In an era where "cloud-first’ is often mistaken for “cloud-only,”' let’s explore a few often-neglected aspects of ransomware incident preparedness, highlighting the ironic shift in readiness from things we used to do well (or at least often) in the pre-cloud era, but that have been left behind in the present day. This presentation will focus specifically on three critically underappreciated practices that are still useful, and increasingly pivotal, for effective response to ransomware attacks.
1.) The significance of "go-to-paper" processes, you know, good old-fashioned manual business continuity (BC) procedures we used to follow when our digital world went dark. We'll explore how these archaic yet surprisingly resilient manual tactics are more than just a trip down memory lane, but necessary steps in ensuring your business keeps running even when screens don’t.
2.) Infrastructure backups. We're not just talking about your important data, but the increasingly software-defined and abstracted infrastructure components you rely on. This discussion will strip away the veil of complacency that often shrouds cloud-based systems, revealing the stark realities of shared responsibilities and the need for a more holistic approach to disaster recovery.
3.) The practicality of meeting recovery point objectives (RPO) and recovery time objectives (RTO) when relying on offline or internet-based backups. This involves an in-depth analysis of current practices; measuring their actual effectiveness and whether regaining access to data and systems is possible within acceptable time and data loss thresholds.
By revisiting these "old" strategies, we propose a renewed, hybrid approach to ransomware preparedness, blending traditional wisdom with modern technological capabilities. This presentation aims to equip organizations with a more holistic and resilient strategy in the face of evolving cyber threats.