cyberattacks on corporations are an increasingly common phenomenon that imposes significant costs on shareholders, customers, and management. It is instrumental for corporations to both invest in appropriate precautionary security measures and have a comprehensive cybersecurity incident response plan (IRP), led by a skilled incident response team, that defines what procedures to follow. This fictional case is framed from the perspective of Ida Inglewood, the chief information security officer (CISO) of Abank, a midsized financial institution that has experienced a massive and unprecedented cyberattack in which $450 million of customer funds were stolen. The case begins with a 2:00 a.m. phone call in which the CISO informs Abank’s CEO of the incident. Abank’s IRP is activated, and the CISO provides a detailed report to the bank’s management team, explaining the legal, regulatory, and financial implications of the cyberattack. The case culminates in the following critical decision: whether to restore full access to the deposits of Abank’s customers at the beginning of the business day, or to keep operations closed until a full investigation of the cyberattack has been completed. This case is taught at Darden in a course on “Artificial Intelligence and the Future of Work”; it would also be well suited for in-person or online MBA courses in banking and financial markets, new technologies, or communication and crisis response.



Learning Objectives

Recognize the frequency and tremendous costs of cyberattacks. Devise an effective incident response to cyberattacks. Prepare a communication strategy, including responses to customers, regulators, and shareholders. Understand the cyber regulatory regime in which corporations operate. Evaluate the benefits and costs of investing in adequate cybersecurity preparedness.


  • Videos List

  • Overview

    Cyberattacks on corporations are an increasingly common phenomenon that imposes significant costs on shareholders, customers, and management. It is instrumental for corporations to both invest in appropriate precautionary security measures and have a comprehensive cybersecurity incident response plan (IRP), led by a skilled incident response team, that defines what procedures to follow. This fictional case is framed from the perspective of Ida Inglewood, the chief information security officer (CISO) of Abank, a midsized financial institution that has experienced a massive and unprecedented cyberattack in which $450 million of customer funds were stolen. The case begins with a 2:00 a.m. phone call in which the CISO informs Abank’s CEO of the incident. Abank’s IRP is activated, and the CISO provides a detailed report to the bank’s management team, explaining the legal, regulatory, and financial implications of the cyberattack. The case culminates in the following critical decision: whether to restore full access to the deposits of Abank’s customers at the beginning of the business day, or to keep operations closed until a full investigation of the cyberattack has been completed. This case is taught at Darden in a course on “Artificial Intelligence and the Future of Work”; it would also be well suited for in-person or online MBA courses in banking and financial markets, new technologies, or communication and crisis response.

  • Learning Objectives

    Learning Objectives

    Recognize the frequency and tremendous costs of cyberattacks. Devise an effective incident response to cyberattacks. Prepare a communication strategy, including responses to customers, regulators, and shareholders. Understand the cyber regulatory regime in which corporations operate. Evaluate the benefits and costs of investing in adequate cybersecurity preparedness.