Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

What to do (at a minimum) to recover after a cyber attack

Commvault
02/28/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


So what I like about MVC is minimum viable company is what are the minimum number of things that I need? What are those very specific things to run the business? Right. I need my ERP to be up and running. What does that mean? Our website needs to be up and running. What does that mean? It needs to interact with our ERP so we can check constantly check inventory. What does that actually mean to us? Right. How do we reconcile lost transactions? How do we reconcile lost time? How do we manage the identity system that may have been compromised six months before the encryption occurred, before the security event was noticed? Right. And and thus those accounts may still exist. And then you start the investigation. At the same time you're trying to do some sort of triage. What's down? What's broken? How bad is this? Is this currently? Right. What do we think this is? The reason investigation is important is you're trying to figure out how long have they been in your environment. It's a critical piece of information to recovery. And immediately you start kicking off. What are we what is our fail over if any? And how do we get back up and running? So you actually have a separate tiger team developed to get MVC back up. Once that's up and running then that team moves right back over to incident response and you continue the incident response. All the investigative integrity is maintained. All the evidentiary integrity is maintained. All of that stuff can still continue and is part of the feedback loop that you use for the long-term repairs. While the business, the minimum viable business, however you define that, is up and running. And the neat part is it also doesn't have to be one thing. Right. You could have an MVC for the company, but you could also have an MVC for a particular piece of operations or a particular business unit. Commvault has staffed around this. They've staffed to help be your kind of consultant as they go through this and they're bringing their partner network along with them. Right. So you don't have to feel like you're all alone here. It's really critical that you have tools that make testing easy because you're effectively testing the theory of is this my minimum viable company? And I guarantee the first few times you do it, you're going to be wrong. There's a ton of configuration here. Is the juice worth the squeeze? And that's really kind of what Commvault has taken on.

TL;DR

  • Minimum Viable Company (MVC) strategy focuses on rapidly restoring only the core business functions needed to operate immediately after a cyber attack, rather than attempting full system recovery.
  • Organizations should deploy specialized tiger teams to execute MVC recovery while maintaining parallel incident investigation with full evidentiary integrity for long-term remediation.
  • Commvault provides both technology tools and consulting services through its partner network to help organizations define, test, and implement MVC recovery plans at enterprise or business unit levels.

Summary

Howard Holton, CTO of GigaOm, introduces the concept of Minimum Viable Company (MVC) as a cyber recovery strategy that prioritizes restoring core business functions immediately following a security incident. Rather than attempting full system restoration, the MVC approach identifies the essential subset of operations needed to keep the business running while incident investigation continues in parallel. Holton explains how organizations can define their critical systems—such as ERP platforms, customer-facing websites, and inventory management—and develop specialized tiger teams to execute rapid failover and recovery. The strategy emphasizes maintaining investigative and evidentiary integrity while simultaneously bringing minimum viable operations online. Commvault positions itself as both a technology provider and consulting partner in this process, offering tools that simplify testing and validation of MVC plans. The framework is flexible enough to apply at the enterprise level or to specific business units, with iterative testing recognized as essential to refining what truly constitutes minimum viability for each organization.

Chapters

0:00 - Defining Minimum Viable Company
0:51 - Parallel Investigation and Triage
1:20 - Tiger Team Recovery Execution
2:01 - Commvault Support and Testing

Key Quotes

0:10 "So what I like about MVC is minimum viable company is what are the minimum number of things that I need? ..."
1:20 "So you actually have a separate tiger team developed to get MVC back up."
2:20 "And I guarantee the first few times you do it, you're going to be wrong."
Categories:
  • » Webinar Library » Commvault
  • » Data Protection » Backup & Recovery
  • » Data Protection
Channels:
News:
Events:
Tags:
  • Data Protection
  • Business Continuity
  • Security Operations
  • Best Practices
  • Technical Deep Dive
  • Minimum Viable Company
  • Cyber Recovery Strategy
  • Incident Response
  • Tiger Teams
  • Failover Planning
  • Recovery Testing
  • Critical System Identification
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: What to do (at a minimum) to recover after a cyber attack

              Upcoming Webinar Calendar

              • 07/14/2026
                01:00 PM
                07/14/2026
                Crafting a Championship-Caliber Security Team for Lasting Defense
                https://www.truthinit.com/index.php/channel/2025/crafting-a-championship-caliber-security-team-for-lasting-defense/
              • 07/14/2026
                02:00 PM
                07/14/2026
                Understanding the Crucial Role of Context in Safeguarding AI-Accessible Data
                https://www.truthinit.com/index.php/channel/2037/understanding-the-crucial-role-of-context-in-safeguarding-ai-accessible-data/
              • 07/21/2026
                04:00 AM
                07/21/2026
                Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
              • 07/22/2026
                06:30 AM
                07/22/2026
                Insights and Strategies in Data Protection and Privacy Management
                https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-in-data-protection-and-privacy-management/
              • 07/22/2026
                01:00 PM
                07/22/2026
                Insights from Attackers During the FIFA World Cup: A HUMAN Dialogue
                https://www.truthinit.com/index.php/channel/2029/insights-from-attackers-during-the-fifa-world-cup-a-human-dialogue/
              • 07/28/2026
                01:00 PM
                07/28/2026
                Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
              • 07/29/2026
                04:00 AM
                07/29/2026
                Real-Time Strategies for Safeguarding Against Prompt Injections
                https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
              • 07/29/2026
                12:00 PM
                07/29/2026
                Unified Data Security in Action: Uncover, Analyze, and Resolve Threats
                https://www.truthinit.com/index.php/channel/2045/unified-data-security-in-action-uncover-analyze-and-resolve-threats/
              • 07/29/2026
                01:00 PM
                07/29/2026
                Ask Your Cloud Anything: Unlocking Governance Silos in your Environments
                https://www.truthinit.com/index.php/channel/2048/ask-your-cloud-anything-unlocking-governance-silos-in-your-environments/
              • 08/19/2026
                12:00 PM
                08/19/2026
                Becoming Agent Ready: Insights from Cyera's Expertise
                https://www.truthinit.com/index.php/channel/2036/becoming-agent-ready-insights-from-cyeras-expertise/
              • 09/30/2026
                04:00 AM
                09/30/2026
                AI Command Center: Optimizing Visibility and Control in Your Operations
                https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/

              Upcoming Events

              • Jul
                14

                Crafting a Championship-Caliber Security Team for Lasting Defense

                07/14/202601:00 PM ET
                • Jul
                  14

                  Understanding the Crucial Role of Context in Safeguarding AI-Accessible Data

                  07/14/202602:00 PM ET
                  • Jul
                    21

                    Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

                    07/21/202604:00 AM ET
                    • Jul
                      22

                      Insights and Strategies in Data Protection and Privacy Management

                      07/22/202606:30 AM ET
                      • Jul
                        22

                        Insights from Attackers During the FIFA World Cup: A HUMAN Dialogue

                        07/22/202601:00 PM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version