The cyberreadiness features include the ability to simply test, validate, and document cyber recovery plans, instantly recover the last known clean copy of data into production to minimize downtime, and performing forensic investigations out-of-band in an isolated recovery environment.

Data security company Rubrik has announced Rubrik Cyber Recovery, an updating and reworking of its Orchestration Application Recovery Solution that both improves customers’ ability to recover and helps them with their cyberreadiness and recover faster with confidence. New features include the ability to simply test, validate, and document the success of an organization’s cyber recovery plans. It also allows for instant recovery of the last known clean copy of data into production while performing forensic investigations out-of-band in an isolated recovery environment.

“The capability is brand new, but it is based on our pre-existing investment in AppFlows, which we developed in 2021,” said Vasu Murthy, VP and Head of Product at Rubrik. “It uses some pieces from that. We called this Orchestrated Application Recovery, a recovery solution that brings up the entire legislation in a coordinated fashion. The problem was that it was more of a traditional disaster recovery solution, and didn’t work well for cyber recovery, so that the machine was usually shut down.  We added some features from existing ransomware monitoring, and cloned the production to do investigations, to provide the more complex orchestration required for cyber recovery.”

Murthy said that while Rubrik Cyber Recovery handles the recover for cyber, the new features also help the customer understand how long it will take to recover and what the recovery will look like. The previous solution was just a DR failover.

“The new features help the customer to understand the preparedness, and lets them test for cyber resilience,” Murthy indicated. “They have to set up the environment, so there is some work, but the testing itself is automated. It allows them to clone into a sandbox to do Red Team and Blue Team operations.”

Murthy indicated that this solution will be valuable to the majority of their customers who do not presently have alternative recovery sites.

“We know that 30% of customers have alternate sites, which means that 70% don’t,” he said. “This will be most valuable for those 70%, to get them to an appropriate level of cyberreadiness. We want all of our customers to be using it, and my goal is to get to 100% adoption.”

Rubrik Cyber Recovery also lets customers easily validate whether their cyber recovery plans will work. Customers can test whether their recovery playbook works, including sequence, timing, and failure points.

“They can make sure that databases are up and running,” Murthy said. “It also has an orchestration mechanism that validates scripts. We document that and make an elaborate report to show regular testing of cyber recovery capabilities is taking place, and which lists all the objects, statuses, and history of what we did before. As a result, these reports will grow over time.”

Rubrik Cyber Recovery also lets organizations assess cyber readiness faster by being able to quickly clone backup snapshots into isolated environments. This lets them perform destructive tests more easily, to enhance their organization’s cyber readiness.

“They can go back in time to any snapshot,” Murthy said. “They could go back to sandbox of how system was say, last Tuesday.”

Another new feature with this offering is the ability to conduct forensic investigations on infected snapshots in isolated environments while business continuity is quickly restored using a last known good snapshot.

“It’s a huge lifesaver because it speeds up business continuity,” Murthy stated. “Large businesses lose millions a day when they are down, and this lets them restore much faster.”

Rubrik also announced that both Ransomware Monitoring and Investigation and Sensitive Data Monitoring and Management will now support Microsoft OneDrive and SharePoint, NAS Cloud Direct, and Azure Virtual Machines.

“We are now building all of our security operators in the cloud, with one place to apply it to both the cloud and data centre,” Murthy said. “It started out in the data centre, but cloud lets us control all the applications, which are now all available as a service.”

Finally, Murthy noted that Rubrik had recently released their first report from the newly-established Rubrik Zero Labs for research.

“This research, called the State of Data Labs, interviewed 1600 people,” he said. “The highlight was that 98% of organizations had a breach last year.”