The Backup Wrap-Up

Disk backup security is the weak link that ransomware attackers exploit every day—and most backup admins don't even realize it. In this episode, Curtis and Prasanna examine how the move from tape to disk-based backups created an unintended security gap that threat actors now target as their first priority.
The transition to disk brought real benefits: deduplication made storage affordable, replication eliminated the "man in a van" for offsite copies, and backup verification became practical. But disk backup security wasn't part of the original architecture. When backups lived on tape, physical access was required to destroy them. Disk backups sitting in E:\backups can be wiped out with a single command.
Threat actors figured this out fast. After gaining initial access, the first thing they do is identify and eliminate your backups. No backups means no recovery—which means you pay the ransom.
Curtis and Prasanna discuss the history of how we got here, why backups are now the number one target, and practical solutions including obfuscation, getting backups out of user space, and implementing truly immutable storage. The standard is simple: if you can't delete the backups, they can't delete the backups.
TIMESTAMPS:
0:00 - Episode intro
1:24 - Welcome & introductions
4:04 - Tape explained for the modern audience
9:07 - Why tape got faster (and problematic)
10:54 - The shoe-shining problem
12:27 - Deduplication changes everything
15:35 - Benefits of disk-based backup
20:29 - THE PROBLEM: RM -r / DEL .
23:43 - Backups are the #1 ransomware target
26:26 - Immutability as the solution
27:32 - Book: Learning Ransomware Response & Recovery

What is ransomware, and why does it remain the number one threat to businesses of all sizes? In this episode of The Backup Wrap-up, W. Curtis Preston and Prasanna Malaiyandi break down the fundamentals of ransomware attacks and explain why the question "what is ransomware" still gets searched tens of thousands of times each month.
We cover the two main types of ransomware attacks: traditional encryption-based attacks where hackers lock your data and demand payment, and the newer double extortion model where attackers steal your sensitive information before encrypting it—then threaten to publish everything if you don't pay.
Our hosts share real-world examples including the Sony hack, the Costa Rica government attack, and the massive Jaguar Land Rover breach that cost over $2.5 billion. Whether you're a Fortune 500 company or a small dental office, this episode explains what is ransomware, why you're a target, and why preparation is your best defense.

What's your real backup TCO? Most organizations focus on software licenses, hardware, and cloud storage when budgeting for backup infrastructure. But those are just the visible costs. The true backup TCO includes something far more expensive: the humans managing it all.
In this episode, Curtis and Prasanna break down the complete picture of backup costs. They explore why soft costs—the labor, the troubleshooting, the daily monitoring—often exceed what you're paying for technology. With studies showing over half of environments spend more than 10 hours weekly on backup management, those labor dollars add up fast.
The discussion covers cloud storage pitfalls (especially with object lock and retention policies), why automation is your best friend, and whether SaaS-based backup might actually save you money. Curtis shares his infamous 1993 story about losing a production database – the origin story of Mr. Backup himself. If you're looking to get a handle on your backup TCO, this is the episode for you.

Ransomware attacks on backups have reached epidemic levels, with 96% of attacks now targeting backup infrastructure. In this episode of The Backup Wrap-up, Curtis Preston and Prasanna Malaiyandi break down the alarming statistics and explain why cybercriminals have made your recovery systems their primary target.
The math is simple: if attackers destroy your backups, you're far more likely to pay the ransom. And with only 25% of organizations feeling prepared for ransomware attacks on backups, the gap between threat and readiness is massive.
Curtis and Prasanna discuss two studies revealing these numbers, explore why less than 7% of companies recover within a day, and outline practical defenses including true immutability, separate identity management systems, and MFA. If you're not protecting your backup infrastructure from ransomware attacks on backups, you're leaving yourself wide open.

Building a cyber security team isn't optional anymore; it's the difference between recovering from ransomware and going out of business. In this episode, Curtis and Prasanna explain why hardening your backup infrastructure is only half the battle. You need professionals who know how to configure XDR systems without drowning you in false positives, blue teams to defend your environment, and red teams to test whether your defenses actually work. They cover the role of MSSPs, incident response planning, cyber insurance requirements, and why attempting ransomware response on your own is like those old TV warnings: "Don't try this at home." If you've been following their series on backup basics and system hardening, this episode ties it all together with the human element that makes or breaks your recovery plan.