[devonkim]

You can simply do the best to merely record what's going on (ship your logs off to a system that's super well secure and basically write-only with minimal services as fiat). Additionally, somehow protect data sufficiently well that the problem would not cause catastrophic loss of data. A start-up went under after attackers managed to get their AWS access keys and wiped out everything in all their accounts after refusing to pay the ransom fee.

Huge difference between terribly stupid and realistically aware of pros and cons.