When you make a BlueTeam TO-DO list, whatever your use case requires for items

1.. backup has to be entry 0.

“I'll set up backups later.” Yes you will… the day after all your data is lost.

“I don't have any data yet, so backups aren't a priority.” They will be when you have a catastrophic data lose.

“My data is safely in the cloud, so I don't need backups…” is the precursor to disappointment as ransomware encrypts all of your data.

“I make a backup, once a month onto an external hard-disk”, that's not a backup, that's a snapshot. (Which is the backup equivalent of security through obscurity crossed with busy work.) Backups have to be autonomous, automated, tested and used to restore at a minimum, once a year, (preferably a lot more often.) Recovery needs to be documented, practised and can't be stored on a computer where it could be lost, ransomewared or stolen.

Pull vs push