In the age of cloud, dependency on Active Directory is rapidly growing - and so is the attack surface. The threat to AD from ransomware and wiper attacks is generally understood, but the complexity of forest recovery is not. In "the good old days", AD recovery meant recovering AD from natural disasters and operational errors. But cyberattacks changed all that. Today, it's quite likely that every domain controller (DC) will be encrypted or completely wiped out in a matter of minutes.
So, what to do you when a cyber-attack wipes out your DCs? Microsoft provides a lengthy technical guide that details the manual-intensive process required to recover an AD forest. There's no indication if you do something wrong until the end, at which point you have to start over. Third-party backup tools can automate the process, but they were only built to address recovery from IT operational issues, where AD is affected but host servers are not.
With AD becoming a prime target for widespread, business-crippling attacks, it's time to think "cyber-first". In this session, you'll learn the dos and don'ts of recovering AD from a cyber disaster.