[F30]

I am highly skeptical when people taking about "rebuilding [the whole] infrastructure" in a few hours. Even more so when restoring all data from breached systems and before a thorough incident analysis. Show me the org which can just pull that off.

[erikbye]

This is doable with proper IaC implementation, and if your org does not have RPO/RTO on lock they're doing it wrong.

Events like Matrix experienced now do not lead to panicked frenzy when this is in place.

[F30]

It is certainly doable, but I doubt that most people have IaC which is complete, reproducible and tested enough. And the data migration from the breached host still means some risk.

[pferde]

It's quite common in enterprise to have a RTO of a few hours, and RPO of a few minutes, even for infrastructure with terrabytes of data. Of course, many moneys are paid for being able to do that.