Most organisations believe they can recover from ransomware because they have backups. The attackers are counting on it. Modern ransomware hunts down the backup environment first, because a victim who cannot restore is a victim who pays. This free checklist gives you a board-ready way to find out where you actually stand, before an attacker does it for you.

What Is a Cyber Recovery Readiness Assessment? 

A cyber recovery readiness assessment measures your proven ability to restore the business after a deliberate attack, not just an accident. This whitepaper turns that into a scored, seven-dimension checklist, a practical ransomware recovery checklist and backup audit in one, that a CISO can complete in an afternoon and defend at board level. 

What the Whitepaper Gives You 

A seven-dimension readiness model you can score yourself against, plus the reasoning and the regulatory context needed to defend the number. 

Inside: 

  • The seven dimensions of cyber recovery readiness, each with diagnostic questions and a 0–3 score. 
  • A one-page scoring summary that turns your total out of 21 into a clear risk verdict. 
  • The difference between backup and cyber recovery, and why it decides outcomes. 
  • What a defensible recovery architecture looks like: immutable, air-gapped, recovered clean. 
  • The India layer: CERT-In's six-hour rule and the DPDP breach-notification duty. 

 

The Seven Dimensions at a Glance

 

S No. Dimension The question it answers
1 Protected Copies Is a copy immutable, air-gapped, and 3-2-1-1-0?
2 Isolation Is recovery separated from production?
3 Clean Restore Do we scan before we restore?
4 Tested Objectives Are RTO and RPO proven, not assumed?
5 Playbook & Roles Who decides, who acts, ransom stance?
6 Regulatory Readiness Can we meet CERT-In and DPDP?
7 Evidence for the Board Can we show recovery works?

 

Who Should Read It 

Written for CISOs, CIOs and IT leaders accountable for whether the business comes back after an attack, and for the board members who now ask them to prove it. 

Why "We Have Backups" Is Not an Answer 

The overwhelming majority of ransomware attacks now target the backups themselves, and most of those attempts succeed. Even among organisations that pay the ransom, most still fail to recover all their data. Having backups and being able to recover are two different things. This checklist measures the second. 

Why Proactive 

Proactive Data Systems designs and operates cyber recovery for Indian enterprises: immutable and air-gapped data protection, isolated recovery environments, tested recovery, and the incident-reporting readiness that CERT-In and DPDP now demand. We are a Cisco Preferred Cloud and AI Partner, Dell Platinum Partner and NetApp Preferred Partner, with 35 years in enterprise IT, more than 1,500 organisations served, and a 24/7 service desk in India. 

Get the Whitepaper 

Enter your work email to download Cyber Recovery Readiness: The Seven Things That Decide Whether You Come Back, authored by Shariq, Data Protection & Cyber Recovery, Proactive Data Systems. 

Prefer to talk it through? Ask Proactive for a cyber recovery readiness assessment. 

Frequently Asked Questions

Cyber recovery readiness is your proven ability to restore the business after a deliberate attack, not just an accident. It spans seven dimensions: protected copies, isolation, clean restore, tested objectives, playbook and roles, regulatory readiness, and evidence for the board. Readiness means each is in place and tested, not merely purchased.
Backup copies data so it can be restored, assuming the copy is safe. Cyber recovery assumes the attacker went after the backup too, so it adds immutability, air-gapping, clean-room validation before restore, and tested recovery. Backup is an IT task; cyber recovery is a business capability owned by the board via the CISO.
Under the CERT-In Directions, organisations in India must report specified cyber incidents, ransomware included, within six hours of becoming aware of them. The Directions also require 180-day log retention and synchronised system clocks. An incident involving personal data may also trigger a separate DPDP breach notification.
Score each of the seven dimensions from 0 (blind) to 3 (proven) using the diagnostic questions in this whitepaper, then total the result out of 21. The checklist maps your score to a plain verdict, from exposed to proven, and shows which weak dimension to fix first.

Related Resources

Share a few details to get started.

We'll get back to you shortly.