Elastio was thrilled to host experts from Sheltered Harbor, AWS, and Veritas for a critical conversation on preparing for and recovering from severe cyber outages—events that can erode customer trust and threaten organizational survival. Here’s a recap of the discussion.
Sheltered Harbor Principles
Carlos Recalde, CEO of Sheltered Harbor, opened with a stark scenario: a sudden cyberattack renders a bank’s systems inoperable, locking customers out of their accounts. For financial institutions, moments like these are make-or-break—customer confidence is the key to survival.
Sheltered Harbor’s mission is simple: ensure customers can access key services, like their account balances, even if full systems aren’t operational. Their robust framework is built on three pillars:
- Data Vaulting for mission-critical data,
- Resilience Planning, and
- Certifying readiness through rigorous testing.
This structured approach provides a lifeline for institutions to weather severe outages and recover confidently.
Ensuring Data Vaults Are Effective: Data Integrity Validation
Todd from Elastio highlighted the foundation of any data vaulting strategy: confidence that the data is clean and recoverable. Today’s ransomware threats, like TimeTime, evade detection, embedding themselves into systems over months. These threats can reinfect infrastructure during recovery if undetected, rendering vaulting strategies useless.
Elastio addresses this challenge with advanced AI and behavioral models that identify corruption in data early, catching ransomware before it embeds deeply. By continuously inspecting and testing data integrity, Elastio ensures that only clean, recoverable data enters the vault, safeguarding organizations against reinfection and future downtime.
AWS: Building Compliance-Ready Data Vaulting Solutions
Pradeep from AWS highlighted how rising regulatory mandates, such as DORA, NYDFS, and CMORG, drive financial institutions to adopt resilient data vaulting solutions. These requirements demand architectures that ensure data immutability, logical air gaps, and robust forensic capabilities.
AWS’s Cyber Recovery architecture provides a pre-validated framework for creating secure and scalable vaults. Key features include Amazon S3 object lock for data immutability and forensic zones integrating solutions like Elastio to scan for ransomware and malware. This architecture allows organizations to meet compliance requirements swiftly while fortifying against sophisticated ransomware threats.
Veritas: Simplifying Cyber Recovery
Robert from Veritas explained how their Sheltered Harbor-endorsed NetBackup Recovery Vault offers an easy, cost-effective way to achieve compliance and resilience. This fully managed SaaS solution ensures data immutability, logical air gaps, and survivability—key components of a robust recovery strategy.
For existing Veritas customers, Recovery Vault integrates seamlessly into workflows, enabling rapid activation of resiliency plans during an attack. For those new to Veritas, Robert emphasized its ability to centralize and simplify data recovery, leveraging AI and advanced security features to prevent attacks and ensure rapid restoration of critical systems.
Key Questions from the Audience
During the Q&A, the panel tackled some big questions:
- Who leads resilience initiatives within organizations?
Carlos noted that while Chief Resilience Officers or Chief Risk Officers are ideal, it’s less about who starts the effort and more about ensuring the C-suite drives it forward. Resilience requires cross-functional collaboration across legal, compliance, IT, and operations teams. - How do you justify the cost of resilience initiatives?
The panel emphasized the rising threats of ransomware—now affecting 65% of organizations—and the increasing regulatory pressures from bodies like NYDFS and DORA. Investments in resilience aren’t just about compliance; they’re about survival. - How often is backup data compromised?
Todd shared that Elastio’s scans often uncover hidden issues, from malware embedded in backups to misconfigured storage, underscoring the importance of continuous inspection of recoverability. Robert added that while immutability protects against many threats, today’s sophisticated ransomware actors require organizations to take a holistic view of security, combining advanced tools with best practices to minimize risk.
Final Thoughts
Elastio is grateful to Sheltered Harbor, AWS, and Veritas for sharing their expertise and to all attendees for their thoughtful questions. This discussion reinforced that resilience isn’t just about technology—it’s about preparation, collaboration, and leadership. As ransomware threats grow more sophisticated, organizations must prioritize resilience to protect their data, operations, and customers.
If you missed the webinar or want to dive deeper, feel free to reach out to Elastio, Sheltered Harbor, AWS, or Veritas. Let’s work together to build a safer, more resilient future.
