Setting the stage – The need for Business Continuity and the threat of Cyber Attacks
This year, I had the privilege of again attending Commvault SHIFT 2024, following an exceptional experience at last year’s event. Conferences like these are invaluable in an industry that evolves so rapidly, where staying relevant and informed is more critical than ever. With a plethora of topics and innovations emerging constantly, it’s nearly impossible to keep track of everything. That’s why choosing the right events to attend becomes essential—it’s about being strategic with time and energy to focus on professional development while managing my work and personal life. In a world where industry events seem endless, it’s important to filter through the noise and select those that provide real, actionable insights.
Commvault SHIFT 2024 delivered just that—an experience that was not only insightful but also a bit sobering. The keynote, delivered by Commvault CEO Sanjay, brought attention to an alarming statistic: 50% of organisations operating remotely have fallen victim to cyber-attacks. This revelation put into perspective just how high the stakes have become in the modern digital landscape. Cybersecurity is no longer just an IT issue; it’s a core business risk, and the weight of this challenge is resting squarely on the shoulders of CIOs and CISOs globally. What was once an emerging concern is now a full-scale battle, one that no organisation can afford to ignore.
This concern is further validated by IDC’s recent statistic in my part of the world that 59% of Asia-Pacific enterprises were targeted by ransomware attacks in 2023. The frequency and severity of these attacks are growing at an alarming rate, placing unprecedented pressure on organisations to fortify their defences. The evolving nature of these threats underscores why cybersecurity is at the top of the agenda for most businesses today.
These statistics alone paint a vivid picture of the relentless fight against cybercrime. Companies are not just dealing with routine breaches; they are battling sophisticated, evolving threats that could jeopardise their entire IT operations. This escalating cyber threat landscape perfectly frames the purpose and mission of companies like Commvault. Their innovative solutions, designed to protect and recover critical data, have become more important than ever, playing a pivotal role in this ongoing battle.
What struck me most was how it emphasised the need for a proactive, rather than reactive, approach to data protection and cybersecurity, With the rise of remote work and digital transformation, companies can no longer afford to be complacent. Organisations need to shift their mindset from simply protecting the perimeter to focusing on data resiliency and recovery as key components of their overall strategy.
Commvault’s ability to innovate and adapt in this climate is exactly what sets them apart. Their tools and strategies not only help mitigate the risks but also equip businesses with the agility to bounce back quickly when faced with inevitable cyber threats. The industry’s future will rely heavily on such technologies, and companies that fail to invest in this area may soon find themselves left behind.
Cybercriminals are smart and attack the heart
Most of us know the importance of Active Directory and everything that hangs off it, which is pretty much everything. And this is why Commvault highlights that out of 10 cyber-attacks, 9 of them are targeted at Active Directory. This is staggering!
There are multiple reasons as to why this is the case, it’s quite simple – Active Directory serves as the hub for an organisation’s IT environment, it manages user accounts, devices, and permissions across the network. By gaining access, attackers can elevate their privileges, create new accounts, or alter permissions to maintain control and move laterally within the environment. It also contains privileged accounts such as domain admins, which have unrestricted access across the network.
Compromising these accounts allows attackers to perform actions like installing malware, exfiltrating data, or shutting down services without detection. The result is widespread given the architecture of Active Directory and what it plugs into.
A shift or a complete Change? Continuous Business in 2024.
The concept of Business Continuity still exists in today’s world, but the shift as it can be interpreted and what I think struck me most was how it emphasised the need for a proactive, rather than reactive, approach to data protection and cybersecurity. This is the shift from Business Continuity (Reactive) to Continuous Business and while Business Continuity traditionally focuses on restoring operations after disruptions, Continuous Business emphasises proactive measures to prevent downtime altogether. This shift is driven by the need for seamless availability, faster response times, and stronger data resilience.
To Commvault, Continuous Business brings together 5 pillars – Security, Rebalance, Readiness and Recovery, this thought leadership approach, proactive thinking ability to provoke the thought that while cyber-attacks are high – the whole notion of “Continuous” almost diminishes the concern or dismisses them altogether knowing there is a platform like this that exists.
And Commvault’s ability to innovate and adapt in this climate is exactly what sets them apart. Their tools and strategies not only help mitigate the risks but also equip businesses with the agility to bounce back quickly when faced with inevitable cyber threats. The industry’s future will rely heavily on such technologies, and companies that fail to invest and not transform in this area may soon find themselves left behind. And Commvault is at the forefront of this transformation, providing cutting-edge solutions that ensure uninterrupted operations in an increasingly complex data environment.
Further Expansion and Integration into the Hyperscalers
SHIFT 2024 also saw a new list of enhancements for customers operating in the cloud:
Cleanroom Recovery: Commvault is expanding its Cleanroom Recovery solution to AWS, enabling organisations to recover and rebuild their cloud infrastructure in a secure, isolated environment. This dedicated recovery zone supports forensic analysis and regular testing of recovery plans, ensuring businesses are well-prepared for future cyber threats. I first wrote about the introduction of Cleanroom Recovery last year in this post so take a read.
Air Gap Protect: This feature provides an immutable, isolated backup of customer data within a secure Commvault tenant, ensuring critical data remains untouchable, even in the event of a widespread cyberattack.
Cyber Resilience for Amazon S3: Utilising Commvault’s acquisition of Clumio (Shout out to Poojan), this solution allows organisations to restore clean, malware-free versions of their data stored in Amazon S3 in the event of a ransomware attack. Nice and simple!
Additionally, Commvault has enhanced its cloud data protection capabilities for Google Workspace, safeguarding services like Gmail, Google Drive, and Shared Drives. As more businesses rely on cloud-based SaaS applications to serve their employees and customers, this offering ensures that critical business data remains protected, compliant, and recoverable in the event of data loss or a cyber incident.
Cloud Rewind
Now this is super cool, and super powerful for organisations. It’s like a magic wand that casts time machine capability to your IT environment – both infrastructure and applications.
In a nutshell, Commvault Cloud rewind is a cloud-native solution designed to restore not just data, but entire cloud environments. This includes applications and infrastructure. Leveraging Appranix technology (Commvault acquired Appranix earlier this year), Cloud Rewind enables organisations to effectively “rewind” to the last clean state before a cyber incident, automating the restoration of applications and infrastructure across cloud platforms such as AWS and Azure. This significantly reduces downtime, cutting recovery time objectives from days or weeks to just minutes.
Why is this important (and useful)? In today’s cybercrime ridden landscape (remember the statistic above), where enterprises operate numerous applications across multiple cloud environments, swiftly restoring full operational capacity is crucial for ensuring business continuity. Cloud Rewind tackles this challenge head on by automating intricate processes relating to recovery, minimising manual human intervention, and significantly shortening recovery time following an attack.
In closing
In amongst the expansion of product features to further integrate into hyperscaler’s like Google, Commvault delivered a well-thought-out and insightful event, prompting us to rethink how we approach business continuity to allow continuous business and again enlightening us on the ongoing battle against cyber-attacks and ransomware in today’s world.
As a personal takeaway, the whole event got me thinking that no organisation or vertical with an online presence is safe from these attacks (the research and statistics show that), and thankfully there are companies such as Commvault that are dedicated to safeguarding these organisations and making it easy in the process.
By allowing their platform to integrate seamlessly with cloud environments, providing flexibility and scalability, while ensuring that data is always accessible and recoverable. Commvault empowers businesses to thrive in a world where downtime is not an option, ensuring that data security and protection form the backbone of Continuous Business and the fight against cyber-attacks.
