Lessons learned by a company facing a ransomware cyber-attack: A case study

The aim of this article is to describe and present the behaviour seen in one case related to a Czech company before and after being threatened and infected by a cyber-attack. Lessons learned from the experience of facing the cyber-attack will act as a means of prevention to help other firms from avoiding the same mistakes and mitigate the risk of a cyber-attack or its consequential impacts on their competitiveness. The article is based on in-depth interviews with a representative of an international manufacturing company. The company was confronted by a cyber-attack in 2023. Data was collected through interviews with a member of the ICT team that oversaw the defusing of the attack and its impacts. The results show that the company had invested a great deal of effort in preventive measures even before the cyber-attack occurred. Nevertheless, a number of changes in processes, internal rules and procedures were identified after the attack. In addition, identification of changes in processes and organization and the definition of new rules and procedures are the most valuable outcomes of the study that will help other companies to augment their own anti-cyber-attack policy. By assimilating these insights, companies can enhance their preparedness and resilience against cyber-threats, ultimately safeguarding their competitiveness in an evolving digital landscape.