Why Cyber Resilience Requires Recovery Not Just Backups: CISO and Field Perspectives
15 Minutes---Webinar from Everpure's Rick Orloff, CISO, and Scott Taylor, Director of Cyber Resilience Field Solution Architects on Cyber Recovery Strategy Resilience isn't just prevention—it’s about the "Minimum Viable Business." At RSAC 2026, Everpure’s Rick Orloff and Scott Taylor explained why recovery fails without understanding dependencies. Prioritize critical data and cross-functional collaboration to minimize revenue disruption. Stop treating backup as the goal; make rapid, strategic recovery your mission. Link to WebinarEverpure Protect - Tools for Network Configuration
A key workflow item, especially when building Isolated Recovery Environments (IRE), Clean Rooms, test or production Disaster Recovery, or any other environment personality, is to reconfigure the network. Doing so automatically and per a plan is important to an automated, fast, and predictable workflow. We have built Everpure Protect Tools, which is a lightweight tool, registered with VMtools within a guest, that allows us to automate network configuration changes, per the individual Recovery Plan. Included in the download is a Powershell script for Windows, or a Shell script for Linux/Unix, which registered our tool with VMtools to perform the changes. The scripts can be loaded and ran manually in each guest, or distributed and executed as part of a workflow such as Microsoft MCM/SCCM. Everpure Protect Tools Once deployed, network changes on a per-VM or per-Recovery Plan basis will be automatically performed based upon the unique settings in the Recovery Plan being executed.Everything Ransomware: Ransomware Live
Check it out! Really interesting tracking of everything related to ransomware. https://www.ransomware.live/ Ransomware Live is a real-time intelligence site tracking active ransomware groups, victims, leaks, and extortion activity, helping security teams monitor threats, trends, and attacker behavior worldwide.Ransomware attacks are NOT going away
Here is why ransomware attacks are persistent and unlikely to disappear: 1. High Profitability and Low Risk for Criminals Ransomware is fundamentally a business model for organized crime, and it is overwhelmingly successful and profitable. Low Barrier to Entry: The rise of Ransomware-as-a-Service (RaaS) means even novice criminals can purchase sophisticated malware and infrastructure. This franchise model ensures high attack volume regardless of law enforcement efforts. Guaranteed Revenue Stream: The evolution to multi-extortion (encrypting data and stealing it) ensures that victims are forced to pay—either to regain system access or to prevent catastrophic data leaks and regulatory fines. This dual leverage guarantees profit even if the victim has backups. Anonymity: The use of cryptocurrency for payments, coupled with geopolitical safe zones for many RaaS groups, keeps the risk of prosecution extremely low for the attackers. 2. Attackers Are Outpacing Traditional Defenses The tactics used by ransomware groups are specifically designed to neutralize traditional defense and recovery measures: Targeting the Supply Chain: Attackers are finding success by targeting trusted vendors and IT providers to compromise dozens of companies simultaneously, making defense exponentially harder for individual organizations. Attacking Backups: Modern ransomware campaigns specifically target accessible backups to delete them or malware-infect them, eliminating the victim’s recovery option and forcing them to pay the ransom. AI for Stealth and Speed: The adoption of AI is accelerating reconnaissance and stealth, dramatically compressing the time between network access and payload deployment. Attackers can move faster than human defenders can react. 3. Cyber Resilience is the New Standard The industry has shifted its mindset from trying to achieve absolute prevention (which is impossible) to guaranteeing resilience. This shift acknowledges the persistence of ransomware. The focus is now on ensuring organizations can: Anticipate and detect threats early (low MTTD). Withstand the attack without immediate operational collapse. Recover guaranteed clean data within minutes (low MTTR). Ransomware will not disappear until the criminal model becomes unprofitable, and current data shows that attackers are highly successful and rapidly adapting their strategies.The SafeMode Seance: A Cyber Security Haunting
Topic: How are you protecting your data from cyber threats? Are you both protecting your data, while also preparing to recover in the event that your organization is impacted by a cyber event? Join us for a spooky, cyber-focused meeting; a supportive and open forum where we’ll share scary stories, and explore solutions to ensure your data is protected from even the most ghoulish threats. This customer-driven discussion will focus on your experiences and challenges with protecting your data from a cyber attack. Pure Storage experts will offer insights and guidance to help you protect your data from the zombie apocalypse. Get Involved: We're looking for security-focused individuals who would be willing to attend and share their perspective on how they are helping their organization protect against cyber threats, and prepare in the case that recovery is needed. And all are welcome. You don't have to be a Pure Storage customer to attend. Join the community, talk to your peers, and have some fun. Agenda: Welcome, Introductions, Updates Customer Presentation - How to use Pure1 Assessments to review and improve your security posture Customer Presentation - Something strange is happening, but we don't know what it is. How I used Pure1 AI CoPilot along with Varonis to narrow the scope on the "strange stuff" Pure Presentation (w/ alliance partners) - SafeMode, Cyber Resiliency and Isolated Recovery Environments Panel/Q&A - Open discussion amongst the community; w/ security-focused individuals (hopefully) in attendance. Anonymous Group Feedback: Share your thoughts and experiences in regards to data protection. What’s working? What’s not? Where could you use some feedback from the community? Understanding Your Needs: What does your organization need to fully protect your data, and recover if you were ever attacked? We’ll help you pinpoint what truly matters. Exploration Circle: Hear from Pure’s subject matter experts on what they are seeing regarding the latest cyber security and cyber resiliency topics. Support & Resources: Find out where you can get additional help, training, and resources. Date: Wednesday, October 15th, 2-4pm ET. Location: Aces Pickleball, 2730 Maverick Dr, Norwood, OH 45212 (Factory 52) RSVP: https://info.purestorage.com/2025-Q3AMS-COMREPLCRCincinnatiPUGLP_01---Registration-Page.html Stick around after the Pure User Group meeting and enjoy Pies & Pints with Pure Storage, our partners, and fellow customers.From Passive to Proactive: A New Cyber Resilience Foundation
We are thrilled to announce a significant evolution of the Pure Storage Cyber Resilience solution, designed to transform your defense posture from passive to proactive. The announcements on September 25th deliver on three core pillars that are essential for modern defense: 1. Dynamic Response and Recovery: Recovery time must be measured in minutes, not days. We're introducing Pure Protect™ Recovery Zones to automatically provision Isolated Recovery Environments (IREs), plus a new Cyber Resilience delivered as a Service model with Veeam to guarantee instant, validated recovery. 2. Connected Detection: We’re eliminating security blind spots by embedding detection into the data layer itself. We have several new native detection capabilities and new integrations with CrowdStrike Real-Time Threat Graph and Superna Next-Gen SIEM to accelerate threat detection and remediation. 3. Built-in Security: Security is foundational. Our platform now features mandatory safeguards like TPM and UEFI Secure Boot and Enterprise-Grade Identity and Access Management to ensure the integrity of your platform from the ground up. See our Cyber Resilience announcement blog for more details.Innovation @ Pure Accelerate 2025
After five months at Pure Storage, I just attended my first Pure//Accelerate Conference. Pure//Accelerate is our annual gathering of esteemed customers and partners, where we learn from each other how to improve ‘everything data’ with advanced, performant, secure, and resilient storage. A major highlight of Pure//Accelerate 2025 was the announcement of the Pure Storage Enterprise Data Cloud. This represents the next generation of storage capabilities, helping organizations leverage their data for operational excellence and efficiency. Enterprise Data Cloud delivers a unified, AI-driven control plane—via Pure Fusion—that allows organizations to manage and govern data across hybrid estates with cloud-like automation, built-in cyber resilience, and global observability. With my focus on cyber resilience and cybersecurity, I found the cyber resilience announcements especially exciting. First, we announced an integration with Rubrik’s Security Cloud to deliver the first-ever near-zero RTO solution. Rubrik and Pure Storage now combine immutable snapshots with threat analytics for rapid, trusted cyber recovery. Second, we announced integration with CrowdStrike LogScale. Pure Storage and CrowdStrike now offer on-prem storage with LogScale for fast analytics, threat hunting, and secure log retention. These announcements were extremely well received by both customers and partners. Another innovation generating buzz was our new Pure Protect capabilities. At Pure//Accelerate 2025, Pure Storage unveiled enhancements to Pure Protect, advancing cyber resilience and disaster recovery with a layered architecture that includes secure snapshots, isolated recovery environments, and cloud-based clean-room orchestration. The solution introduces policy-driven automation to streamline operations and reduce dependence on professional services, while optimizing VMware environments for increased efficiency and cost control. These advancements aim to simplify recovery, accelerate response, and strengthen data protection across hybrid infrastructures. In summary, Pure Protect can serve as the control and automation plane for layered resilience. On that note, many of my discussions with customers centered around how to leverage SafeMode Snapshots for immediate return to operations following an incident—whether from a disaster, technology outage, or cyberattack. Coming from a cybersecurity background, I was genuinely impressed by our customers' security acumen. Their expertise goes far beyond storage architectures, protocols, capacity planning, and performance. Many demonstrated strong knowledge of preventative and zero-trust controls, along with a deep understanding of immutability and indelibility. There was also strong interest in logging, anomaly detection, and especially our integrations with SecOps and UEBA. I fielded many questions about Varonis, Superna, and CrowdStrike, and how these powerful solutions help safeguard critical data assets. Superna, a sponsor of the event, also had strong attendance and interest in their breakout session. Our data protection partners—Rubrik, Commvault, and Veeam—also generated significant interest and hosted well-attended breakout sessions. Customers were particularly eager to learn how our solutions integrate seamlessly with these partners to enhance the capabilities of the Enterprise Data Cloud through robust, automated data protection workflows. The combination of our high-performance storage architecture and Pure Fusion automation impressed attendees by enabling streamlined management, rapid recovery, and enhanced security for enterprise-critical data. These integrations reassured customers that they can rely on a comprehensive, scalable solution that supports evolving data protection needs while simplifying operational complexity. This was an impressive event that made me proud to be part of Pure Storage. Resorts World was a fantastic venue, the Pure Storage event team executed flawlessly, and the keynote presentations were outstanding. If you didn’t make it this year, be sure to join us in 2026 back at Resorts World! Learn more about the Pure//Accelerate 2025 announcements at: https://www.purestorage.com/accelerate.html
