Glossary
Immutable backup
A backup that cannot be altered or deleted for a set period, so ransomware cannot encrypt or wipe it along with everything else.
An immutable backup is written once and cannot be changed or deleted until a retention window expires, not even by an administrator account. That property is what makes it survive a ransomware event, because the single most common backup failure is backups sitting online and writable on a share the attacker reached and encrypted with everything else.
Immutable or properly offline backups are what turn ransomware from existential into merely expensive. The word that matters next to them is tested: an untested backup is a hope, not a control, and the time to discover a broken restore is a Tuesday afternoon, not during the worst week of your year. Why this is where the money should go.