White Paper Library
Each paper helps boards, CISOs, and resilience leaders understand what failed, why the impact spread, and what should be rehearsed.
How Cl0p exploited a single zero-day in MOVEit Transfer to compromise 2,700+ organisations and 93 million individuals — without encrypting a single file — and what it reveals about silent supply chain exposure.
How Scattered Spider social-engineered a third-party help desk to breach Marks & Spencer, triggering a £300M profit impact, a 46-day online shutdown, and spreading to Harrods and Co-op.
How Russia's SVR compromised SolarWinds' build process to push a trojanised update to 18,000 organisations — and why the trust model that software supply chains depend on became the attack surface.
How a ransomware attack on Colonial Pipeline's billing systems — not the pipeline itself — triggered a six-day fuel crisis across 17 US states and what it reveals about unmapped business process dependencies.
How a Russian cyberweapon targeting Ukrainian tax software destroyed $10 billion in value across global shipping, pharma, and logistics — and why Maersk's entire recovery depended on a single server that survived by accident.
How a single vendor compromise paralysed an entire industry vertical and what it reveals about sector-wide dependency concentration and recovery planning.
How a pathology services attack cascaded through the NHS and what it reveals about healthcare supply chain fragility, clinical dependency mapping, and recovery sequencing.
How large-scale M&A activity introduces systemic integration risk and what resilience leaders should rehearse before operational consolidation begins.
How a single-point-of-failure in healthcare payments processing exposed systemic concentration risk and what it means for critical service dependency mapping.
How a trusted security tool became a synchronised global business failure and what it reveals about concentration risk, leadership readiness, and dependency failure.
How a social engineering attack escalated into a full-scale operational shutdown and what it reveals about identity control, lateral movement, and crisis leadership under pressure.
How a flight plan processing failure grounded UK aviation and what it reveals about single points of failure in national infrastructure and the limits of redundancy design.
How a single routing configuration error took an entire country's communications offline and what it reveals about cascading dependency failure at national scale.
How a DNS infrastructure failure cascaded across cloud-dependent services and what it reveals about hidden single points of failure in modern architectures.
How a major telecommunications failure disrupted services at scale and what it reveals about infrastructure redundancy, customer communication, and recovery prioritisation.
Why most incident response plans fail when they are needed most and how to build plans that survive first contact with a real crisis through structured rehearsal and realistic testing.
How TSB's botched IT migration locked 1.9 million customers out of their accounts, cost £330M+, and forced the CEO to resign — with no attacker involved. What it reveals about self-inflicted operational crisis.
Go deeper
Each white paper maps directly to scenarios you can rehearse on the CrisisLoop platform. Move from understanding what failed to proving your team can respond.