This document discusses cyber attack survival and data security. It begins with discussing the threat landscape, understanding risks, and implementing a data security program. It then discusses observed data breach threats like malware infections and hacking, how breaches are typically discovered, and assessing security risks. The document recommends following frameworks like NIST and ISO, validating controls through audits and testing, and prioritizing "quick win" controls that address 40% of data breaches. The overall document provides an overview of understanding security risks, implementing controls, and testing a data security program to survive cyber attacks.