Are your cloud security controls actually protecting your infrastructure, or are they just keeping the lights on? With host Caleb Tolin, Matt Castriotta, Field CTO for Cloud at Rubrik, breaks down the tactical gaps exposed when organizations blindly replicate data center mindsets in public cloud networks. Castriotta charts the history of high-profile incidents from the Colonial Pipeline timeline up through modern adversaries like Scattered Spider and Storm-0501. He highlights how today's attackers move laterally by exploiting over-privileged, non-human identities to trigger malwareless mass deletion rather than relying on on-prem style encryption loops.
The discussion pivots into an actionable critique of popular resilience assumptions. Castriotta details why relying on built-in features like S3 versioning and cross-region replication handles business continuity but leaves organizations entirely defenseless against automated cyber assaults. He delivers a precise operational roadmap for defining a "minimum viable business," establishing secure isolated recovery environments, and breaking the 80% ransomware reinfection cycle. This episode serves as an essential strategic guide for any enterprise trying to align the cloud shared responsibility model with predictable, audited return-to-service timelines.
Resources
Rubrik Cloud Cyber Resilience Solutions
Microsoft Threat Intelligence Report on Storm-0501
Scattered Spider Threat Profile
What You’ll Learn
How to separate low-probability disaster recovery protocols from high-probability cyber attacks.
The architectural threat mechanisms behind malwareless, privilege-driven data destruction.
A blueprint for prioritizing operations based on your minimum viable business components.
Solutions to tackle non-human credential sprawl and enforce just-in-time domain separation.
The hard realities of cloud platform pricing mechanics during major recovery events.
