The Commvault Perspective: How Businesses Can Achieve True Cyber Resilience
While data protection has long been considered the last line of defence against cyber attacks, the evolving threat landscape demands a more comprehensive approach. At a recent Commvault event, DSA sat down with Michel Borst, Vice President for the Asia Region, and Daniel Tan, Head of Solution Engineering, to discuss the growing importance of cyber resilience for businesses.
The Heart of Cyber Resilience: Recovery, Not Just Protection
Michel emphasised that cyber resilience goes beyond traditional data protection. It’s about ensuring an organisation’s ability to recover quickly and completely from a cyber attack, minimising downtime and data loss.
“Cyber resilience is not just about data protection,” Michel explained. “It’s about your ability to recover when something happens. There’s a much more holistic view of the importance of protecting data and ensuring nobody can get to it. However, if they do, you can recover quickly and completely.”
As the interview went on, Daniel highlighted the importance of rigorous testing to achieve cyber resilience, especially in today’s multi-cloud environments. Frequent and comprehensive data recovery testing helps organisations identify potential issues and ensure a clean and complete recovery in the event of an attack.
“We often encourage our customers to test their data as frequently as possible and holistically,” Daniel stated. “By testing comprehensively, they can be confident in their ability to fully recover data from multiple clouds, a key aspect of achieving cyber resilience.”
The Blurring Lines Between Data Protection and Cybersecurity
With both Michel and Daniel acknowledging the rise of AI-powered attacks, the conversation delved into the evolving relationship between data protection and cybersecurity. Commvault’s Arlie, an AI assistant specifically designed for data security, exemplifies the company’s focus on bridging this gap.
However, Michel cautioned against blindly adopting Artificial Intelligence (AI) solutions. He advised organisations to conduct thorough research and develop a clear strategy before implementation, as a lack of understanding could introduce new vulnerabilities.
While data protection remains crucial, both executives believe cybersecurity strategies need to evolve to prioritise speed, holism, and trust. This allows organisations to not only prevent attacks but also recover quickly and efficiently when breaches occur.
The conversation underscored the importance of building a comprehensive cyber resilience strategy. By combining robust data protection practices with AI-powered innovations and a focus on recovery speed and trust, businesses can better prepare themselves for the ever-changing threat landscape.
Deeper Dive: AI, Collaboration, and the Future
During the interview, the duo also explored the growing importance of collaboration between AI and data protection/security.
“The industry is seeing increased use of generative AI, so the threats have become so much more intelligent and vicious,” Michel explained. “On our side, we also have to use the same tools the threat actors are using, which is AI.”
Daniel elaborated on the ongoing development of Arlie, emphasising its potential to integrate with threat-scanning capabilities from third-party providers, further enhancing its ability to sniff out potential threats. He also stressed the importance of adhering to ethical frameworks like NIST (National Institute of Standards and Technology) when developing AI solutions.
With many tech vendors capitalising on the “AI” buzzword, the discussion shifted towards how organisations can discern genuine AI solutions from marketing hype.
Michel reiterated his recommendation for organisations to thoroughly prepare and comprehend their specific use cases before investing in AI solutions. “The hype and buzzword can be dangerous sometimes,” he said. “You need to understand what you’re going to use it for, not just for the sake of using it.”
Daniel added another layer to the conversation, highlighting the potential vulnerability of the data generated by AI models themselves. He emphasised the importance of protecting this data, as it could become a target for hackers seeking sensitive information.
The conversation also touched on Malaysia’s position in the ITU’s Global Cybersecurity Index. Despite ranking 5th, the country also experiences a high number of breaches.
Michel attributed this paradox to the potential overemphasis on securing the front door (production environments) while neglecting cyber resilience practices like comprehensive data recovery testing. Daniel added that Malaysia’s high technology adoption rate and the dispersed nature of data across various environments could also contribute to the high breach count.
Building on Experience: Shaping Commvault’s Future
Michel’s extensive experience across various technology companies, including his background in regulated industries like financial services, has shaped his perspective on Commvault’s future strategies.
“The story there has always been one of taking a long-term strategic and enterprise-wide approach, which is exactly what I aim to bring to Commvault,” Michel concluded. “By helping enterprises in this region adopt a holistic view of cyber resilience, we can empower them to not only protect their data but also recover quickly and efficiently in the face of ever-evolving cyber threats.”
As the cyber threat landscape continues to evolve, it’s evident that Commvault remains committed to providing businesses with the tools and strategies they need to build robust and enduring cyber resilience.