IUA Circular 044/22

"Ransomware - To Pay or not to Pay?"
Guest speakers will enact a scenario of cyber attack at a fictional company


CEO of the Victim Company – Vijay Bange, Partner, Duane Morris LLP
I.T. Breach Responder – James Burchell, CrowdStrike
Legal Breach Coach – Chris Recker, Senior Associate, Duane Morris LLP
Counsel – Celso De Azevedo, Barrister, 36 Commercial part of The 36 Group

Event Date:  Wednesday 08 June  2022

Time:  4pm/16:00hrs for approx 1 hour  (UK/London time) 

Venue:  This event will be Hybrid: in-person attendees should arrive at Balls Bros Wine Bar, Minster Court, Mincing Lane, London EC3

This market briefing welcomes  guest speakers who will act out a scenario where a fictional company is involved with a ransomware incident, highlighting the severity of I.T. network compromises.

Contact:  Deborah Finch, IUA Events Manager (020 7617 4451)

This is a free event, but names and email addresses of all attendees are required for registration.  Please click here to register.
Click here  for dial in details
Check your time zone here

We understand that some attendees are unable to join our webinar's due to company restrictions for some applications on company computers. Please note you can also connect and join with a mobile or tablet device.

Please adhere to on line etiquette during our presentations.  We kindly ask you to mute your microphone and video upon commencing the link and to use the Chat application for any  questions, which will be addressed by the speaker at the end of the presentation. We suggest dialling in at least 5 mins before the start of the webinar.
Please note that any recording of this event will be available post-event in DropBox format, subject to speaker authorisation. 

Ransomware continues to pose a threat to organisations globally and is vastly becoming lucrative to cyber criminals as well as being costly to the victim company, who can suffer extensive damage.

Since the first-known case of ransomware  - where the practice of malware prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files until a ransom is paid – was reported in 2005, companies have taken steps to ensure education of staff and IT Department awareness of the implications following an attack. 

More recently, threat actors have compounded the cyber attack by exfiltrating files and demanding payment ("double extortion") from the victim to prevent files being made available in a leak website.  As a result, victims have sought to resort to the Courts for protective injunctive relief against threat actors (eg., The Ince Group Plc v Person(s) Unknown (2002) EWHC 808 (QB) - 01.04.2022)

At this market briefing, we welcome guest speakers who will act out a scenario where a fictional company is involved with a ransomware incident.  The CEO of the fictional company will hear from each breach response advisor who will explain issues relating to the cyber threat, how it was detected, the extent of the damage and steps to mitigate potential claims, losses or fines.

The CEO of the fictional company will hear from all breach response actors to decide whether to pay or not to pay, whether any Court remedies may be available, and examine the reasons relating to these decisions.
In this unique way, our guest speakers will endeavour to highlight key issues of ransomware attacks to give delegates a full understanding of an I.T.  network compromise.

The scenario will be followed by a Q&A session and networking drinks reception.

Our Speakers: 

Vijay Bange
is an experienced cross border disputes lawyer with a focus on matters within the construction, engineering and energy sectors (particularly for large international infrastructure projects).  Vijay’s recent experience includes advising a client in the energy sector that had been the victim of a significant business email compromise fraud.

James  Burchell is a passionate, multidisciplinary security specialist who has the ability to de-mystify the complexity that shrouds many IT security challenges. With many years of experience in both military and corporate cyber security worlds, he has the knowledge to help you protect your brands reputation, data and intellectual property. The battle for IT security won’t end any time soon, James strives to make sure that everyone understands the challenges and are equipped to protect themselves from the most advanced modern threats.

Chris Recker is a civil fraud and investigations lawyer with a focus on matters involving digital assets and cyber security (including business email compromise fraud, hacking incidents and authorised push payment fraud). Chris’ experience includes advising on incident response (particularly around ransomware), follow on litigation and global asset recovery/civil fraud claims involving cryptocurrency. 

Celso De Azevedo (FCIArb) has over 20 years’ experience in complex and high value international contractual disputes, re/insurance, cyber security, data breach injunctions, civil fraud and digital asset recovery. He is  the author of "Cyber Risks Insurance - Law and Practice", Sweet & Maxwell, and founding committee member of the Cyber Insurance Association.
DISCLAIMER: The market briefing presentation materials and speaker comments therein were prepared solely by the presenter(s) in their personal and professional capacity. Any materials or opinions expressed do not necessarily represent the views of the IUA and IUA does not bear any responsibility for, or liability to, any parties in respect of the accuracy, legality or overall content of the presentation or any other comments made by speakers or other attendees during the market briefing.

As a member of the CPD (Continuing Personal or Professional Development) Certification Service the IUA is committed to providing high quality training activities. Our market briefing events are certified as being suitable for CPD purposes. To obtain a self assessment form for any particular event please email Deborah Finch. These forms will be issued after each individual event upon request. 

Anti-Trust Statement: It is the clear and unequivocal policy of IUA to comply in all respects with all applicable competition or antitrust laws. Consequently, IUA Market Briefing Attendees will not participate in any practice that would have the object or effect of restricting competition, nor will IUA provide a forum to promote anti-competitive conduct. In particular, any discussion or agreement on key commercial terms, such as commercial premiums, is likely in all instances to be unlawful and must be avoided. A competition law ‘Do’s and Don’ts’ guide is available and the IUA is happy to answer any questions on competition law that  attendees may have.