Disaster Recovery Journal Summer 2025

Ultimately, a company’s ability to respond will be contingent on how well it tests and fine-tunes recovery protocols in advance of a breakdown — whether from a natural disaster or a criminal hack. Bridging the Understanding Gap While executive leaders and board members have grown to understand disas ter recovery, the concept of cyber recovery can muddle that understanding. IT leaders need to differentiate between the two and make a compelling business case to ensure the unique risks of cyber threats are effec tively managed. To secure investment in cyber recov ery initiatives, IT leaders should focus on these three key points in their business case: n Quantify the cyber risk exposure : Present clear data on the potential financial and operational impact of cyber incidents, including how cyber threats can lead to extended downtimes, data breaches, and significant financial losses beyond what traditional disaster recovery plans cover. n Highlight the limitations of traditional disaster recovery : Explain how traditional disaster recovery strategies are insufficient against sophisticated cyberattacks that target backups and infrastructure, emphasizing the need for specialized cyber recovery measures. n Demonstrate return on investment through resilience : Show how investing in cyber recovery enhances overall business resilience, reduces recovery times, protects the organization’s reputation, and meets compliance and regulatory requirements, while also To strengthen cyber recovery strategies and bridge the gap with disaster recovery plans, enterprises should focus on these key actions to enhance their overall IT resiliency. Actual Typhoon vs. Salt Typhoon When an IT incident occurs, com panies must operate on the assumption fostering trust with customers and partners, thereby providing a strong return on investment.

every technology is compromised. It’s the biggest difference between cyber and disaster recovery strategies. A disaster recovery plan might assume the problem can be isolated to only the hardware and software directly affected by the calam ity. Under the increasingly common threat of cyberattacks, hackers are targeting the assets businesses need to quickly get back online. In fact, 92% of businesses that have incurred attacks say the hackers spe cifically targeted data backups. It’s crucial to make sure backups are stored in a secure, isolated environ ment and are being continually tested to ensure they’re free from malware. That way, companies can more confidently execute their cyber recovery strategies. With isolated backups, data recovery experts can get clean data to the applica tion teams faster, helping them quickly get the actual end systems up and run ning again. Test, Test, Test Too many organizations, though, still lack the clean environments needed to safely and cost-effectively verify the effectiveness of plans in advance of an incident. Even with the right technology in place, if procedures aren’t pressure tested in advance, organizations often run into real-time issues that prolong recovery, amplifying the financial and reputational risks the business faces. In disaster recovery, businesses often have a much clearer idea of the expected impact. The company would know in advance, for example, which services would be affected if a hurricane hit a spe cific region or if a data center was taken offline because of a power outage. With cyber recovery, however, the impact is much more uncertain. After an attack or some other cloud-impacted mishap, enterprises typically aren’t imme diately aware of the extent of the damage. Because many digital applications work in tandem with one another, the impact of any incident can spread far beyond a single infected system. This is why businesses need a secure and cost-effective way to test their

recovery plans against different poten tial situations. And while it’s unlikely any real-world incident ultimately plays out exactly like a test environment, the skills and processes developed during training exercises will help specialists respond with greater agility and flexibil ity. The Talent Challenge Finding specialists who can create and test a cyber recovery plan is getting much more challenging for businesses. According to the survey, 59% of respon dents cited finding and retaining cyber recovery staffers as a key hurdle, com pared to the 15% who cited staffing as a challenge for disaster recovery. Without the right skills, it’s harder for businesses to create and test the resiliency of their IT environments. This is where technology can play a critical role. Cloud-based cleanrooms provide instant access to isolated environ ments, alleviating understaffed internal teams from the expensive and arduous process of building their own testing center. Cyber recovery can build upon and complement the best practices of disas ter recovery. But cyber recovery poses its own additional challenges. Recognizing these unique difficulties and adopting measures to help address them lets busi nesses operate with the confidence that, whether it’s a natural disaster or a hacker attack, they’re prepared to get back online. v broad background in technology, Montgomery has honed his expertise in cybersecurity, risk management, organiza tional change management, and digital transformation. He advises boards, leadership teams, elected officials, and policymakers in both public and private sectors, offering strategic guidance on cyber resilience and moderniza tion. His expertise and strategic insights have made him a respected leader and valuable resource, helping orga nizations navigate the complex landscape of cyber threats and technological advancements. To view findings from the survey mentioned in this article, please see https:// www.commvault.com/resources/ebook/cyber-recovery demands-a-different-approach-from-disaster-recovery. Chris Montgomery is a nationally recog nized cybersecurity strategist with more than 30 years of experience in the technol ogy sector, including pivotal roles as a CIO, CTO and CISO. An Air Force veteran with a

24 DISASTER RECOVERY JOURNAL | SUMMER 2025