Recoverability and Cyber BCPs Are Essential in an Era of Unavoidable Threats

The damage caused by ransomware shows no sign of abating. In recent times, phishing-based impersonation and account hijacking have become the primary method of attack, rendering traditional defenses ineffective against attackers who use stolen IDs and passwords to log in as “legitimate users.” “Recoverability, rather than defense, is now the critical factor. Working on the assumption that breaches will occur, cyber business continuity plans (BCPs) and cyber recovery time objectives are essential, enabling rapid business recovery even if data is destroyed or deleted,” emphasized Rubrik Japan’s Yuki Takayama.

Although many companies back up their data on a daily basis as part of their BCP measures, recovering from a ransomware attack can take several months. This is because it takes time to identify the scope of the breach and determine a safe restore point, and as partial recovery is not possible, companies are often forced to roll back entire systems to older generations.

“In particular, if attackers gain access to privileged IDs, the active directory (AD) can be destroyed, causing the authentication infrastructure to collapse,” noted Takayama. “This makes the recovery time significantly longer — up to five months in the case of some companies.”

Rubrik is a platform designed to prevent such prolonged downtime. It automatically scans for threats during data backup, detecting dormant malware and suspicious changes. It can quickly identify clean restore points from previous backups, completing investigative and identification work that would normally take months in just one to two days. There have been real-world examples in which, thanks to Rubrik, companies were able to fully recover their business operations in approximately five days. In particular, the Rubrik Identity Recovery feature, which can restore only the destroyed AD hierarchy in five steps, serves as a key solution to prevent recovery delays caused by identity-based attacks.

Real-world adoption of Rubrik is rapidly growing in environments with critical systems that cannot afford to shut down, such as medical institutions, financial institutions and manufacturing plants. This is because Rubrik does not just function as a mere backup, but as a business continuity mechanism. Takayama concluded his presentation by stating, “In cyber recovery, swift action is critical. Recoverability will serve as a key competitive advantage for companies going forward.”