Webinar Description
Key Takeaways
- Explores the Minimum Viable Company framework as a business-driven approach to cyber resilience
- Addresses why traditional IT recovery plans frequently fail during destructive cyberattacks
- Focuses on executive alignment, governance structures and operating model adaptation
- Designed for CIOs, CISOs, business continuity professionals and executive leadership
- Draws on real-world incident response experience from Cohesity’s CERT Cyber Resilience Consulting team
Introduction
Cohesity’s CERT Cyber Resilience Consulting team presents a webinar examining the Minimum Viable Company concept, a strategic framework designed to help organisations recover critical operations following destructive cyberattacks. The session targets IT and cybersecurity leaders, business continuity professionals and executive management seeking to move beyond conventional disaster recovery planning toward genuinely resilient operating models. With ransomware attacks growing more sophisticated and destructive incidents capable of paralysing entire organisations for weeks, the question of what must be restored first—and what constitutes a trustworthy recovery—has become a board-level concern.
About This Event
This sixty-minute virtual session brings together cyber resilience practitioners to examine a fundamental shift in recovery philosophy. Rather than treating incident response as a purely technical exercise, the webinar positions recovery planning as a business strategy requiring coordination across executive leadership, governance functions and operational teams. The programme draws on lessons learned from actual destructive cyberattacks, offering attendees practical insights rather than theoretical frameworks.
Cohesity’s consulting team leads the discussion, bringing direct experience from engagements where organisations have faced the challenge of rebuilding operations from compromised infrastructure. The session format emphasises actionable guidance that participants can apply within their own organisations.
Understanding the Minimum Viable Company Framework
The Minimum Viable Company concept represents a departure from traditional disaster recovery metrics such as recovery time objectives and recovery point objectives. While these technical measurements remain important, they fail to address a more fundamental question: which business functions must be restored to maintain organisational viability, and in what sequence?
Defining an MVC requires organisations to identify the absolute minimum set of systems, data and processes needed to sustain critical operations during a crisis. This determination cannot be made by IT teams alone. It demands input from finance, legal, operations, human resources and executive leadership to understand which capabilities are genuinely essential versus merely important.
The framework also forces organisations to confront difficult prioritisation decisions before an incident occurs. When ransomware has encrypted production systems and backups are being validated, there is no time for lengthy debates about which applications should be restored first. Organisations that have already mapped their MVC can execute recovery with clarity and purpose.
Why Traditional Recovery Planning Falls Short
Conventional disaster recovery plans typically assume infrastructure failures, natural disasters or localised outages. They are designed around scenarios where systems can be restored from known-good backups to familiar environments. Destructive cyberattacks present fundamentally different challenges.
When attackers have maintained persistent access to an environment for weeks or months before deploying ransomware, the integrity of backup data becomes uncertain. Recovery teams must determine not only how to restore systems but whether restored data can be trusted. Active Directory, the authentication backbone for most enterprise environments, presents particular challenges—restoring a compromised directory service risks reintroducing the attacker’s access.
Traditional plans also tend to focus on technical recovery while neglecting the organisational dimensions of crisis response. Communication channels may be unavailable. Key personnel may be unreachable. Decision-making authority may be unclear. These governance gaps can delay recovery as much as technical obstacles.
Executive Alignment and Governance Considerations
The webinar emphasises that cyber resilience cannot be delegated entirely to technical teams. Board members and executive leadership must understand recovery priorities and their business implications. When a destructive attack occurs, decisions about which operations to restore first carry significant financial, legal and reputational consequences.
Effective governance for cyber resilience includes clear escalation paths, pre-authorised decision-making frameworks and defined roles for crisis management. Organisations that have rehearsed these governance structures through tabletop exercises and simulations respond more effectively than those encountering them for the first time during an actual incident.
The session addresses how operating models may need to shift during recovery periods. Organisations accustomed to highly automated, integrated systems may need to operate in degraded modes using manual processes. Understanding these contingency operating models in advance prevents improvisation under pressure.
Establishing Trust in Recovered Systems
One of the more nuanced challenges in cyber incident recovery involves determining when restored systems can be considered trustworthy. Unlike hardware failures where replacement components are inherently clean, cyber incidents leave organisations uncertain about the integrity of their own infrastructure.
The webinar explores how organisations can establish confidence in recovered environments. This includes validation procedures for restored data, network segmentation strategies during recovery and approaches to rebuilding identity infrastructure. Technology plays a critical enabling role in these processes, providing the tools needed to verify integrity and detect anomalies in restored systems.
Defining what “trusted” means in a post-incident context requires both technical rigour and business judgment. Some organisations may accept higher risk to restore revenue-generating operations quickly, while others in regulated industries may require more extensive validation before resuming operations.
Who Should Attend
The session is designed for professionals responsible for organisational resilience across both technical and business functions. Chief Information Officers and Chief Information Security Officers will find value in the strategic framing of recovery planning, while their teams can apply the practical guidance to existing programmes.
Business continuity and risk management professionals represent a core audience, as the MVC framework directly addresses their domain. The emphasis on governance and operating model adaptation also makes the content relevant for Chief Operating Officers and other executive leaders who would be involved in crisis decision-making.
Organisations across industries face similar challenges in this area, though those in sectors with significant regulatory oversight or critical infrastructure responsibilities may find the governance discussions particularly applicable. Mid-sized and large enterprises with complex, interdependent systems stand to benefit most from the structured approach to prioritisation that the MVC framework provides.
The Broader Context of Cyber Resilience
The growing emphasis on cyber resilience reflects a maturation in how organisations approach security. Prevention remains essential, but the recognition that determined attackers may eventually succeed has shifted attention toward limiting damage and accelerating recovery. Regulatory frameworks increasingly expect organisations to demonstrate not just protective controls but recovery capabilities.
The MVC concept aligns with this evolution by treating recovery as a strategic capability rather than a technical afterthought. Organisations that can articulate their minimum viable operations, demonstrate tested recovery procedures and show executive engagement with resilience planning are better positioned to satisfy regulatory expectations and maintain stakeholder confidence.
For organisations that have not yet formalised their approach to cyber resilience, this webinar offers a starting point for developing a more comprehensive strategy—one that integrates technical recovery capabilities with the governance structures and business alignment needed to execute effectively under pressure.

