$400 Amazon Gift Card with OnDemand Training through March 10 - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

A Cyber-First Approach to Disaster Recovery

  • Thursday, July 25, 2019 at 1:00 PM EDT (2019-07-25 17:00:00 UTC)
  • Darren Mar-Elia, John Pescatore


  • Semperis

You can now attend the webcast using your mobile device!



In this era of digital transformation, cyber weaponization is commonplace, and the "extinction event" is a genuine threat, especially for organizations with uptime and availability requirements. As we've seen in the headlines, cyber disasters cripple business operations and impact shareholder value. For instance, Equifax just became the first company to have its outlook downgraded due to a data breach. And remember the NotPetya state-sponsored ransomware outbreak? Well, recent projections estimate NotPetya costed the international shipping company, Maersk, up to 300 million dollars in losses. Adding insult to injury, "act of war" means insurance will not pay out for damages.

Whether it's a targeted attack or collateral damage from a nation-state conflict, cyber risk directly correlates to business risk. In fact, cyber disasters now inflict more business damage than natural disasters and strike more frequently. But, many organizations have not updated their recovery playbook to combat these emerging threats. Legacy recovery systems cost organizations millions in unnecessary downtime and unplanned infrastructure costs because of a fundamental issue: cybersecurity is not top of in mind.

Join SANS to learn how organizations like yours are hardening their disaster recovery programs by adopting the cyber-first methodology. Key points of discussion:

  • How automation helps recover from cyber-attacks in minutes, not days
  • Tips to eliminate the risk of malware re-introduction from system-state back-ups
  • Ways to avoid the hardware scramble with stream-lined recovery to the cloud
  • Best practices on diversifying host infrastructures for critical applications

Speaker Bios

Darren Mar-Elia

A 14-year Cloud and Datacenter Microsoft MVP, Darren has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions. Prior to launching SDM, Darren held senior infrastructure architecture roles in Fortune 500 companies and was also the CTO of Quest Software. As a Microsoft MVP, Darren has contributed to numerous publications on Windows networks, Active Directory and Group Policy, and was a Contributing Editor for Windows IT Pro Magazine for 20 years.

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.