This talk talks about how Disaster Recovery is different than Cyber Recovery. Cyber Recovery is NOT Disaster Recovery + Immutable storage. Starting with the Assume Breach principle and what that means, we will cover the risks associated with a cyber attack in ways that many business leaders to not think about. Next will be a brief discussion about real world attacks that Incident Responders have seen with clients and how prevention alone is not enough to protect your company. Next covered are the gaps that most Disaster Recovery plans have in terms of Cyber Recovery. Then, using the process that Watco has employed, this talk will identify the gaps that exist for most organizations in having an effective Cyber Recovery program, tips and tricks on developing one for your organization, how to do this on a cost effective basis, and how a Cyber Recovery program can significantly reduce your risk, even if only partially employed, allowing your organization to have effective business continuation plans even when faced with advance persistent threat levels of attack. While this is a cyber security discussion it will be important whether you are an executive with IT oversight, an IT technical staff member in security, GRC, infrastructure, or application development.