DaVita (2025) faced the double-extortion nightmare — 1.5 TB of patient data stolen and systems encrypted. The Interlock group demanded ransom for both threats. A comprehensive zero-trust architecture directly counters this: perimeter controls make data exfiltration harder to achieve undetected, while immutable backups remove the leverage from encryption-based demands.
Looking through the governance lens
When I present these principles to executive teams, I focus on three clear outcomes for leaders: risk reduction, resilience and compliance. Executives should ensure the attack surface at the data layer is shrinking, that recovery points will survive if upstream defenses fail, and that retention and access policies are mapped to key regulations, such as SEC 17a-4(f) or HIPAA.
Policy as code has been a game-changer here — not because it’s “DevOps-cool,” but because it provides leaders with an auditable and reviewable change history for every critical control. For the board, this means we can answer questions like, “How do you know the backups are locked?” by pointing directly to the policy commit log, demonstrating transparency and accountability.