The Backup Wrap-Up

A few weeks ago, Mr. Backup (W. Curtis Preston) said he didn't understand why people used flash for backups. He said it was overkill. A few days later, Howard Marks of Vast (friend of the pod) took issue with that statement, and asked for the chance to defend Vast's title, so to speak. Howard is a friend of the pod and we were happy to say yes. We also take the opportunity to get an update on Vast, and discuss their data reduction techniques in more detail. Bonus points if you get the cover art reference.

Are you doing all you can to stop ransomware attacks before they happen, or kill them the moment they show up? Have you looked into this and found yourself swimming in alphabet soup (SIEM, SOAR, EDR, XDR)? Have you looked at some of these tools and found them to be prohibitively expensive or too complex? This is the episode for you. We have Dez Rock, CEO of SIEMonster, a SIEM/SOAR/XDR as a service company. She helps us weed our way through these acronyms, and then tells us about how SIEMonster (pronounced sea-monster) is bringing this important technology to companies of all sizes.

Last year LastPass suffered two hacks that left their customer's data exposed.  What can you learn from this event, even if you're not a LastPass customer?  We use this hack as an example of what your company should do (or not do) if it ever suffers such a hack.  We also talk about password managers, and what this hack means to those who use them.  You do use one, right?  This is a great episode, chock full of information.  We hope you enjoy it. 

It was a dark and stormy night in 1993 when paris (the database server) went down. It would be a night the new backup admin would never forget because he couldn't restore the database from backup. The only bright side of that very sad story is that it launched a career. Yes, that's the night W. Curtis Preston started his path toward Mr. Backup. Hear him tell the story in his own words, in the middle of the backup to basics series about backing up databases. Avoid the mistake that could have (but did not) cost him his job and enjoy a good episode while you're at it!

Are you backing up all the things you should be backing up? In this latest episode of our Backup to Basics series, Mr. Backup & Prasanna look at the list of the traditional things we think about backing up: servers, databases, laptops, mobile devices, file servers, virtualization servers, etc. The big question tackled in this episode is what of these things should you be backing up? Mr. Backup, of course, takes a pretty hard line about backup, but he may surprise you on some of his exceptions. We hope you enjoy the episode.

You know how we tell you to limit the amount of privilege each admin gets, in order to limit the blast radius if their account is compromised? What if you could apply that concept to applications that use private data to accomplish their task? We blindly give everything we have on each person to just about any app that needs anything. But if you had an app that only needs first name and email address, why not just give it that? And if it asks for more than that, what if you had a way to give it masked data, since it doesn't really need it anyway? That's how I would describe Sky Flow, a privacy as a service company, after interviewing its Head of Marketing, Sean Falconer. Fascinating new approach to the problem of personal data sprawl.

I was shocked to learn that my favorite password manager had a few known vulnerabilities, and you might be shocked too! We found this great research paper from the University of York, and invited one of the co-authors on to discuss it. Siamek Shahandasthi, an Associate Professor from the University of York, explained all the vulnerabilities discussed in the paper, and why each is important. I was able to verify that at least one is still found in my current password manager. How many are in yours? Let's pressure the companies to address these, shall we? Check out the paper yourself here: https://eprints.whiterose.ac.uk/158056/8/Revisiting_Security_Vulnerabilities_in_Commercial_Password_Managers_2.pdf

In our latest episode of the Backup to Basics series, we talk about what I think is the most important invention in my career: deduplication. Without dedupe, much of what we do in backup and recovery, and disaster recovery, would simply not be possible. Without dedupe there really is no disk backup market; there is no cloud backup market. I'd be out of a job! What is dedupe, anyway, and how does it work? What are the different kinds of dedupe and does that matter? You should learn a lot about this important topic.

An incident response plan is the key to successfully surviving a ransomware attack, and it's a bit like Dramamine. The time to get one is too late to get one. @Vmiss (Melissa Palmer) joins us again to talk about this important topic. We talk about the important role cyber insurance companies can play in helping you find an IR team and helping you develop a plan. (They can actually force you to do so in order to get coverage.) @vmiss was a blast to talk to again, and we're sure you'll enjoy this episode.

We have talked about this a lot on the pod, and now we have someone that can explain what you actually do with your network when you get a ransomware attack. It's Tom Hollingsworth from Gestalt IT, and we're excited to have him on the pod. Some of his recommendations of course, require some configuration in advance. We talk about VLANs, SEIM and access management tools, and why many networking admins are terrified of the "reject all" concept that would actually make your network much more resilient in an attack. There is some really good stuff in this episode.

Sheltered Harbor is a non-profit organization dedicated to making sure financial organizations are able to recover after a cyber attack. Even if you're not a financial institution, there is a lot to learn hear. They've done a lot of work to make this standard practical in the real world. If nothing else, you can review what they ask orgs to do and see if you can apply it to your own environment. We once again have Eric Bursley to guide us through the topic. Even Mr. Backup learned something!

Today we're visited by Scott McCrady, the CEO of Solcyber, a leading managed security service provider. He says they're changing the model of how small and medium-sized companies secure their infrastructure against attacks, without any of the typical upfront cost or ongoing maintenance hassles of traditional methods. Have you tried securing your environment, only to suffer "alert fatigue?" Scott feels your pain and has fixed this by doing all of that as a service, which you pay for like a typical SaaS offering. Just a per-user fee per month - one SKU. It's a new way to secure your infrastructure.

How great is it to discuss your favorite topics, learn something new, and have a great time all at the same time? That's what this episode is like. @vmiss (AKA Melissa Palmer) came on the pod for the first time this week. I've read a lot of her content and tweets over the years, and it was great to finally put a face to the name. She knows her stuff when it comes to security, since she was actually working in it before she got into VMware. It was a great conversation I think you'll learn a lot from.

We've talked a bit on this podcast about ransomware groups targeting Windows-based backup servers, and Veeam specifically. There's a new product on the market targeted at this problem, and it's called Blocky for Veeam from Grau Data. Today we have the founder & CEO of Grau Data, Herbert Grau, and their head of North American operations, David Cerf. What we didn't know until recording this episode is that these are the same people that used to make the gigantic Grau tape libraries that is used covet back in the 90s! They got out of the hardware business and have been making software ever since. Blocky for Veeam is a new application of another battle-tested product. Fascinating story, and one that will have other applications in the future.

LastPass made some serious blunders: how they responded to the hack in August, code they created before August, and how they configured their backup system. All of that came to a head at the end of 2023 when the hackers from August used stolen credentials to download a backed up copy of customer information. Most of it was encrypted, but they still gained a lot of information. Many are calling for customers to leave the product. However, even if you're not a lastpass customer, there are lessons to be learned here. Learn those lessons and don't be like LastPass.

Today (Jan 23) marks 30 years to the day that W. Curtis Preston joined the backup industry. Fresh out of the US Navy and wanting to make a name for himself, he joined MBNA, a 35-billion dollar credit card company as "the backup guy." Within seven years he would write the industry's first book dedicated to backup, and since that time, he's gone on to be the world's leading expert in backup and recovery. What were backups like in 1993? How have things changed over the years? And how did he apapt to all of those changes? Prasanna takes the lead as host for this episode, asking Curtis a number of very insightful questions. Be sure to join us for this very special episode.

The latest in our Backup to Basics series is about making sure hackers don't delete, encrypt, or exfiltrate your backups as part of a ransomware attack. (Our Backup to Basics series reviews topics from Curtis' latest book Modern Data Protection, which you can download at druva.com/e-book.) We talk about how and why hackers are specifically targeting your backup system to either disable it or use it as a source for exfiltration. Then we talk about a number of things you can do to defend your backup system against these attacks. This is our most important episode in a while.

Hear the incredible story of Albert Uy, who was handed a two-year project that had already wasted 18 months. They told him he had four months to complete it. He looked at that timeline and told them there was only one way he could do, by switching horses in mid-stream. Not only did they finish it in time; they finished it early. Albert has also managed backup teams for many years, so before we cover this project story, we talk about backup has progressed over the years. We also talk about how much easier his job got once he started using Druva has his backup solution.

Nothing but the best for our listeners! Curtis and Prasanna review their favorite episodes from 2022, from the time Curtis had to restore Backup Central to the shocking outage at Rackspace ( which is still ongoing!). This is your chance to catch up on what you missed last year as we prepare for a new year! Here are links to all the episodes discussed. Happy New Year!Mr. Backup Forced to Restore Backup CentralRestore Test Failed to Bad DocumentationSecurity expert rips Okta for their response to hackHow to prevent ransomware, slow its spread, and respond if you get itHow to prepare for an emergency (at home and work)Backup practitioner tells stories from the trenchesTop 5 security mistakes you're making in the cloudInternational lawyer discusses e-discovery in US & other countriesShocking RackSpace Hosted Exchange Ransomware Attack

Tomorrow marks two weeks from when the RackSpace outage started on Dec 2, 2022. They confirmed it was via a ransomware attack and it is not. going. well. We're going to do a deeper dive into this once it is all over, but this is a first-blush look at what is happening and RackSpace's reaction to it. When we recorded this episode, their reaction was not looking good. I'm sad to say it's gotten even worse. Check it out!

Ok, so maybe not the most interesting topic. ;) But we promise you, this episode has a great story that involves Mr. Backup being kidnapped by a client, basically because he had a backup level issue. Learn about full backups, incrementals, cumulative incrementals, differentials, numbered levels, tower of hanoi backups, and why all this matters. It turns out it matters a lot more these days for structured backups than filesystem backups, which have typically gone to an incremental forever setup.

This episode we have Boris Agranovich, who has been a risk manager for decades, and speaks SIX languages (Russian, Ukrainian, Hebrew, Dutch, English, and Spanish). How amazing is that? He started the Global Risk Community, the largest online community for risk managers, and it's doing very well. We talk about the differences between what we do (as IT risk managers) and what he does, where he's managing risk for the entire organization. Fascinating guy with a unique perspective.

Archive is NOT backup, and hopefully this episode will help you understand how/why that is the case. In this continued romp through W. Curtis Preston's Modern Data Protection, we explore the definition of archive, and how different it is from backup. You should have no trouble understanding the difference between the two after listening to this episode. As usual, Mr. Backup fills in the definition with interesting stories of what happens when you confuse backup and archive. Enjoy!

As we continue our "Backup to Basics" series, we touch on one of the most important questions of all: what is backup and restore? (And how does it different than archive and retrieve?) The answer to these questions are both simple and nuanced. It's important to have a solid understanding of backup and restore in order to understand how archive is different. Reminder: You can download a complimentary copy of Mr. Backup's latest book, Modern Data Protection here: https://druva.com/ebook.

This episode follows the previous one in a very interesting way. We have a guest, Eric Bursley, whose job is to divine business and technical requirements from a vendor perspective at Presidio, an IT solutions provider. He consults with customers and helps them get from "I want" to "I need." This was a fascinating conversation that took a turn into (surprise) ransomware. Eric is a fan of the pod and knows his stuff. As mentioned in the podcast, here is a link to the music video that is the theme song of the podcast: https://www.youtube.com/watch?v=fPoE7nlgYe4The episode where we meet the voice behind the song: https://player.captivate.fm/episode/b60b207b-2dfc-4b38-b5ea-1cd4c6231025

We say it all the time: your backup requirements must be based on business/organizational needs. If you keep that mind, not only will your organization be better off, it'll be easier to get approval for the new backup system you want. This episode of our Backup to Basics series goes right to that core idea, and we get advice directly from one of our favorite guests: Jeff Rochlin. He is now the Head of Technical Operations at the LA Studio of Framestore, a visual effects company. In his 30+ year career he has designed and implemented dozens of systems (at least one of them with Mr. Backup). He shares with us his tips on how to design the system AND how to get it approved. If you'd like to see what Jeff and Curtis do for fun, check out their other podcast, The Things That Entertain Us.

If you have sometimes wondered if your apps should be in a public cloud, private cloud, or in your own datacenter, have we got the episode for you. And we'll also talk about how to protect those apps regardless of where they reside. We looked hard for an unbiased cloud expert, and I think we hit gold. We found Sagi Brody, the CTO of Opti9, an MSP that supports both public and private clouds, as well as on-premises backup infrastructure! We talk extensively about which types of things are appropriate (from a cost and risk perspective) to go into the public cloud, private cloud, SaaS apps, and even your own datacenter. It was an informative and entertaining conversation that we're sure you will enjoy.

We get right to the heart of the matter in this next episode of our Backup to Basics series. (See what we did there?). Why do we even back up? It is expensive, time consuming, and no one seems to want to be in charge of it, so we do we even do it anyway. This episode is based on Chapter 1 of W. Curtis Preston's latest O'Reilly book, Modern Data Protection, which you can download for free courtesy of Curtis' employer, Druva. Curtis believes there are three categories of reasons: human disasters, mechanical failures, and natural disasters. We talk about the odds of each of these happening, and how that's changed over the years.The episode also starts with Mr. Backup telling the story of how he got into backup in the first place, as well as telling the story of the first time he lost data. It's the whole reason he ended up dedicating his career to backup, and he learned a lot of things from that failure. Here are the links to other episodes we discuss in this episode of the pod.Real Life Hurricane Disaster Recovery StoryDisaster Recovery after a hurricane - a First Hand AccountStop Ransomware Attacks in Seconds. (Includes the Derecho story)

This week are we pleased to announce we have Joe Dehner, specialist in International Law, to discuss the legal side of e-discovery and all the things that go with it. For the first time on Restore it All, we have a lawyer discussing legal things! (Usually we just tell you we're not lawyers!) My favorite part was listening to him tell stories from actual cases that make the various points we discuss. I also enjoyed when we talk about the e-discovery boogey man, adverse inference. If you have heard me talk about this before, it's usually around the context of backup and archive – and how they are different! Hear it from the horse's mouth, so to speak.

This is a trend that's happening around the globe, and the news we got from Lloyd's of London Insurance in August is just the latest example. They're looking to exclude payments for "catastropic" and "state-sponsored" attacks. We talk about what that means. We also discuss how a plaintiff lost a recent lawsuit against their insurance company, getting $100K when what they wanted was $600K. It was how their policy was written. We also talk about a new show (streaming on Peacock in the US) called "The Undeclared War" that is technically fictional but seems all too real. We finish up with a discussion of how we see the roll of cyber insurance in this scary world of ransomware. Saddle up and listen up!

The Uber attack is huge. The initial penetration teaches about MFA, and how they were able to escalate their privileges from there is simply wrong, wrong, wrong. What can you learn from this? Well, we have a cybersecurity expert, and host of the Tech and Main podcast, on the pod this week to help us figure that out. We had planned to just talk about the Uber attack, but he also wanted to talk about what happened to the LA Unified School District. Do you have kids in school, or know someone employed in K-12 education? Shaun St. Hill makes a solid point or two about what they should be doing. All that and Curtis complaining about how much he spent on his vacation to Hawaii. Boo hoo, right?

Cyber security attacks are everywhere, and they're definitely going after what you have running in your favorite hyperscaler. Today we are joined by Paul Hadgy, CEO of Horangi Security, a cyber security company specializing in securing your cloud infrastructure. We talk about a number of things, but at one point, Mr. Backup asked him what the thought was the five biggest security mistakes people make when building out their cloud infrastructure. He gave us a pretty good list, and then talked about how they're able to secure it AND make sure you're properly utilizing it. (They can tell you resources you're paying for that you shouldn't be!) Great interview with Paul.

Jira is yet another service that could be at the center of your organization, and losing the data stored in there could cost you a lot. Did you know it doesn't even have an audit trail for many things? Not only can you lose data, you might not know what was deleted or who did it! We are joined this week from two representatives from Revyz, a new service to back up Jira. They talk about what to back up and what you can do for free, along with what functionality that misses out on. They then explain how their new service works and what it offers. Great episode where I learned a lot. Even if you don't use Jira, you will find a lot of useful info in this episode.

If you don't meet your company's Recovery time objective (RTO) and Recovery Point Objective with your backup design, nothing else matters. Seriously. No one cares if you can back up – only that you can restore in a timeframe they consider reasonable. The only way that's going to happen is if you agree to these times UPFRONT. In this episode in our new back to basics series, we'll jump right into this extremely important topic. We'll explain what RTO & RPO are, what recovery time and recovery point actual are, and how they relate to RTO & RPO. We'll also explain how to get your company to agree to them.

Why don't you have a password manager already? Our guest this week, Chris Hayner, blogger at hayner.net and host of the Chaos Lever podcast, wrote a great blog called Yes, you need a password manager. "Yes, You Do Need A Password Manager, Brett. Yes You Do!" Both Prasanna and Curtis DO have password managers, so he's preaching to the choir. But if you'd like to hear the argument for why you need one, and arguments against many of the usual excuses for not having one, then this is the episode you need. And, as usual, we have a little fun along the way.

Datacore has been one of the storage industry's best-kept secrets for a long time, quietly growing a dedicated customer base in Fort Lauderdale. Their CEO, Dave Zabrowski, joins us on this episode to explain their background, and tells us about how their technology and some savvy business decisions resulted in them owning Open EBS, the most popular container-attached storage platform. Datacore is a software-defined storage product that virtualizing pretty much any kind of storage into any other kind of storage, giving you exactly what you need, without vendor lock-in. Join us on this podcast to hear what's special about Datacore.

This week we have Barry Lunt, one of two founders of Milleniata, the creators of M-Disc. The company may be gone, but the format lives on. Most modern DVD and Blu-Ray drives can write to M-Disc, and Verbatim still sells it. Barry explains to us why they decided to make M-Disc, and why it's different than any other optical product. He also offers a shocker: a study done many years ago that shows that recordable DVDs are nowhere near as good at holding onto data as they claim. There is a lot of good info in this episode. Hope you like it.

Druva's new data resiliency guarantee covers more than any other guarantee in the data protection/data resilience segment. It also was written with no silly exclusions (like some other guarantees) that are simply there to keep from having to pay anyone. It requires only a certain service level and that the customer follows Druva's best practices. It protects against the five areas of risk, including cyber, human, application, operational, and environmental. It includes SLAs for uptime, backup success, restore success, immutability, and confidentiality. This week we have Stephen Manley, Druva's CTO, to tell us about this new guarantee. Check out the new guarantee here: https://www.druva.com/resilience-guarantee/

Warshipping is yet another way hackers are taking advantage of how the pandemic has changed the workplace. Did you know you could be hacked by UPS, Fedex, or the postal service? Warshipping is shipping a self-powered device in a package so that it arrives at your office and is left unattended. (It's sent to someone working from home.) The device then sits there, sniffing the wifi, and eventually cracking your WiFi network and attempting to steal secrets. This isn't science fiction; it's reality. It's enabled by so much remote work, and by technology such as the Raspberry Pi. Read all about it in this article in DarkReading.com: https://www.darkreading.com/edge-articles/i-built-a-cheap-warshipping-device-in-just-three-hours-and-so-can-youIn this episode, Prasanna and Curtis discuss what this is, how it works, and what you need to do to stop this new attack vector.

If you're one of those people that look at typical storage offerings for backup and recovery and say, "I can't afford this," you're not alone. A lot of ready-to-go storage solutions can get very expensive very quickly. Our guest this week (Erik Ableson from Infrageeks.com) ran into this a lot with his small-government customers and SMBs in France, and knew he had to get creative. He wanted to build a hardened Linux repository for Veeam backups, and he also wanted an S3 object storage system to serve as the second copy. His customers couldn't easily buy cloud services, so he needed something they could own and manage themselves. (He explains the unique reason they can't buy cloud services.) He built the Linux repository using a Synology box to run both the storage and a Linux VM, and he built the object storage system out of the free version of MinIO and what I will call a very unique build of hardware. Learn the details in this fun episode of a real practitioner's solution to a unique and challenging problem.

Hammerspace offers a global filesystem that creates a single namespace across multiple storage systems and cloud storage providers. Hammerspace's name is inspired by the name for the magical place that cartoon characters get them from (e.g. Bugs Bunny pulling a huge hammer out of his pocket). They've taken a different approach to a global filesystem, using metadata to significantly minimize actual data movement and increase performance. Molly Presley, their SVP of Marketing (and friend of the pod!), explains the interesting use cases for this technology.

2022 is a new world in the cyber attack space, and Katie Nickels, SANS instructor, and director of intelligence at threat detection vendor Red Canary, describes the top five new attack they are seeing in the space. Spoiler alert: one of them is attacks against backups! Learn from an expert as we discuss the top five attacks they are seeing right now. We talk about living off the cloud, MFA exploits, an increase in nation-state hackers, the increased use of stalkerware, and YES: attacks against backup infrastructure. We discuss each of these in this important episode of Restore it All!

This week we talk about this exciting "new" medium for archiving data that is especially attractive to SMBs and home users. It's an optical disc that looks like a DVD and is readable in all Blu-Ray drives, but underneath it's something very different. If you haven't heard of it, then you're in luck! Thanks to Daniel Rosehill, backup anorak and friend of the show, we're going to talk about it – and its competitors on this week's episode! We discuss the good and bad about using all of the following for archiving: paper, SSD, disk, tape, DVD, Blu-Ray, ending with M-Disc. Learn what's wrong with these other mediums, and what's so great about this one in another fun episode of Restore it All!

Someone that knew Bill Gates when he was a boy in on the podcast this week, although we only talk about Bill Gates for a moment. He has 30+ years in backup experience and tells us what it's been like to adapt to all of the backup changes over the years. His first backup was to punch cards and punch tape, and he was in the same Boy Scout troop as Bill Gates. Fans of the podcast know his name already, as it comes up randomly on the show as a friend of Curtis. But this is the first time Stuart Liddle has graced us with his presence.Like Mr. Backup, his career starts with a data loss story that actually involved people having to re-enter data. We discuss a lot of configuring and running backups, including deciding on retention periods, treating all backups the same (or not), virtual tape libraries and other dedupe systems, and how important a change management data database (CMDB) is. We also talk about the danger of becoming entrenched in a specialty like backup, knowing only one specialty or product. We talk about how it's not good for you or your company. Finally we talk about the different way people are using the cloud today for IT and backup, and how that affects cost. Curtis and Prasanna use a great analogy that helps it make sense.This week's episode is fully of useful information.

Today we are joined by security expert and host of the Secure Talk podcast, Mark Shriner, to discuss information security. (Make sure to check out his podcast here: http://www.securetalkpodcast.com/)We talk about it from a personal perspective, as well as for organizations. Mark, Curtis, and Prasanna talk about what are the bare minimum things you should be doing as an individual to protect your personal information and data, both from a security and backup perspective. We then move on to talking about it from a company perspective, and how very important things like MFA (while good) do not solve everything, and then we talk about many other things you could be doing. Then there was the moment that created the title of the podcast, where Prasanna disagreed with Curtis – but not quite. When it comes to information security and data protection (and many things in life), perfect is the enemy of good. Try not to be overwhelmed with all the things you could or should be doing; just pick something and do something. Something is always better than nothing when it comes to these areas. This episode is jam-packed with good information you won't want to miss.

So many people are surprised when their restore is slower than their backup. You shouldn't be, as it's quite common. The good news is there are things you can do to make it faster – if you know them in advance. W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi tackle the seven reasons why your restore may be slower than your backup. Topics covered include RAID penalties, tape issues, database concerns, and others. You'll walk away knowing what to do in order to find out how slow your restores are – and how to fix them. This podcast is packed with good info! (And the death of a USB hub.)

Pat Mayock is a Data Protection Warrior for HPE, and he helped us to understand where he thinks LTO & RDX (a removable disk technology) sit in the market. He explains how much tape is used today in enterprise and cloud environments, especially in the public cloud that so many think is a tapeless world. He says the cloud vendors are some of LTO's biggest customers! We talk about what LTO is good at, what it's not so good at, and what that means for how you should use it. Then we shift gears to talk about RDX, a removable disk product that has been around for roughly 15 years. It consists of a docking station and a disk-based cartridge that is built to kind of resemble a tape! Each cartridge contains a single disk drive that you can use very much like you would use a tape, except it appears as a drive letter (mounted filesystem) versus a tape drive. He explains what its target market is and how it meets a niche in the removable storage market in between removable USB disks and a standalone LTO tape drive. This is a fascinating episode you won't want to miss.

This whole episode is a Mr. Backup rant, where he talks about things that people should really stop doing with their backup systems, starting with backing up directly to tape. There is a place for tape, but it is NOT at the front end of the backup system. Curtis and Prasanna passionately discuss and explain several relics of the ways we used to do things, and why they no longer make sense. Another one is repeated full backups - synthetic or otherwise. Many of them can be addressed by just changing how you use your backup product, but a few of them may cause you to think about making a change. (Hint: if your backup product has been around for more than 20 years, it probably can't get away from some of the relics of the past.)

This week we are joined by emergency preparedness expert and prolific author and speaker, Virginia Nicols, webmaster of EmergencyPlanGuide.org. We talk about why and how to prepare for a disaster/emergency in your personal life, as well as how to do it for a small business. This is a bit different than our usual episode, as there is very little talk about backup and recovery. We talk about where to start when assessing what to do, and what steps you can take right away to prepare. Virginia is extremely knowledgeable on the subject and we learned a lot. You will too!

If you liked last week's episode where we talked about this "so let's talk about ransomware" series on reddit, you'll love this week. We have the author, Snorkel42, to talk about the origins behind the security cadence series, and why he decided to finally write some on ransomware. (He explains that everything he talks about his ransomware, but he admits he's been "Mr. Myagi'ing" it for a while.). This guy knows his stuff, and this is the second time he has been on the podcast. He's knowledgeable and entertaining. One of those rare combinations. This is a great episode you will not want to miss. Here are the three posts:https://www.reddit.com/r/sysadmin/comments/tdvbp4/security_cadence_okay_fine_lets_talk_ransomware/https://www.reddit.com/r/SecurityCadence/comments/tedapy/security_cadence_ransomware_part_2_actions_on/https://www.reddit.com/r/SecurityCadence/comments/tfm927/security_cadence_ransomware_part_3_the_worst_case/