Skip to content
11:11 Systems
The Resilient Cloud Platform
11:11 Systems11:11 Systems
  • Why 11:11
    • Submenu
      • Column 1
        • 11:11 Systems Consulting
          Consulting Services
          Global Regions
          Cloud Regions
          11:11 Systems Security
          Security

      • Column 2
        • Cloud Console
          Cloud Console
          Catalyst
          Planning and Assessment
          Compliance
          Compliance

      • WHY CHOOSE 11:11
      • Overview
      • Leadership
      • News & Media
      • ESG Program
      •  
      • Careers
      • Technology Partners
      • Customer Stories
      • Innovation Blog
  • Products & Services
    • Products & Services

        • Cloud Overview
        • Managed Public Cloud
        • Private Cloud
        • Object Storage
        • Cloud Labs
        • Flexible Cloud Environment/Colocation
        • AWS Solutions
        • Managed OS Services
        • Managed DB Services

        Infrastructure as a Service

        Take a 30-day free trial of 11:11 Cloud.

        Cloud hosting built for your business.
        START FREE TRIAL
        REQUEST A QUOTE

        • Backup Overview
        • Veeam Backup
        • Microsoft 365 Backup
        • Managed Backup for Cohesity
        • Cyber Vault
        • Data Protection Services
        Backup as a Service

        11:11 Cloud Backup

        Protect your data wherever it lives.
        REQUEST A QUOTE
        REQUEST A DEMO

        • DRaaS Overview
        • DRaaS for Veeam
        • DRaaS for Zerto
        • DRaaS for Azure
        • DRaaS for Cohesity
        • Managed Recovery
        • Cloud Recovery
        • Cyber Recovery Platform
        • Infrastructure Recovery
        • Continuity Consulting Services
        • Disaster Recovery Consulting
        Disaster Recovery

        5TB 30Day Free Trial of DRaaS for Veeam

        Protect your business-critical workloads and reduce recovery time with the Leader in Disaster Recovery.
        START FREE TRIAL
        LEARN MORE

        • Security Overview
        • Continuous Risk Scanning
        • Managed Detection and Response
        • Managed SIEM
        • Managed EDR
        • Managed Firewall
        • Application and Zero Trust Services
        Security Services

        Take the first steps toward cyber resilience.

        Download our white paper and learn how to stay ahead of threats.
        REQUEST A QUOTE
        DOWNLOAD NOW

        • Networking Overview
        • SD-WAN
        • Managed Connectivity for AWS Direct Connect
        • Multi-Cloud Connect
        • Network Consulting Services
        Connectivity Services

        Transform your network.

        Take your infrastructure and performance to the next level.
        REQUEST A QUOTE
        WATCH VIDEO
  • Solutions
    • Solutions Submenu
      • INDUSTRY
      • Education
      • Financial
      • Government
      • Healthcare
    • Solutions Business Objective Submenu
      • BUSINESS OBJECTIVE
      • Cyber Resilience
      • Modernize
      • Protect
  • Partners
    • Partners Submenu
      • Overview
      • Become a Partner
      • Partner Portals
  • Resources
    • Resources Submenu
      • Events
      • Webinars
      • News & Media
      • White Papers
      • Podcast
      • Data Sheets
      • Customer Stories
      • Innovation Blog
  • Support
    • Support Submenu
      • Contact Support
      • Product Documentation
      • API Documentation
Search:
  • Login
  • Contact
Header Right Menu
Free Trial
  • Why 11:11
    • Consulting Services
    • Cloud Console
    • Cloud Regions
    • Planning and Assessment
    • Security
    • Compliance
    • WHY CHOOSE 11:11
    • Overview
    • Leadership
    • News & Media
    • ESG Program
    • Careers
    • Technology Partners
    • Customer Stories
    • Blog
  • Products & Services
    • CLOUD
    • Cloud Overview
    • Managed Public Cloud
    • Private Cloud
    • Object Storage
    • Cloud Labs
    • Flexible Cloud Environment/Colocation
    • AWS Solutions
    • Managed OS Services
    • Managed DB Services
    • BACKUP
    • Backup Overview
    • Veeam Backup
    • Microsoft 365 Backup
    • Managed Backup for Cohesity
    • Cyber Vault
    • Data Protection Services
    • DISASTER RECOVERY
    • DRaaS Overview
    • DRaaS for Veeam
    • DRaaS for Zerto
    • DRaaS for Azure
    • DRaaS for Cohesity
    • Managed Recovery
    • Cloud Recovery
    • Cyber Recovery Platform
    • Infrastructure Recovery Services
    • Continuity Consulting
    • Disaster Recovery Consulting
    • SECURITY
    • Security Overview
    • Continuous Risk Scanning
    • Managed Detection and Response
    • Managed SIEM
    • Managed EDR
    • Managed Firewall
    • Application and Zero Trust Services
    • NETWORK
    • Network Overview
    • SD-WAN
    • Managed Connectivity for AWS Direct Connect
    • Multi Cloud Connect
    • Managed IP
  • Solutions
    • INDUSTRY
    • Education
    • Financial
    • Government
    • Healthcare
    • BUSINESS OBJECTIVE
    • Cyber Resilience
    • Modernize
    • Protect
  • Partners
    • Overview
    • Become a Partner
    • Partner Portals
  • Resources
    • Events
    • Webinars
    • News & Media
    • Whitepapers
    • Podcast
    • Datasheets
    • Customer Stories
    • Innovation Blog
  • Support
    • Contact Support
    • Product Documentation
    • API Documentation
  • Contact
  • Login
  • Free Trial
Tags: Backup and disaster recoveryThe NIST CyberSecurity FrameworkConnectivityCybercrimeManaged Security Servicescyber threatsCloud BackupData ProtectionCloud Backup; Backup; Cloud RecoveryDraaSDisaster Recovery
Author: Brandon Leiker
Date: September 30, 2024

Why the disaster recovery strategy my company has always used may not be enough.

Is my organization’s disaster recovery strategy ready for today’s uncertain cyber landscape?  Your company has determined the recovery point objectives (RPOs) and recovery time objectives (RTOs) for all systems.  You have also implemented solutions to achieve these goals. Your organization routinely performs successful Disaster Recovery (DR) tests meeting your established expectations and objectives. If a situation arises in the future that requires your organization to activate its disaster recovery plan (DRP), shouldn’t your organization feel confident it will work to achieve a successfully recovery as expected? While this may seem like the answer would be “Yes”, the reality is, that it often is not.

Traditional DR strategies do a very good job preparing organizations to recover in the event of a natural disaster, such as an earthquake, fire, flood, hurricane, tornado, etc. They work for infrastructure and utility failures including cooling, networking and internet services, servers, storage or power. However, these plans will typically fall short when it comes to successfully recovering from cybersecurity related events, such as ransomware. In a recent 11:11 Cyber Resilience webinar our senior executives discussed that to truly be Cyber Resilient an organization needs to enhance their ability to withstand, prevent, respond, and recover from all sorts of cyber incidents and other events like natural disasters.  A successful DRP should recover systems to a known good and clean state.

 

Cyber Resilience – a comprehensive end-to-end approach that organizations adopt to enhance their ability to withstand and prevent, respond to, and recover from cyber risks and incidents. 

 

Recovery to a known good state means that a system was recovered to a state of operating and functioning properly by using recovery solution (replication or backup) from a successful replication or backup of our production environment. Recovery to a known clean state on the other hand means that a recovered system is free of malicious artifacts (changes, scripts and executables). Following a traditional DRP, an organization uses the most recent known good version recovery media to recover systems back to that state.

With cybersecurity related events it is probable that malicious actors had been lurking around in an organization’s systems for a while before the actual event occurred. This means that malicious artifacts can exist on systems for an unknown timeframe prior to the actual cybersecurity event occurring. If we follow our traditional DRP, recovered systems may contain those malicious artifacts; meaning they may have been recovered to a known good state, but aren’t in a known clean state. This can create the potential for the malicious actor to effortlessly cause the impactful cybersecurity event to reoccur.

When recovering from a cybersecurity event, the most recent known good recovery media may not be suitable to recover from because it is not clean. This creates a challenge in that meeting the defined RPOs and RTOs may not be realistic. The organization needs to be able to evaluate their recovery media to determine which version is not only the most recent known good, but also clean version.

This requires organizations to update and enhance their disaster recovery strategies. Things like a cyber-recovery cleanroom (clean room) should be incorporated into the DR strategy. A cleanroom is an independent environment designed to securely recover systems after a cybersecurity event. The purpose of the cleanroom is to ensure that systems are recovered to a known good and clean state free of the malicious artifacts that lead to the initial cybersecurity event.

Updating disaster recovery strategies and implementing a cleanroom solution, while very important, doesn’t solve the problem entirely. There is still the issue of data and work loss. If the malicious actor has been lurking around the organization’s systems for a few weeks the organization may not have a choice but to recover from a version of recovery media that is weeks old. Afterwards, the work that was performed between the date of the recovery media and the date of the cybersecurity event occurred will need to be reproduced to recreate what was lost. According to the M-Trends 2024 report by Mandiant, the average dwell time was 10 days in 2023. While this is down from their reported 24 days four years ago in 2020, that can still be a huge gap in terms of lost work.

Organizations must take steps to shorten that dwell time to reduce the age of clean recovery media. Enhancing the ability to detect and respond to cybersecurity events is essential to making that happen. Endpoint detection and response (EDR) and security information and event management (SIEM) solutions can help facilitate this. SIEMs aggregate event and log information to correlate activities across the environment providing holistic visibility to detect and identify malicious or anomalous activity. EDR solutions use behavioral analysis and machine learning to detect and respond to malicious behavior, ransomware and malware on endpoints.

It is crucial that an organization has able to analyze and respond to cybersecurity events 24/7/365. Malicious actors are opportunistic and prone to carry out activities and attacks when defenses are reduced, and they are less likely to be quickly detected. This is typically outside normal business hours, such as nights, weekends and even holidays. For many organizations, standing up a security operations center (SOC) with the necessary skilled cybersecurity talent capable of meeting these requirements is challenging and cost prohibitive.

A managed detection and response (MDR) solution provides a way for organizations to meet those expectations to help support a robust disaster recovery strategy. MDR solutions provide organizations with the features and capabilities of both SIEM and EDR as a managed and monitored service. This makes it possible for organizations to benefit from the capabilities of a 24/7/365 SOC staffed with skilled cybersecurity talent, providing the ability for the timely detection and response to actionable cybersecurity events in a much more cost effective manner.

 

11:11 Systems has a wealth of information and tools to help along your cybersecurity journey.  If you would like to learn more about disaster recovery strategies and tools please reach out to an 11:11 Representative or check out these additional resources.

    • Cyber Incident Recovery
    • Webinar -Cyber resilience in the age of ransomware
    • Managed Security Services
    • Data sheet – Managed EDR
    • Data sheet – Managed SIEM
    • Data sheet – Managed Detection and Response

Categories: Cyber Resilience, Managed Services, Cloud Backup, Cybercrime, DRaaS, Object Storage, Ransomware, SecurityBy Brandon LeikerSeptember 30, 2024
Tags: Backup and disaster recoveryThe NIST CyberSecurity FrameworkConnectivityCybercrimeManaged Security Servicescyber threatsCloud BackupData ProtectionCloud Backup; Backup; Cloud RecoveryDraaSDisaster Recovery
Brandon Leiker

Author: Brandon Leiker

Brandon Leiker is a Principal Solutions Architect, Security at 11:11 Systems. In his role, Brandon supports the global solution architecture team by leading security discussions and designing security solutions. He has over 20 years of experience in IT and security across multiple verticals including energy, financial services, medical, banking, and manufacturing. Brandon’s background includes solution architecture, implementation, administration, security operations, and strategy, as well as governance, risk management, and compliance. He holds a master’s degree in Information Assurance Management and a bachelor’s in Information Networking and Telecommunications, both from Fort Hays State University in Kansas. In addition, Brandon holds numerous industry certifications, including CCSP, CISSP, CISA, CISM, CRISC, and CCISO.

Post navigation

PreviousPrevious post:What is cyber resilience and how can my organization become cyber resilient?NextNext post:Enabling Seamless Connectivity for Retail Banking

Related Posts

simple SOBR migration
Super Simple SOBR Migration: How to Move Your Veeam Capacity Tier to 11:11 Object Storage for Amazon S3
August 22, 2025
Better Network Visibility with New 11:11 Cloud Console Tools
August 21, 2025
How to Make the Case for Cyber Resilience
August 19, 2025
Graphic depiction of a backup repository
Simplify VBR Direct Repository Migration with VeeaMover
August 11, 2025
VMware Partner
Major VMware Partnership Announcement and How 11:11 Systems Keeps You Moving Forward
July 16, 2025
Entra ID
Recovering Entra ID with Veeam
July 16, 2025
PRODUCTS & SERVICES
  • Cloud
  • Backup
  • Disaster Recovery
  • Managed Security
  • Network as a Service
  • Compliance
COMPANY
  • Why 11:11
  • Customer Stories
  • Careers
  • Leadership
  • Technology Partners
  • News & Media
  • Contact Support
CLOUD REGIONS
  • North America
  • EMEA
  • APAC
CONNECT
  • LinkedIn
  • X
  • Youtube

© 2025 11:11 Systems Inc., All Rights Reserved | Privacy Notice | Website Terms of Use |

Go to Top