The one simple truth for IT leaders in the public sectors must accept: We have been breached, and we will be breached again.
It can be difficult for federal employees to fully grasp this new cyber threat reality, but this shift in thinking has led to a strategic transformation in data defense strategies—from a prevention-only approach to one of assume-breach. As a result, elevated backup and recovery strategies have become a mission-critical priority.
Cyber resilience is now a defining pillar of federal IT strategy. As agencies accept that breaches are inevitable, the focus now shifts to how quickly the agencies can respond and recover.
The New Importance of Backup as Part of Cyber Resilience
For as long as computers have existed, we’ve been told to back up our systems to ensure full recovery if the unexpected happens. While backup and recovery may have once been seen as routine IT functions, today they play a central role in cybersecurity planning—with agencies increasingly adopting immutable backups. These are copies of critical data that cannot be altered or deleted, even if attackers gain access to the system.
Additionally, backup environments are playing a more critical role by being secured through zero-trust principles. This means no user, system, or process is automatically trusted. Instead, continuous monitoring and strict access controls are applied—even to systems designed purely for storage and recovery.
AI has also emerged as a powerful ally in backup resilience. Advanced anomaly detection tools can spot irregularities that may be indicative of a cyberattack, giving agencies a powerful tool to spot threats earlier and take action before data is compromised.
Real-World Lessons in Resilience and What We Have Learned
The need for stronger backup strategies was reinforced by the 2023 Microsoft Exchange Online breach. In this incident, nation-state actors exploited a vulnerability to target sensitive federal data. Events like the 2023 breach have demonstrated perimeter defenses alone aren’t enough – agencies must have reliable backups ready to restore operations quickly after an attack.
This level of resilience requires more than technology. Instead, many agencies are working to perpetuate a culture of constant preparation, including regular penetration testing, adversary simulations, and hands-on incident response drills.
These agencies have found that by building muscle memory through practice they can ensure that when a real-world attack happens, they can respond decisively, acting strategically, rather than in a reactive manner.
As we accept and expect the greater frequency of cyber attacks as the new reality, cyber resilience will be a measure of operational excellence across the federal government. Agencies that proactively design for resilience, embed assume-breach thinking into their culture, and continually refine their backup and recovery strategies will be better equipped to fulfill their missions—no matter what cyber threats emerge.