Thrive in Chaos: How to Get Your Minimum Viable Company Back Online

In our recent webinar Thrive in Chaos: How to Get Your Minimum Viable Company Back Online, Commvault Vice President of Product Experience Michael Stempf offered valuable insights and strategies to help organizations not only survive but thrive in the face of cyber threats.

Here’s a sneak peak of the key takeaways:

1. Define your minimum viable company.

MVC focuses on the core operations necessary to resume business quickly after a cyberattack. Unlike traditional disaster recovery plans, which prioritize speed and minimal data loss, the MVC approach means that only the essential data and systems are restored first. As an example, a priority list of business systems that need to be restored first could include:

• Active Directory services for secure and scalable access.
• Secure communication systems like email and messaging.
• Essential data to keep operations running and serve customers.
• Operational infrastructure needed to run mission-critical applications.

This strategy helps organizations minimize downtime and maintain critical operations. You can learn more about minimum viability here.

2. Integrate data protection and anomaly detection.

Integrating anomaly and threat detection with data protection is crucial for maintaining the cleanliness of data during recovery. This involves analyzing data for unusual patterns and integrating with third-party security tools to detect indicators of compromise and indicators of attack. By doing so, organizations can help prevent the restoration of infected data and reduce the risk of reinfection.

3. Set up isolated recovery environments.

Cloud-based IREs, such as Commvault® Cloud Cleanroom™ Recovery, are essential for effective cyber recovery. These environments are dynamically built, elastic, and secure, reducing the risk of reinfection and minimizing costs compared to traditional on-premises IREs. Cloud-based IREs can be set up quickly, typically within 30 minutes, and can scale as needed, so the data is solid and secure.

4. Test regularly.

Regular testing and chaos exercises are vital for building muscle memory and testing that the cyber recovery plan works effectively. Cross-functional collaboration during these tests is crucial, as it helps identify and resolve issues before a real cyberattack occurs.

As Michael noted, the lack of muscle memory is a significant reason it takes organizations an average of 24 days to restore minimum operations. Regular testing and cross-functional collaboration can help reduce this downtime and minimize costs.

Challenges of Cyber Recovery

The webinar discusses the significant costs associated with cyberattacks, including the average cost of a breach and the cost of downtime (spoiler, it’s expensive). But it isn’t just the cost that’s a challenge; Michael outlines why cyber recovery is specifically more complicated than traditional disaster recovery.

Have a disaster recovery plan? Great. But you need a cyber recovery plan, too, for a myriad of reasons he explains. Check out this report, read this ebook, and watch the webinar on demand to learn more about the differences and gain a deeper understanding of how to thrive in the chaos.