When a major cyber incident makes the news, the first question people usually ask is how it happened. What vulnerability was exploited? Was it phishing? Was a patch missed?
Those questions matter. But they aren’t the most important ones. The more important question is how well the organization can recover when prevention inevitably fails.
The recent cyberattack affecting Stryker Corporation serves as a reminder that cybersecurity today is as much about resilience and recovery as it is about prevention. Reports indicated that the incident disrupted internal systems and business operations across the company’s global environment, affecting employee access to critical platforms and slowing aspects of manufacturing and order processing.
For a company that supplies medical technology used in hospitals worldwide, operational disruption can ripple through the healthcare ecosystem. When systems go down, the impact is not just technical; it affects supply chains, service delivery, and potentially the availability of medical equipment that hospitals rely on.
This is why resilience matters and why it deserves a bigger place in the cybersecurity conversation.
Organizations invest heavily in detection tools, endpoint protection, vulnerability management, and identity security. Those investments are essential. But incidents like this are a good reminder that recovery is where resilience becomes real.
It is one thing to say you have backups. It is another thing to know you can actually recover what matters when your normal environment is disrupted. Can you restore important files quickly? Can you help users recover from wiped or lost devices? Can you preserve the records your legal, compliance, and security teams may need while the incident is still unfolding?
Those are the questions that shape how hard an incident hits the business.
The Dark Reading coverage of the Stryker attack makes this point well. Experts quoted in the article noted that many continuity and disaster recovery plans assume that core systems such as identity, communications, and management tools will remain available. In a destructive event, that may not be true. They also pointed to the need for isolated backups, out-of-band communications, and recovery plans built for a worst-case scenario, not a more routine outage. That is the real lesson here.
Recovery planning cannot just live on paper. It has to reflect what these incidents actually look like. If endpoints are gone, access is constrained, and teams across regions are all trying to restore operations at once, the organization needs a clear, practical way to recover data and move forward.
That is where backup, recovery, and archiving play an important role.
Not because they solve every problem in a cyber incident. They do not. But they give organizations something they badly need in a moment like this: options. The ability to restore lost data. The ability to bring users back faster. The ability to retain access to information that may be needed for investigation, legal review, or compliance. And the ability to do all of that with more confidence and less chaos.
At CrashPlan, that is how we think about resilience. Backup, recovery, and archiving are not side conversations. They are part of how organizations prepare for the day when something goes wrong and normal systems are unavailable.
The lesson from the Stryker incident is clear: cybersecurity is no longer just about stopping attacks. It’s about ensuring the business can continue operating, even when attackers succeed.
The organizations that will navigate the modern threat landscape most successfully won’t be the ones that never experience an incident.
They’ll be the ones who recover faster than their adversaries can disrupt them.
About the Author
