Most organizations assume their backups, disaster recovery plans, and security controls will work during a cyberattack.

But what happens when those systems have never actually been tested?

In this episode of Code to Cloud — Firewall Fridays, Host Kevin Evans sits down with cybersecurity expert Dom Vogel breaks down a real-world incident where a mid-sized construction company lost nearly $500,000 after discovering their “state-of-the-art” backup system failed when it mattered most.

This wasn’t caused by advanced ransomware or elite hackers.

It was caused by a common organizational mistake: trusting technology without validating it.

If you lead IT, manage risk, oversee finance, or run a business dependent on digital systems, this conversation explores the practical realities of cybersecurity, backup testing, and organizational resilience.

• Why modern backup systems still fail during ransomware incidents

• The hidden risk behind untested disaster recovery plans

• How cybersecurity myths create operational blind spots

• Why continuous validation is replacing traditional security audits

• How everyday devices and jailbroken streaming boxes become enterprise attack vectors

• The shift from top-down cyber threats to bottom-up vulnerabilities

• Leadership, governance, and accountability in cybersecurity decision-making

• Practical ways organizations can strengthen cyber resilience today

This episode is designed for:

• Business owners and executives

• CFOs and risk leaders

• IT directors and managed service providers

• Cybersecurity professionals and CISOs

• Organizations operating cloud, on-premise, or hybrid environments

Anyone responsible for business continuity, data protection, or cyber risk management will recognize challenges discussed in this conversation.

Cyber incidents rarely happen because organizations lack technology.

They happen because systems are assumed to work instead of being proven to work.

Dom Vogel explains why cybersecurity must evolve from compliance checklists and tool purchases toward continuous testing, systemic thinking, and organizational accountability.

Cyber resilience is not built during an incident — it is validated long before one occurs.

Practical cybersecurity guidance for Canadian organizations:

Code To Cloud Guide

Code to Cloud explores real cybersecurity incidents, leadership decisions, risk management strategies, and lessons learned from the front lines of IT and security.

New episodes released regularly.

00:00 Introduction — Code to Cloud & Firewall Fridays

01:20 The Myth of “State-of-the-Art” Backups

02:00 The $500K Backup Failure Case Study

05:15 Why Testing and Validation Matter

09:30 Cloud vs On-Prem Backup Reality

12:45 Leadership, Accountability & Cyber Risk

16:40 Fixing Organizational Security Culture

20:00 The Jailbroken “Super Box” Story

24:30 Hidden Hardware Security Risks

28:30 Key Cybersecurity Lessons & Wrap-Up