ExtraMile by SecureITWorld addresses the information gap in the cybersecurity space with expert-led conversations so that you can make informed decisions. In every session, we feature top voices from the tech and security industries to assess emerging security threats, strategies to mitigate them, breakthrough tech practices, and more.
For today’s Q&A session, we are accompanied by Todd Thorsen, CISO of the leading enterprise-grade backup, recovery, and archiving services provider, CrashPlan. The organization is significantly known for its fast and reliable solutions. Todd is an accomplished information security professional with over 15 years of experience.
As the CISO of CrashPlan, our guest oversees the firm’s entire security framework, including global security operations, risk and compliance, incident response, resilience, and data protection. In the discussions, we’ll try to understand Todd’s experience in the security space, the importance of data backup and recovery in the AI era, Proof of Cleanliness in data recovery, and more.
Let’s begin by exploring insights that truly drive impact in cybersecurity.
Welcome, Todd, it’s a pleasure to have you with us today!
1. Based on your experience of over 15 years, what is the one uncomfortable truth about recovery that you only learn when a real incident unfolds, and the pressure is on?
Todd. One uncomfortable truth you only learn in the middle of an incident is that more often than not, your recovery plan is far more optimistic than the environmental dependencies of the incident allow. A myriad of issues can surface in the throes of a real-world incident that cannot always be accounted for in planning and tabletop exercises.
2. How have AI-driven threats created challenges for organizations in data backup and recovery? What role does CrashPlan play in reducing risk, strengthening resilience, and maintaining control for firms?
Todd. With AI-driven threats, its no longer about ransomware encrypting data, its now more about adaptive and intelligent attacks targeting the integrity of backups themselves. Attackers are using AI to automate reconnaissance to identify backup repositories, impersonate legitimate admin behavior and even subtly corrupt data over time. This is problematic when moving to recover and you are restoring corrupted or poisoned data. CrashPlan offers several ways to reduce risk by allowing you to enforce continuous, versioned backups with strong immutability controls and encryption. CrashPlan strengthens your resilience posture by enabling granular and rapid restoration of data without relying on potentially compromised infrastructure.
3. Everyone uses backups as a strategy to stop ransomware. What other scenarios are actually more likely to cripple an enterprise’s 2026 growth, other than ransomware attacks?
Todd. Ransomware attacks continue to grab the headlines, but a bigger threat to growth is loss of trust in data, access, and control. Data integrity compromises can silently corrupt analytics and AI models, driving bad decisions at scale. Identity system disruptions – losing control of your identity provider can halt business just as effectively as an encryption event and outages, misconfigurations or tenant-level compromises can lock you out of critical systems.
4. As a CISO, you have to choose between speed and integrity. Which one keeps the business alive?
Todd. In the context of a recovery scenario, integrity is key to keeping the business functioning. If you recover quickly with untrusted or corrupted data you are just compounding the damage.
5. Backups in 2026 are more about clean restorations. What does a Proof of Cleanliness look like in a distributed, hybrid architecture where the data source is constantly alternating?
Todd. Evidence based trust – combination of immutable, versioned and encrypted backups with integrity checks and validation against known good baselines across endpoints, servers and cloud.
6. How can a global organization balance the need for immutable, distributed architectures with the challenge of fragmented regional data residency laws? Is global resilience gradually becoming a legal impossibility?
Todd. This really comes down to a thoughtful approach to resilience architecture and well-established recovery plans. Keep data, backups and keys within geographical jurisdictions, while maintaining policy control and visibility across geographies – this provides geographical (regional) resilience with centralized scalable governance.
7. In real incidents, is the weak point technological resilience or human decision-making when moving from identifying breaches to assessing impact? How to address these weaknesses?
Todd. The weak point is most often human decision making under pressure, not technology. Most organizations have technology to detect an issue – but the challenge that many organizations experience is alignment on scope, impact and actions to contain and remediate in an expeditious and prioritized manner.
These challenges can be addressed by operationalizing decision-making as part of your incident response plan – include pre-defined thresholds for action and clear authority. Execute periodic table-top exercises that simulate a technical failure with degrees of ambiguity and include appropriate stakeholders and leaders. Conduct blameless post-mortems following real and simulated incidents to document what went well, what needs improvement (process, people and technology) and make enhancements to address gaps.
8. Which gaps do you think are significant in the backup practices that organizations currently adopt? How do you plan to lead CrashPlan to bridge these gaps and strengthen backups?
Todd. The most significant gaps in backup practices are having false confidence in recovery capabilities and critical gaps in backup coverage. It is important to routinely test restore capabilities, validate integrity of the data recovered and to ensure that there is appropriate coverage for all critical systems and devices (endpoints, servers, cloud environments and SaaS apps).
At CrashPlan, we deliver enterprise-grade backup, recovery, and archiving to protect the data organizations cannot afford to lose. Our cloud-native platform helps businesses secure Microsoft 365, Google Workspace, endpoint, and server data with scalable protection designed to reduce risk, support compliance, and control storage costs. Built for modern IT environments, CrashPlan enables fast, reliable recovery while supporting long-term retention, legal hold, and broader data governance needs.
Discover More In-depth Interviews:
