As companies are exposed to more and more attackers, they’re realizing that cyber resilience is increasingly important. On this episode of the Tech Field Day Podcast, presented by Commvault, Senior Director of Product and Ecosystem Strategy Michael Stempf joins Justin Warren, Karen Lopez, and Stephen Foskett to discuss the growing challenges companies face in today’s cybersecurity landscape. As more organizations transition to a cloud-first operation, they’re recognizing the heightened exposure of their data protection strategies to global compliance mandates like DORA and SCI. Adding to this complexity is the emerging threat of AI, raising important questions about how businesses can adapt and maintain resilience in the face of these evolving risks.
Apple Podcasts | Spotify | Overcast | Amazon Music | YouTube Music | Audio
Cyber Resilience in the Cloud-First World
In today’s rapidly evolving cybersecurity landscape, companies are increasingly recognizing the importance of cyber resilience, especially as they transition to cloud-first operations. The shift to cloud environments has exposed organizations to new risks, including compliance mandates like DORA and SOCI, which require more stringent data protection strategies. Additionally, the rise of AI introduces further complexities, as businesses must now consider how AI can both enhance and threaten their cybersecurity efforts. The conversation around cyber resilience is no longer just about preventing attacks but ensuring that organizations can recover quickly and effectively when breaches inevitably occur.
One of the key challenges in achieving cyber resilience is the lack of a clear, standardized definition of what it means to be resilient in the face of cyber threats. Unlike disaster recovery, which has well-established methodologies, cyber resilience is still a moving target. The nature of cyberattacks, which are often malicious and unpredictable, makes it difficult to apply traditional disaster recovery strategies. For example, while a natural disaster like a tornado may damage infrastructure, it doesn’t actively seek to corrupt data or systems. In contrast, a cyberattack forces organizations to question the integrity of their entire environment, from networks to cloud architectures. This uncertainty underscores the need for continuous testing and preparedness to ensure that recovery is possible after an attack.
The complexity of modern IT environments, particularly with the widespread adoption of hybrid and multi-cloud setups, further complicates the task of maintaining cyber resilience. As organizations spread their data across various cloud platforms and on-premises systems, the number of moving parts increases, making it difficult for administrators to manage and protect everything manually. Automation and orchestration tools are becoming essential to handle the scale and complexity of these environments. Solutions like Commvault’s clean room recovery, which allows for dynamic scaling in the cloud and cross-platform data restoration, are helping to simplify the recovery process and reduce the time it takes to bounce back from a cyber incident.
Compliance is another critical factor in the conversation about cyber resilience. With regulations varying across jurisdictions and industries, organizations must navigate a complex web of requirements to ensure they are protecting their data appropriately. The involvement of legal teams in discussions about data protection is becoming more common, as companies recognize the legal and financial risks associated with non-compliance. Tools that can help organizations track and manage their compliance obligations, without exposing sensitive data, are becoming increasingly valuable. Commvault’s approach, which focuses on analyzing metadata rather than customer data, allows organizations to stay compliant while minimizing the risk of data exposure.
Finally, the role of AI in cybersecurity cannot be ignored. While AI offers powerful tools for automating tasks and identifying threats, it also presents new risks, particularly when it comes to data privacy and security. Responsible AI practices, like those advocated by Commvault, emphasize the importance of using AI in a way that respects customer data and focuses on operational improvements rather than invasive data scanning. By leveraging AI to enhance breach management and compliance tracking, organizations can improve their cyber resilience without compromising the integrity of their data. As AI continues to evolve, it will be crucial for companies to adopt thoughtful, responsible approaches to integrating these technologies into their cybersecurity strategies.
Podcast Information:
Stephen Foskett is the President of the Tech Field Day Business Unit and Organizer of the Tech Field Day Event Series, now part of The Futurum Group. Connect with Stephen on LinkedIn or on X/Twitter.
Michael Stempf is the Senior Director of Product and Ecosystem Strategy at Commvault. You can connect with Michael on LinkedIn. Learn more about Commvault and Commvault Shift on their website.
Justin Warren is the Founder and Chief Analyst at PivotNine. You can connect with Justin on X/Twitter or on LinkedIn. Learn more on PivotNine’s website. See Justin’s website to read more.
Karen Lopez is a Senior Project Manager and Architect at InfoAdvisors. You can connect with Karen on X/Twitter or on LinkedIn.
Thank you for listening to this episode of the Tech Field Day Podcast. If you enjoyed the discussion, please remember to subscribe on YouTube or your favorite podcast application so you don’t miss an episode and do give us a rating and a review. This podcast was brought to you by Tech Field Day, home of IT experts from across the enterprise, now part of The Futurum Group.