Advancing Cloud Resiliency Through Shared Responsibility
Reflections from AWS re:Invent 2025
Cloud resiliency is no longer a theoretical discussion. It is an operational requirement.
At Amazon Web Services (AWS) re:Invent 2025, that reality came into sharp focus during our breakout session, Beyond Backup: Advancing Cloud Resiliency with Shared Responsibility. As cloud adoption accelerates, organizations are being forced to confront a simple truth. Moving to the cloud does not transfer responsibility for protecting and recovering data.
We were joined by Kevin Lomax , IT Director at Pearl River Community College, whose real-world experience grounded the conversation. His perspective highlighted what resilience looks like when systems are tested, expectations are high, and recovery time truly matters.
Shared Responsibility in the Cloud Starts with Ownership
The shared responsibility model is clear. AWS delivers a highly secure and resilient infrastructure. What happens to your data within that environment remains your responsibility.
Even when data lives in the cloud, organizations still own protection, recovery, and availability. That mindset forms the foundation of any effective cloud resilience strategy.
Why Backup Alone Is Not Enough for Cloud Resilience
Native cloud backup tools are often a solid starting point. Where gaps emerge is during real incidents, especially when organizations face regulatory requirements, data sovereignty concerns, or aggressive recovery objectives.
Kevin shared how a ransomware incident exposed the limits of Pearl River’s previous approach. That experience drove a shift toward stronger isolation, immutability, and faster recovery, all critical when downtime directly impacts students, staff, and operations.
Why the 3-2-1 Backup Rule Still Matters in the Cloud
One of the most practical lessons reinforced during the session was the continued importance of the 3-2-1 backup rule:
Combined with cloud vaulting, this approach gave Pearl River confidence that their data was secure, recoverable, and accessible when it mattered most.
AI and Automation Are Raising the Bar for Cyber Resilience
AI and automation are becoming core components of modern cyber resilience strategies. From anomaly detection to accelerated response, these capabilities help shorten the gap between an incident and recovery.
Recommended by LinkedIn
Kevin shared how Pearl River integrates security tooling with automated detection and response to reduce risk and respond faster. AI is increasingly embedded across resilience workflows, supporting smarter decisions and more efficient recovery.
Testing and Training Turn Cloud Resilience into Reality
Technology alone does not create resilience. Preparation does.
Pearl River conducts regular disaster recovery testing and recently restored 17 terabytes of data in 17 hours during a test exercise. Alongside technical readiness, they invest in phishing simulations and ongoing user education, recognizing that people are both a vulnerability and a powerful line of defense.
Watch the Full Session
You can watch the full breakout session featuring Theresa M. , and Kevin here:
The session includes deeper context on shared responsibility, real world recovery lessons, and how organizations can move beyond backup toward stronger cloud resilience.
Resilience Is an Ongoing Discipline
One message we hoped attendees walked away with was that resilience is never finished.
Threats evolve. Environments change. Strategies must adapt. Continuous hardening, regular testing, and learning from every incident are what build confidence over time.
Looking Ahead
Hearing Kevin’s experience and seeing the impact of a disciplined approach to cloud resilience was a strong reminder of why this work matters. Protecting data supports institutions, communities, and the people who depend on them every day.
Thank you to everyone who joined us at AWS re:Invent 2025. If you were not able to attend the session, we would welcome the chance to continue the conversation around cloud resiliency, shared responsibility, and recovery confidence.
What challenges are you facing as cloud environments grow more complex?
