# ADP: DRAM shortage is affecting ransomware recovery > Source: > Published: 2026-05-14 12:51:00+00:00 # ADP: DRAM shortage is affecting ransomware recovery Interview. Stacy Hayes, chief strategy officer and co-founder at Rubrik-focussed data protection MSP [Assured Data Protection](https://www.blocksandfiles.com/ai-ml/2025/07/21/adp-plots-next-move-beyond-rubrik-and-nutanix/1602046), reckons that the DRAM shortage’s real casualty is ransomware recovery. That seems a bit of a stretch. He asserts that, as AI soaks up global memory supply, infrastructure is getting pricier and less predictable. That means backup and recovery are now tied to supply chain conditions. That is a real exposure. When backup windows shrink, redundancy gets cut, or restores get delayed, attackers have a bigger window to operate and a better chance of making ransomware stick. That got us thinking and we asked him some questions to tease out the thinking behind this Blocks & Files: Why is recovery becoming supply-chain dependent? Stacy Hayes: Recovery today depends more on the supply chain than most people realize. A solid disaster recovery plan isn’t just about process; it requires having enough infrastructure and capacity in place before anything goes wrong, and that responsibility largely sits with the providers delivering recovery. For many mid-market organizations, that recovery now runs on MSP-operated, multi-tenant platforms. Those environments need to keep scaling as data grows, and new customers come on board. The challenge is that infrastructure isn’t scaling at the same pace right now. Supply constraints, long lead times, and price volatility are slowing down that growth. That’s where the gap shows up. Demand recovery continues to rise, but the ability to expand capacity isn’t keeping up. The real risk isn’t the recovery event itself; it’s whether the platform behind it can scale when needed. If providers can’t grow fast enough, onboarding slows and large-scale recovery becomes harder to support. Blocks & Files: Why isn’t backup becoming supply-chain dependent? Stacy Hayes: Backup is less exposed because it’s already in place and runs continuously on existing infrastructure. It’s about capturing and storing data over time, rather than rebuilding environments under pressure. Most organizations already have backup environments deployed, whether on-premises or in the cloud, and those systems continue to operate even in a constrained supply environment. Recovery is different. It requires standing up usable environments, quickly and at scale, which brings you back to hardware availability and capacity constraints. While backup remains relatively stable, recovery is where supply chain risk becomes visible. You may have the data, but that doesn’t mean you can restore the business. Blocks & Files: What should IT leaders be doing now to close resilience gaps? Stacy Hayes: Start by validating recovery assumptions under real-world conditions. Many organizations have recovery plans that look solid on paper but haven’t been tested against current constraints like delayed hardware or limited capacity. Leaders should be asking whether they can actually scale recovery in line with production, and what dependencies they have on infrastructure that hasn’t yet been delivered? Reducing reliance on just-in-time infrastructure is critical. If recovery depends on procuring hardware during or after an incident, that’s a clear vulnerability. Resilience has to be based on pre-provisioned or readily available capacity. There’s also a broader shift from owning infrastructure to guaranteeing recovery outcomes. That means focusing less on how systems are built, and more on whether recovery can be delivered consistently and within defined timeframes. In practice, that points organizations towards managed service models that can absorb supply chain volatility. Blocks & Files: Where does this leave ransomware preparedness? Stacy Hayes: Ransomware preparedness is now less about whether you have backups, and more about whether you can recover cleanly and quickly. Most organizations have made progress on backup, but the real challenge is recovery. More specifically. it’s about identifying clean data and restoring it into a secure, functional environment. That process depends heavily on having the right infrastructure available. If supply chain issues delay recovery, the impact of a ransomware attack increases quickly. Downtime is extended, business operations remain disrupted, and the pressure to pay a ransom grows. This means the focus must shift. It’s not enough to say, “we have backups.” The question is whether you can execute recovery under real-world constraints and do that quickly, reliably, and with confidence that what you’re restoring is clean.