Simulation note: This is a controlled teaching artefact for The LotusCare Breach (Simulation).
Content is fictional and designed to model organisational decision-making under uncertainty.
No real personal data, real ransomware instructions, or operational steps are included.
Board Brief (Draft)
Purpose: concise board-facing summary. This draft is intentionally conservative and avoids unverified claims.
1. Situation
- LotusCare is responding to a suspected ransomware incident affecting service availability.
- Extortion claims allege data exfiltration; this remains unverified.
- Operations are running in a degraded mode using contingency processes.
2. What is known
- Observed service disruption and recovery activity (LC-INT-01).
- External enquiries received; holding statement prepared (LC-COMMS-01).
3. What is not yet known
- Confirmed scope of systems impacted.
- Whether sensitive data was accessed and, if so, which categories and cohorts.
- Whether any data has been published.
4. Current priorities
- Restore critical services safely and verify integrity.
- Validate data exposure risk and prepare harm mitigation steps.
- Maintain disciplined communications and stakeholder updates.
Board decisions (if required)
| Decision area | Options | Notes |
|---|---|---|
| Notification posture | Proactive advisory vs wait for corroboration | Balance public trust with evidentiary discipline. |
| Client support | Scale support capacity now vs staged | Consider vulnerable cohorts and reputational impact. |
| External assurance | Independent review / assurance statement | May help trust, but must not overclaim. |