# Backup & Recovery Resilience Assessment > A free, interactive cybersecurity assessment platform by CISO Marketplace that evaluates organizational backup and disaster recovery (BCDR) readiness against modern ransomware threats. The tool covers the 3-2-1-1-0 backup rule, immutable and air-gapped storage, RTO/RPO alignment, ransomware recovery scoring, and a step-by-step DIY digital forensics guide for organizations without dedicated DFIR teams. ## Assessment Tool - [Backup & Recovery Resilience Assessment](https://backups.breached.company/): Interactive 12-question assessment scoring backup infrastructure across five dimensions — backup copies and media diversity (3-2-1-1-0 rule compliance), ransomware defense (immutable and air-gapped backups), RTO/RPO alignment, security controls (encryption, MFA, monitoring), and incident response readiness. Returns a weighted percentage score with tier classification (Critical / Fair / Good / Excellent) and prioritized remediation recommendations. ## Core Concepts Covered - [3-2-1-1-0 Backup Rule](https://backups.breached.company/): Modern evolution of the classic 3-2-1 rule — 3 total copies, 2 different media types, 1 offsite/cloud copy, 1 immutable or air-gapped copy, 0 restoration errors. The "0 errors" requirement mandates regular tested restorations. - [Immutable Backup Guide](https://backups.breached.company/): WORM (Write Once Read Many) storage prevents ransomware from modifying or deleting backups. Implementations: AWS S3 Object Lock, Azure Immutable Blob Storage, Veeam Hardened Repository. Critical because 89% of ransomware attacks specifically target backup repositories. - [Air-Gapped Backup Architecture](https://backups.breached.company/): Physically or logically isolated backups with no persistent network connectivity. Considered the strongest ransomware defense when combined with immutable storage. - [DIY Digital Forensics & Incident Response Guide](https://backups.breached.company/): Three-phase DFIR methodology — Phase 1: Immediate response (isolation, volatile data capture, documentation); Phase 2: Evidence collection (forensic imaging, chain of custody, cloud/SaaS log export); Phase 3: Analysis (timeline construction, IOC identification, root cause analysis). Includes free tool recommendations: Autopsy, FTK Imager, Volatility, Wireshark, KAPE, Velociraptor. - [RTO/RPO Alignment Assessment](https://backups.breached.company/): Evaluation of whether backup frequency and recovery procedures actually meet defined Recovery Time Objectives and Recovery Point Objectives under real-world conditions. ## Compliance Frameworks Referenced - NIST Cybersecurity Framework 2.0 (GV.RR — Govern: Recovery & Resilience) - ISO 27001:2022 Annex A.8.13 (Information backup) - GDPR Article 32 (data availability restoration) - PCI DSS 4.0 Requirement 12.10 (incident response with backup procedures) - CIS Controls v8 — Control 11 (Data Recovery) - NIST SP 800-34 Rev. 1 (Contingency Planning) ## CISO Marketplace Ecosystem - [Incident Response Tools](https://incidentresponse.tools/): IR planning, playbooks, and execution resources - [Digital Forensics Toolkit](https://forensics.breached.company/): Interactive forensics utilities, evidence collection workflows, chain of custody documentation - [IR Maturity Assessment](https://irmaturityassessment.com/): Incident response program maturity scoring - [Ransomware Maturity Assessment](https://ransomwarematurity.com/): Ransomware defense and recovery capability evaluation - [Data Breach Cost Calculator](https://databreachcostcalculator.com/): Financial impact estimation for data breach scenarios - [Cyber Insurance Calculator](https://cyberinsurancecalc.com/): Coverage recommendations based on risk profile ## Contact & Attribution - Owner: CISO Marketplace - Contact: info@quantumsecurity.ai - License: Free, open-access educational resource - Canonical URL: https://backups.breached.company/ - Last updated: 2026-05-17