We have become accustomed to reading about cyber attacks on a daily basis: stolen records, encrypted files and backups, business interruptions and ransom payments. Businesses have become aware that they must constantly evolve their protective measures and still prepare for the worst case scenario. Creating contingency plans and recovery plans and practising them in tabletop exercises is becoming the norm. Now is exactly the right time to address the issue of resilience in the context of cyber incidents. Do we really need to shut everything down in an emergency? This will certainly lead to the interruption of all business processes, if that is not yet the result of the attack. Isn't there a way to think in advance about how (limited) operations can continue despite a compromise to ensure th ...