Rubrik Cybersecurity Summit | From recovery to resilience
Rubrik Cybersecurity Summit | From recovery to resilience
https://www.digit.fyi/rubrik-cybersecurity-summit-from-recovery-to-resilience/
Publish Date: 2026-01-23 07:41:00
Source Domain: www.digit.fyi
Using an unordered list, summarize the following article with between 4 and 8 key points.
Hosted at the W Hotel in Edinburgh on January 22, the Rubrik Cyber Security Summit saw the threat hunting and recovery specialists move beyond the headlines with talks and panel discussions that took delegates behind the scenes of the top cyber threats affecting businesses.
The packed conference, attended by industry body leads, cybersecurity experts, and sector specialists, roused conversation and in-depth analysis of the current trends rocking the cyber sphere.
Here, we’ll take you through some of the highlights from the stacked conference agenda, touching everything from advanced cyber defenses, identity recovery, and thought leadership on the future of cyber strategy.
From Recovery To Resilience
Cyber-attacks are getting smarter — and more damaging, The basics – backup, data encryption, and siloed departments are a good place to start to secure your assets, but are barely scratching the realm of bare minimum in today’s sophisticated cyber landscape.
As AI lowers the playing field and cyber-as-a-service elevates attack specs, the fallout of an attack has only increased in scope. Enhanced disaster recovery has become paramount as attacks increase in volume and complexity, and reputational damage broaches not just the tech world, but into the mainstream.
“We’re seeing ransomware becoming quicker, quicker, quicker,” Grant Dinning, Rubrik UK Public Sector Sales and Engineering Manager said. “Trying to get ahead of that is difficult.”
The rise of AI and “cyber industrialisation” has transformed even the least technically skilled threat actors into forces to be reckoned with.
“The ‘assume breach mentality’ needs to be a must,” Dinning said. “You are no longer looking to stop them getting in, but assuming someone is already inside your organisation. This means going towards detection, and creating a rapid recovery response.”
This goes beyond simple questions of MFA, immutable backups, and the ability to recover – “It’s about building muscle memory to recover on a regular basis.”
Making this argument evermore compelling is the growing raft of evidence pointing to the varied and critical damage ransomware attacks and data breaches can lead to.
On home territory, the Jaguar Land Rover ransomware attack and its associated supply chain interruptions contributed to the UK economy contracting by 0.1% rather than expand 0.1% as it was predicted. A cyber-attack has been shown to change the trajectory of a nation’s economic output – surely the industry is beginning to take note.
Still, boards are driven by three main things, according to Vil Dhutia from Rubrik X: if they lose their license to operate, if they are audited, or if the survivability of their profit is challenged.
Convincing a board usually means targeting the third point, before an audit takes place or a license is lost.
Dinning and Dhutia both remarked on how reputational damage is more consistently contributing to cybersecurity decisions, as cyber awareness penetrates the mainstream.
The major cyber-attacks seen in the UK in spring last year not only rocked the retail industry, but the public, as store shelves were empty and online services were caput. Cyber-attacks entered the public consciousness as people were more directly affected than ever in the UK.
Essentially, making a business case for more proactive cyber resilience and disaster recovery has never been easier, but the mitigation of a cyber incident has never been more complex.
Rising Complexity: Identity As An Emerging Vulnerability Vector
Ransomware is morphing as it is attacking, the vulnerability threat landscape is expanding, geopolitical fragmentation is increasing risk, and the supply chain ripple effect only increases the stakes of any attack.
Regulatory scrutiny, tech debt icebergs, the need for more tools and their associated sprawl, and the cyber skills shortage are fatal hazards to manoeuvre through for enterprises at all levels and at all stages of their resilience journey.
As Vil Dhutia detailed, identity is becoming an ever-more-critical vulnerability to secure; an organisation’s sprawling active directory can be its biggest burden in a cyber-attack.
It can be an attack vector, and one of the most critical aspects to recover. This recovery, however, requires advanced cyber forensics, as well as capabilities to better understand a cyber-attack, mitigate its damage, as well as service disruption.
This involves “identifying the blast radius of an incident,” Dhutia explained. Doing this can “shorten the decision making time in a recovery process, understanding what was impacted, what wasn’t impacted, and what can be kept going.”
Rubrik has consistently found an overemphasis on prevention rather than recovery. The transition to an “assume breach” mentality is key to creating a viable recovery plan, especially as identity attacks and identity compromise increases.
Understanding the vulnerability of identities at a user level, understanding the challenges of non-human identities, and the concept of shadow AI are all emerging concepts for cybersecurity teams to not only integrate, but explain to their boards.
Converting these challenges into cyber solutions and practices, and then into muscle memory, takes strong leadership, a skilled team, and an integrated approach across an organisation and their vendors.
Another concept – and headache – that Baillie Gifford CISO Gary Marshall, brought up in his fireside chat at the event, concerned external assume breach protocols.
While organisations may be adopting assume breach methods, regularly test their recovery process, have bullet-proof business continuity plans, would get an A* on a DORA audit, and even have an identity management process – their third parties might fail them.
“To an extent we are assuming breach internally, and third parties are doing that too in their own organisations,” Marshall said. “But no one is assuming a breach of their third parties.
Recommended reading
“That’s still a journey we need to go on in our assume breach posture.”
CISO’s need a long-term strategy to keep assets and systems secure – but the threat landscape is constantly evolving and changing.
It’s tough to keep up, tough to convince the board of the importance of cybersecurity, tough to keep fighting after consistent high-profile hits rattle the ecosystem.
“Its important to extract yourself from that technical world, and even that strategic role, to have that view from 40,000 feet and think about what we want to achieve as a security function, and as a business,” Marshall explained.
As some of the most powerful people in the world turn at least some of their attention to cybersecurity, CISOs and cybersecurity professionals will have to continue working from the ground level to keep things secure in an ever-more insecure world.
Related
