{"id":15792,"date":"2026-02-12T23:11:00","date_gmt":"2026-02-12T23:11:00","guid":{"rendered":"https:\/\/newestek.com\/?p=15792"},"modified":"2026-02-12T23:11:00","modified_gmt":"2026-02-12T23:11:00","slug":"why-identity-recovery-is-now-central-to-cyber-resilience","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=15792","title":{"rendered":"Why identity recovery is now central to cyber resilience"},"content":{"rendered":"<div>\n<div id=\"remove_no_follow\">\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<section class=\"wp-block-bigbite-multi-title\">\n<div class=\"container\"><\/div>\n<\/section>\n<p>Ransomware has permanently changed how security leaders think about risk. Verizon\u2019s <a href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/\" target=\"_blank\" rel=\"noreferrer noopener\">2025 Data Breach Investigations Report<\/a> found that ransomware was involved in 44% of all breaches. For small and midsize businesses, the problem is big; ransomware was involved in nearly nine out of 10 breaches, compared to it playing a role in 39% of incidents among large organizations.<\/p>\n<p>Many of these attacks begin by breaching privileged accounts and identity infrastructure, targeting identity because of its reach and influence. Compromising identity infrastructure such as \u00a0Active Directory enables adversaries\u00a0 to escalate privileges and block legitimate users from their own systems within minutes.<\/p>\n<p>Even when those applications and data are restored, a compromised identity layer can leave an organization locked out of its environment for the long term, stalling recovery efforts across the enterprise.<\/p>\n<p>This is why identity recovery is now a central ingredient in cyber resilience. Identity systems are deeply integrated into authentication and access pathways. When they fail, recovery becomes even more complex. Security leaders know that recovering identity is about bringing systems back up and \u00a0restoring access securely, so\u00a0 attackers cannot find their way back in.<\/p>\n<h2 class=\"wp-block-heading\"><strong>A board-level issue<\/strong><strong><\/strong><\/h2>\n<p>Boards of directors and regulators are now treating resilience as a core component of enterprise risk management. Cyber insurance providers require evidence of tested recovery plans, immutable backups, and defined recovery time and recovery point objectives before underwriting coverage. Regulatory frameworks like the General Data Protection Regulation and the California Consumer Privacy Act impose stiff penalties for extended downtime and data exposure.<\/p>\n<p>As a result, organizations are moving beyond traditional backup strategies toward recovery engineering. Recovery is a designed capability rather than an emergency response. It relies on automation, orchestration, and repeatable processes that reduce dependence on manual intervention during high-stress incidents. It also aligns technical recovery with business priorities, helping CISOs communicate resilience in terms that executives and boards understand.<\/p>\n<p>To reduce downtime and regain control quickly after a ransomware or identity-based attack, CISOs should prioritize these capabilities:<\/p>\n<ul class=\"wp-block-list\">\n<li><strong>Identity resilience:<\/strong>\u00a0Implement \u00a0immutable backups and automated recovery\u00a0 for identity systems such as Active Directory.<\/li>\n<li><strong>Zero-trust architecture:<\/strong>\u00a0Apply least-privilege access and continuous authentication to reduce the blast radius of an attack.<\/li>\n<li><strong>Automated orchestration:<\/strong>\u00a0Limit manual steps in recovery workflows so teams can respond faster under pressure.<\/li>\n<li><strong>Regulatory readiness:<\/strong>\u00a0Make audit-ready reporting and compliance validation part of resilience planning, not an afterthought.<\/li>\n<li><strong>AI-ready protection:<\/strong>\u00a0Account for risks introduced by autonomous agents and AI-driven operations by securing data environments and enabling fast rollback of damaging actions.<\/li>\n<li><strong>Backup platform isolation:<\/strong>\u00a0Treat the backup environment as a separate security domain that can function as a minimum viable recovery environment when needed.<\/li>\n<\/ul>\n<p>Cognizant\u00a0and\u00a0Rubrik\u00a0help organizations improve cyber resilience with a unified, service-based model that integrates data protection, identity resilience, and business continuity.<\/p>\n<p>Rubrik provides capabilities such as immutable storage, rapid ransomware recovery, sensitive data discovery, and identity resilience, including support for restoring Active Directory environments. Cognizant brings orchestration across technologies and domain expertise to align recovery actions with business outcomes, ensuring that restoration efforts support operational continuity and compliance requirements.<\/p>\n<p>Learn more about how <a href=\"https:\/\/www.cognizant.com\/us\/en\/services\/cloud-solutions#spy-featured-work\" target=\"_blank\" rel=\"noreferrer noopener\">Cognizant<\/a> and <a href=\"https:\/\/www.rubrik.com\/products\" target=\"_blank\" rel=\"noreferrer noopener\">Rubrik<\/a> are helping organizations <a href=\"https:\/\/news.cognizant.com\/2025-10-27-Cognizant-and-Rubrik-Announce-Strategic-Partnership-to-Deliver-Business-Resilience-as-a-Service\" target=\"_blank\" rel=\"noreferrer noopener\">strengthen business resilience<\/a>. If you would like further details or have specific questions, send an email to: <a href=\"mailto:BusinessResilience@cognizant.com\" target=\"_blank\" rel=\"noreferrer noopener\">BusinessResilience@cognizant.com<\/a><\/p>\n<p><strong>About Sriramkumar Kumaresan<\/strong><\/p>\n<div class=\"extendedBlock-wrapper block-coreImage undefined\">\n<figure class=\"wp-block-image is-resized\"> srcset=&#8221;https:\/\/b2b-contenthub.com\/wp-content\/uploads\/2025\/12\/Sriram-Headshot2.jpg?quality=50&amp;strip=all 500w, https:\/\/b2b-contenthub.com\/wp-content\/uploads\/2025\/12\/Sriram-Headshot2.jpg?resize=247%2C300&amp;quality=50&amp;strip=all 247w, https:\/\/b2b-contenthub.com\/wp-content\/uploads\/2025\/12\/Sriram-Headshot2.jpg?resize=138%2C168&amp;quality=50&amp;strip=all 138w, https:\/\/b2b-contenthub.com\/wp-content\/uploads\/2025\/12\/Sriram-Headshot2.jpg?resize=69%2C84&amp;quality=50&amp;strip=all 69w, https:\/\/b2b-contenthub.com\/wp-content\/uploads\/2025\/12\/Sriram-Headshot2.jpg?resize=395%2C480&amp;quality=50&amp;strip=all 395w, https:\/\/b2b-contenthub.com\/wp-content\/uploads\/2025\/12\/Sriram-Headshot2.jpg?resize=296%2C360&amp;quality=50&amp;strip=all 296w, https:\/\/b2b-contenthub.com\/wp-content\/uploads\/2025\/12\/Sriram-Headshot2.jpg?resize=206%2C250&amp;quality=50&amp;strip=all 206w&#8221; width=&#8221;500&#8243; height=&#8221;608&#8243; sizes=&#8221;auto, (max-width: 500px) 100vw, 500px&#8221;&gt;<\/figure>\n<p class=\"imageCredit\">Cognizant<\/p>\n<\/div>\n<p>Sriram Kumaresan leads the Global Cloud, Infrastructure and Security practice atCognizant, overseeing approximately 35,000 professionals. With over 25 years of experience, he excels in building and scaling businesses from strategy to execution. Sriram is responsible for driving market share (strategy, GTM and growth) and mindshare (offering, partner strategy and market positioning) through strategic approaches, customer centricity and the deep technical expertise inCognizant\u2019s Cloud, Infrastructure and Security business. Beyond his professional achievements, he is also a mentor and advocate for diversity in tech, aiming to inspire future IT leaders.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Ransomware has permanently changed how security leaders think about risk. Verizon\u2019s 2025 Data Breach Investigations Report found that ransomware was involved in 44% of all breaches. For small and midsize businesses, the problem is big; ransomware was involved in nearly nine out of 10 breaches, compared to it playing a role in 39% of incidents among large organizations. Many of these attacks begin by breaching&#8230; <\/p>\n<p class=\"more\"><a class=\"more-link\" href=\"https:\/\/newestek.com\/?p=15792\">Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-15792","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15792","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15792"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15792\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15792"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15792"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15792"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}