What if the attackers counterattack in the middle of the recovery process?

 What is at risk if cybersecurity gets defeated while the recovery is in progress?

 What is the business’s tolerance for risk in the overall recovery effort, balancing the factors of business impairment, IT recovery, and cybersecurity?