Cyber Resilience: How Modern Businesses Withstand, Respond and Recover From Data Breaches

The Importance of Multiple Backups

Colony Tire’s cyber resilience strategy includes maintaining stringent recovery time objectives and recovery point objectives. Depending on the criticality of the system being backed up, the Rubrik solution performs backups at least once a day, and as often as every few hours.

“Our recovery points are massive, so we can dial it back within an hour with very minimal impact,” says Evans. “Most times, users don’t even notice if something goes down. That’s important when you have hundreds of people trying to do their jobs. You want minimum disruption to their daily routine.”

Redundancy also plays an important role in the company’s cyber resiliency. Evans keeps backup copies onsite and backs up to an offsite cloud.

“We could have done just offsite, but the recovery time can be extensive versus on-prem,” explains Evans. “So, we have an on-prem copy, but it also replicates out for redundancy and added security. If anything local gets compromised, we can still fail over and get back in a short amount of time. We still need the security of offsite, because that’s a break point. Any system is a break point. So, you need to make sure you have that redundancy.”

How To Discover Attacks Sooner

As a practice, cyber resiliency exists where cybersecurity and disaster recovery overlap. This overlap has widened in response to growing attack surfaces within businesses, says Brent Ellis, principal analyst at Forrester.

“More parts of the infrastructure are under attack,” Ellis says. “You need to have tools within your backup system to identify whether it’s being compromised or attacked. There is a push toward earlier detection. Some of the tools that are used for detection are migrating into production storage and data environments. You find things when you’re doing your backup, because the backup looks at everything, so you’re able to find an attack sooner.”

FIND OUT: See how to maintain the health and performance of your IT with observability services.

Rather than waiting to act when a breach is discovered, cyber resiliency practices can also involve more proactive efforts. This starts with gaining visibility into the threat environment, Ellis says: “You want something that can detect ransomware and ransomware variants. You need an immutable backup platform that stores data securely — a tool that helps identify sensitive data that might be at risk for exfiltration.”

Data exfiltration is a common challenge for businesses with dozens or hundreds of user accounts to manage. An unencrypted file mistakenly shared publicly can be an open door for cyberattackers to gain access to business systems. With visibility, IT teams also must prioritize remediation efforts.

“Many tools these days also have a cyber resiliency score,” Ellis says. “They can evaluate the systems they’re connected to and alert you to problems. These tools will give you a score and then suggest things you can do to fix issues.”

How a Defense Contractor Boosts Cyber Resilience

Cyber resilience is a fundamental part of the business environment at McCormick Stevenson, a 60-person engineering services and design firm specializing in munitions and other defense applications. The March 2025 announcement by REPKON of its acquisition of McCormick Stevenson immediately put the firm in the crosshairs of attackers.

Shortly after the acquisition was made public, “malware and spam activity went up threefold,” says IT Manager Chris Morin. “We saw it right away. We have to be very resilient in what we do, and diligent, to make sure that everything is up to date to protect us.”

In addition to cyberattacks, McCormick Stevenson, which is based in Clearwater, Fla., must also contend with hurricane season. Disaster recovery and backups play a large role in its cyber resilience strategy.

“Right now, we’re using Druva’s Phoenix and their Microsoft 365 product for backup and disaster recovery,” shares Morin. “All of our firm’s email, SharePoint data and OneDrive data is backed up on a nightly basis. We also have our local servers backed up to the cloud, and some local network-attached storage as well. I’ve restored data going back 18 months in seconds. Being able to go that far back on a backup, and do it quickly, is an amazing feat.”

Most of McCormick Stevenson’s clients are government agencies and defense contractors doing business with the government. As such, compliance with data security rules is non-negotiable, and the company’s Druva backup solution delivers value in its efforts to comply.

“It’s crucial for us,” says Morin. “For NIST compliance, one of the things that we have to do is make sure that our data is secured. It’s in the AWS GovCloud. And when we do finally go for our Cybersecurity Maturity Model Certification and we get it, the work we’ve put in will be worth it. It takes time, but Druva has helped us immensely on that front.”

Click the banner below to learn how financial services are unlocking artificial intelligence’s potential.

Select Specific Data for Backup

For Stretto, a technology and services firm for legal and financial professionals, cyber resiliency is as much about an organization’s culture and training as it is about technology.

“Cybersecurity gets a lot of the spotlight, but resiliency can put you in a better position to react and respond to some of these breaches,” says CIO Arjun Thusu. “Resiliency is a combination of things: robust policies and training, keeping systems patched and up to date. For Stretto, resiliency is a driving factor right from the start.”

Stretto has used Druva, Microsoft OneDrive and other Microsoft solutions to meet its backup needs. As the company remains vigilant to prevent any major cybersecurity incidents, its backup solutions have assisted with recovering files and drives.

WATCH: Discover the security issues demanding attention in 2026.

“Druva has allowed us to have granular controls around what kind of data we want to protect and what kind of data schedules we want to have for recovery and testing,” says Thusu. “It’s a comprehensive solution that allows us to be very granular with our program around data recovery and resiliency.”

Stretto’s backup solutions also proved integral when it refreshed its hardware resources.

“It is great to have the ability, during the refresh of an asset, to take an up-to-date snapshot and test it before we do any destruction of old hardware or recovery onto new hardware,” Thusu says. “It allows us to validate multiple times that the data is safe, and that we can go through our refresh process and upgrade our hardware without any concern about data recovery.”