Cyber resilience on AWS: A reference approach for recovery from ransomware and destructive events
The article discusses cyber resilience on AWS, focusing on recovery strategies from ransomware and destructive events. It emphasizes the importance of isolating recovery environments from production to ensure safety and integrity. The authors outline a reference approach that includes using separate AWS accounts and logically air-gapped vaults for secure backup storage.
- ▪Cyber resilience is the ability to recover workloads to a known-good state after an adversary has affected the environment.
- ▪The recovery environment must not share a trust boundary with the production environment to ensure safety during recovery.
- ▪AWS Backup provides logically air-gapped vaults that offer deletion protection for backup storage.
Opening excerpt (first ~120 words) tap to expand
Cyber resilience on AWS: A reference approach for recovery from ransomware and destructive events by Ashish Panwar, Kanniah Vagathupatti Jaikumar, and Rakesh Singh on 20 MAY 2026 in Amazon GuardDuty, AWS Backup, Best Practices, Resilience, Thought Leadership Permalink Comments Share Cyber resilience is the ability to recover workloads to a known-good state after an adversary has affected the environment. Prevention works to keep threat actors out and detection works to find them quickly. Cyber resilience focuses on recovery: restoring a trustworthy environment when backups, credentials, or parts of the infrastructure can no longer be assumed to be safe.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at AWS Architecture Blog.
Discussion
0 commentsMore from AWS Architecture Blog
