Keep It Real 5: Backups - The Last Line of Defence (Often Untested)

Most organisations say they have backups. Few can say, confidently, that they’ll work when the worst happens and they are needed.

Backups are treated as a background safety net but in ransomware attacks, system failure or data loss they’re not a nice-to-have; they’re the last line of defence. When primary systems are compromised, recovery depends on the integrity, availability and speed of your backups. Simply assuming the backups are good enough has caught many organisations with their pants down.

The common failure is the gap between backing up and restoring, where recovery is rarely tested under real conditions and then, when it’s needed, organisations discover data is incomplete or the backup is corrupted. The outcome is that restores take far longer than planned, the recovery point is much further back in time than expected, or systems can’t be rebuilt quickly enough to be usable.

Cloud adds another trap. Resilience and redundancy aren’t always backups. Cloud services may not protect you from user error, malicious deletion or a compromised account. If data is deleted or encrypted in-platform that change can synchronise everywhere unless safeguards have been built in.

When backups fail, the outcomes are brutal: extended downtime, permanent data loss, inability to operate. For professional services firms, that hits client delivery, regulatory obligations and business continuity.

Good backup strategy isn’t complicated. But it does need attention and proof.

Focus on the basics:

Test restores regularly to prove you can recover fully and fast
Protect backups from alteration or deletion (e.g. immutable and/or offline copies)
Set recovery targets: how fast you must recover (RTO) and how much data loss you can tolerate (RPO)
Include cloud platforms and critical SaaS in scope
Monitor backups to ensure they run successfully and consistently

Backups aren’t about storage; they’re about recovery. Without tests and clear targets, they can create a false sense of security.

Disruption should not be thought of as a question of if, but when, and when that disruption hits, then the ability to restore quickly and reliably matters. Backups are one of the most important controls organisations have yet they are one of the most frequently disregarded for detailed attention.

David Baskerville

07769 946883

Do this today:

Ask when backups were last restored in a test, and what the actual recovery time was.

When everything else fails, backups are what you’re left with.

Keep It Real 4: Access Control. Who Actually Has Access to What?

Most organisations assume access is under control: logins exist, permissions are assigned and systems sit behind authentication. On paper it looks tidy but in reality access piles up over time, with little visibility and less removal. “Access creep” is one of the most...

Keep It Real 3: Software Updates, The Patch You Didn’t Apply

We tend to picture cyber breaches as sophisticated attacks beating sophisticated defences. In reality many breaches exploit something simpler such as a known vulnerability with a fix that was never applied. Patching is one of the most basic and effective security...

Keep It Real 2: Phishing Awareness – Still the Weakest Link

Cybersecurity spend keeps rising with better email filtering, stronger detection and more automation promising better protection. Yet phishing still works because while technology can reduce exposure, it can’t remove human judgment. Phishing has evolved with the...

Keep It Real 1: World Password Day – The Basics Still Matter

World Password Day is 7 May. The problem isn’t awareness; it’s execution. Phishing is growing in both volume and sophistication. Messages now mimic suppliers, colleagues and trusted services with convincing branding, tone and timing. Often, attackers aren’t “breaking...