This episode features Drew Russell, Identity Resilience Platform Owner at Rubrik. Jim McDonald and Jeff Steadman explore the intersection of backup, recovery, and identity security. Drew explains how Rubrik evolved from data backup into a cyber resilience platform with identity as a core pillar. Topics include recovering Active Directory, Okta, and Entra ID after ransomware, Rubrik's "bunker in a box" appliance for immutable air-gapped recovery, proactive posture management, CrowdStrike and Defender integrations, and where AI and non-human identities fit into Rubrik's roadmap. The episode wraps with measuring success for a product you hope to never use, and a detour into watch collecting.

This episode was made possible by the support of Rubrik. Learn more at rubrik.com/idac

Connect with Drew: https://www.linkedin.com/in/drew-russell-3762411b/

Learn more about Rubrik: https://www.rubrik.com/idac

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at idacpodcast.com

TIMESTAMPS

00:00:00 - Welcome and Introduction

00:01:19 - Introducing Drew Russell

00:01:36 - How Drew Got Into Identity

00:02:43 - What Is Rubrik and What Sets It Apart

00:03:38 - From Backup to Cyber Resilience

00:05:31 - Where Rubrik Fits in the IAM Landscape

00:07:08 - Rubrik's Scale: Clients and Growth

00:07:51 - Primary Use Cases: Post-Incident Recovery and AD

00:09:09 - Kicking Out Compromised Accounts and ADR

00:10:11 - Proactive Threat Detection and Mandiant Integration

00:11:28 - Scanning Backups to Find the Clean Recovery Point

00:12:14 - The Bunker in a Box Explained

00:13:18 - Posture Management and Upstream Tool Integration

00:14:19 - AI Agent Swarms and the Future Attack Surface

00:15:37 - The Taiwan Bank Case Study: Six Weeks to Rebuild AD

00:17:16 - The State of Nevada Incident: $400K and 30 Days

00:17:56 - What Recovery Covers: AD, Okta, and Entra ID

00:19:26 - Post-Restore Change Management and Whitelisting

00:20:08 - How Long Should You Store Backups?

00:21:19 - Indexing Identity for Intelligent Recovery Points

00:22:29 - Excluding Malicious Actions During Restore

00:24:41 - Zero Trust for Rubrik's Own Backups

00:26:21 - No Windows, No Virtualization Architecture

00:27:49 - Proactive Posture Management

00:29:00 - CrowdStrike and Defender Real-Time Integration

00:30:48 - Why Tabletop Exercises Often Fall Short

00:31:53 - AI Roadmap and Non-Human Identities

00:34:22 - The Three Pillars: Data, Identity, and AI

00:35:29 - Deployment: SaaS vs. On-Prem

00:38:37 - Appliance Sizing and Redundancy

00:42:23 - Measuring Success for a Product You Hope to Never Use

00:43:46 - The Ludacris Rubrik Commercial

00:45:31 - Watch Collecting and the Omega Speedmaster

00:53:39 - Drew's Closing Words

KEYWORDS

Identity at the Center, IDAC, Jeff Steadman, Jim McDonald, Rubrik, Drew Russell, identity resilience, cyber resilience, Active Directory recovery, AD backup, Okta recovery, Entra ID recovery, identity backup, ITDR, ISPM, non-human identity, NHI, agentic AI, ransomware recovery, bunker in a box, immutable backup, CrowdStrike integration, Microsoft Defender integration, Mandiant integration, identity disaster recovery, ADR, zero trust, tabletop exercises, posture management, IAM, identity security podcast, cybersecurity podcast