Cyber exercises don't focus on attacks being successful, but if the worst happens in a nation-state attack, organizations must recover as quickly as possible. The first step is prioritization.

When regulations are too prescriptive, attackers know what they have to beat. Compliance and regulations should not be the ceiling but the floor of security with proactive steps to keep attackers guessing.

"We're at the point now where organizations, state, local government, commercial, critical infrastructure need to start being much more aggressive and proactively deal with these problems," said Travis Rosiek, public sector CTO at Rubrik.

For example, Rubrik is focused on building hardened security, a zero trust approach to protecting the crown jewels, including threat hunting with data discovery to identify the attack location, quarantine it and recover as quickly as possible.

In this video interview with Information Security Media Group at RSAC Conference 2025, Rosiek also discussed:

• Recovering from a backup without allowing the adversary back in;
• How to isolate, contain, quarantine and recover quickly;
• Tackling software supply chain attacks, including an increase in insider threats.

Rosiek has built and grown cybersecurity companies and led large cybersecurity programs within the U.S. Department of Defense. Prior to Rubrik, he held several leadership roles including the chief technology and strategy officer at BluVector, CTO at Tychon, Federal CTO at FireEye, a principal cybersecurity consultant at McAfee and director of Red Team at the Defense Information Systems Agency.