# Cyber Resilience Beyond Prevention with Anneka Gupta Page: https://stenobird.com/podcast/screaming-in-the-cloud/cyber-resilience-beyond-prevention-with-anneka-gupta Text version: https://stenobird.com/podcast/screaming-in-the-cloud/cyber-resilience-beyond-prevention-with-anneka-gupta.md Podcast: [Screaming in the Cloud](https://stenobird.com/podcast/screaming-in-the-cloud) Published: 2025-10-30T10:00:00+00:00 Episode link: https://share.transistor.fm/s/045837ee Audio file: https://dts.podtrac.com/redirect.mp3/media.transistor.fm/045837ee/a23d4d27.mp3 Processing state: processed JSON: https://stenobird.com/v1/public/podcasts/screaming-in-the-cloud/episodes/cyber-resilience-beyond-prevention-with-anneka-gupta Duration seconds: 2054 ## Resource Relying on cloud-native replication is insufficient for true security because compromised credentials can delete both production data and its replicas. True cyber resilience requires an 'assume breach' mindset, focusing on immutable, air-gapped backups and frequent recovery simulations. ## Highlights - Failure mode: Using S3 versioning or cross-region replication as a primary backup strategy fails when attackers compromise administrative credentials - Main idea: Cyber recovery is fundamentally different from operational recovery; it requires identifying clean snapshots rather than just restoring the latest data - Practical takeaway: Organizations should move from a prevention-only focus to an 'assume breach' paradigm, prioritizing recovery testing and simulations - Complexity risk: Multi-cloud environments increase the attack surface and operational overhead, making a unified resilience platform essential - Future trend: AI is being leveraged to automate the detection of malware within backups and to simplify the management of complex recovery workflows ## Topics Cyber Resilience, Ransomware Recovery, Cloud Security, Data Immutability, Multi-Cloud Management, AI in Security, Backup Strategy, Disaster Recovery ## Chapters - 1:00 — The Fallacy of Cloud Replication: Why standard cloud replication and versioning are vulnerable to credential compromise and how immutability provides a true air gap. - 3:30 — Operational vs. Cyber Recovery: Distinguishing between recovering from natural disasters and recovering from active, malicious cyber attacks. - 6:10 — Challenges in Malware Detection: The technical difficulty of scanning diverse surface areas to find clean recovery points during an incident. - 8:40 — The Shift to Recovery Simulations: Moving beyond treating backups as an insurance policy toward frequent, active cyber recovery testing. - 11:10 — Adopting an 'Assume Breach' Paradigm: Why investing solely in prevention technology is insufficient when attackers specifically target backup environments. - 13:35 — Targeting the Backups: How modern ransomware attackers prioritize destroying backups to force ransom payments. - 16:05 — Managing Multi-Cloud Complexity: The risks of fragmented security tools across different cloud providers and the need for a unified resilience platform. - 18:55 — The Risks of Multi-Cloud Strategy: How unplanned multi-cloud expansion increases the attack surface and operational complexity. ## Actions - request_transcript: `POST https://stenobird.com/v1/public/podcasts/screaming-in-the-cloud/episodes/cyber-resilience-beyond-prevention-with-anneka-gupta/transcription-requests` — Idempotently request low-priority transcript generation for this episode. - read_markdown: `GET https://stenobird.com/podcast/screaming-in-the-cloud/cyber-resilience-beyond-prevention-with-anneka-gupta.md` — Read the agent-friendly Markdown representation of this episode resource. A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed. ## Transcript Full transcripts are not published on public pages unless there is a clear rights basis.