If a cybersecurity provider tells a customer not to worry about ransomware or other forms of cyberattack — that they’ve got their endpoints and are fully defended everywhere in between — they’re not telling the truth. It’s not a matter of if you will be attacked, but when.
That is the message John Anthony Smith, Founder and Chief Security Officer of Chattanooga, Tennessee-based cybersecurity company Fenix24, and his fellow company leaders evangelize with audiences, customers, and fellow cyber pros around the world. The good news, he says, is that as an industry leader in ransomware restoration, recovery, and breach defense, Fenix24 provides assurance that your organization can quickly rebound after a cyber attack.
Fenix24’s work involving numerous ransomware restorations reveals that organizations may think they are protected, but that the reality is something different. Smith, who frequently shares Fenix24’s internal research as a keynote speaker at cybersecurity conferences around the world, most recently on April 28 at ILTA Evolve in Myrtle Beach, S.C., reported that 93% of cyber events target backup repositories. However, he said 80% of critical systems do not survive a data breach. And of the 20% of backups that survive, only 50% will be usable within a realistic time frame.
Even when a ransom is paid, only 68% of the data will survive the decryption process intact, Fenix24 found. Alarmingly, only 14% of organizations actually have survivable backups against threat actor behaviors, and just 24% have backed up all their critical data.
“Data backup technology is your primary weapon of cyber defense against threat actors, including the actions by people inside the organization, whether intentional or not,” Smith said, pointing out that many industries — particularly those in the legal, healthcare, and insurance sectors — mandate strict data retention and integrity protocols.
Therefore, the proper orchestration of immutable data backups enables organizations to demonstrate compliance while establishing that they are on the leading edge of cybersecurity. But that’s where Smith believes many organizations get it wrong: they may have backup technologies in place, but these systems are not correctly configured and ultimately fail the test.
“Yes, you can guarantee that customer data and your own will be fully recoverable with minimum downtime,” Smith said. “However, if bad actors can eliminate your data backups, then your endpoint detection and response (EDR) are essentially irrelevant, so you must first address your ability to recover.”
Threat actors extort a ransom
Today’s threat actors are on the offense, constantly introducing new tactics and techniques that keep cybersecurity professionals lagging behind and perpetually on the defensive.
“They’re after one thing: your business’s data to extort ransom,” Williams says. “Let’s start by ensuring we can recover when they find a way in.”
Fenix24 Founder and Chief Information Security Officer Heath Renfrow stresses that ransomware is a business operations crisis, not merely a data problem.
“It’s not just about preventing the encryption but about recovering fast enough to avoid financial and reputational ruin,” Renfrow said. “Your response plan should focus more on minimizing downtime than debating whether or not to pay ransom. If your backup system isn’t isolated, monitored, and tested against ransomware scenarios, it’s not a backup. It’s a liability.”
Recovery over resistance
Immutable data backup technology is where Fenix24 thrives as a service provider. The company’s emphasis on data recovery and resilience drives its go-to-market strategy, emphasizing “recovery over resistance.” That’s not to say traditional defensive measures aren’t crucial to an organization’s security posture — if anything, it underscores the company’s commitment to services for prevention through Securitas Summa.
Securitas Summa is Fenix24’s comprehensive cybersecurity program that offers businesses an assurance of recoverability, reverse-engineered with in-depth knowledge of what the world’s biggest threat actors are doing right now. By providing businesses with resistance, continuous protection, infrastructure recovery, and expert insights through Fenix24’s arsenal of acquisitions — Athena7, Grypho5, and Argos99 — coupled with its own ransomware recovery capabilities, Fenix24 helps businesses stay protected for a single, transparent cost.
Industry awards bolster company reputation
Fenix24 has received several prominent awards for its services, including the 2025 Global InfoSec Awards in the following categories:
- Conversant Group — Pioneering Cyber Resilience
- Fenix24 — Pioneering Breach and Incident Response; Hot Company Ransomware Recovery; Market Leader Ransomware Restoration
- Grypho5 — Editor’s Choice Managed Services
Fenix24 also won several 2025 Cybersecurity Excellence Awards, including Most Innovative Cybersecurity Company, as well as Ransomware Recovery, Incident Response, and Business Continuity/Disaster Recovery.
The company is also honored in several 2025 Globee Cybersecurity Awards categories:
- Gold — Security Backup and Restoration
- Gold — Disaster Recovery
- Gold —Outstanding Cybersecurity Incident Response
- Gold — Ransomware Recovery
- Conversant Group
- Silver — Cybersecurity Company of the Year
- Gold — Infrastructure Security
A military mindset to cybersecurity
Originally founded as Conversant Group in 2009, the company recently rebranded, whereby Fenix24 became the company name. Fenix24, functioning under the legal entity of Conversant Group, also maintained its status as one of the four battalions operating as “The World’s First Civilian Cybersecurity Force.”
Key acquisitions in 2025 have spurred Fenix24’s strong growth, such as the acquisition of vArmour, which was quickly complemented by its subsequent acquisition of appNovi.
“By providing real-time visualizations of an organization’s network flow, assets, and application dependencies, the acquisition of appNovi’s technology not only accelerates Fenix24’s recovery services but greatly enhances our peacetime resiliency and assured recoverability offerings,” Grazman said. “Perhaps most importantly, we are proud to integrate the key founders of appNovi into the Argos99 team as we build Argos99 into a market-changing software offering uniquely suited to enhancing resiliency and recoverability both pre- and post-breach.”
