RSA Conference 2025: Minimum Viability, Maximum Impact: Why taking the time to rewind belongs in your Cybersecurity Strategy

by | Apr 30, 2025 | Cloud, Commvault, Conference, Data Management, Data Protection, Ransomware, Security, Thought-Leadership | 0 comments

RSA Conference 2025

The RSA Conference 2025 is live right now in San Francisco—one of the most forward-thinking events in the cybersecurity calendar. Over the four days, hundreds of security-focused companies will showcase their latest innovations, pushing the boundaries of cyber resilience, business continuity, and cloud security. Like any cloud technology buff, I’ve been tuning in online to catch the key announcements and learn about the latest advancements from the most innovative players in the field.


One of those companies is Commvault, on which I have authored many blog posts. They always release innovative and groundbreaking announcements. I have always admired Commvault, its history and origins, and now its strategic direction and future. I enjoy covering their solutions.

And it got me thinking it’s the perfect moment to rewind and revisit one of the most powerful solutions they’ve brought to market last year in my mind — Commvault Cloud Rewind.

Taking time to rewind!

In a post I shared last year, I introduced Commvault Cloud Rewind on the back of Commvault SHIFT — a cloud-native solution designed to restore data and rebuild entire cloud environments, including applications, infrastructure, and critical configurations. Cloud Rewind leverages technology from Appranix, which Commvault acquired in April 2024.

In simple terms, it enables organisations to effectively rewind to the last clean state before a cyber incident, automatically restoring cloud environments across cloud platforms like AWS and Azure.

This mere capability doesn’t just shave hours off your recovery time after a massive outage or disaster — it can cut recovery time objectives from days or weeks down to minutes. That’s not just impressive — it’s mission-critical and in many occasions, it saves organisations from flopping over.

The Challenge Without Cloud Rewind

Traditional backup and disaster recovery focus heavily on protecting data. But in most organisations where multi-cloud is the norm, effectively creating interconnected (and interdependent) environments, data alone is not enough – there is so much more to it!

Think about it. After a cyber-attack, you don’t just need the files back — you need to reconstruct fully:

  • Application dependencies

  • Infrastructure configurations and dependencies

  • Networking, DNS, and security groups

  • Critical cloud-native services that you may not have as much control over.

Without automation, this process becomes painfully slow, highly complex, and prone to human error (imagine someone panicking and rushing to get systems up and going, mistakes are bound to happen) — making it nearly impossible to restore the minimum viable environment at the speed business continuity demands and what your RTO is defined at.  Every minute lost after an attack increases operational, reputational, and financial damage. (more to come on this later)

​OK so what is “minimum viability”?

A new term for me and It’s a term you’ll hear more and more — and it’s essential to understand in the context of business continuity. Minimum viability is “the combination of critical applications, assets, processes, and even people required for an organisation to continue its mission after an attack or disaster”. It’s the absolute minimum you need to survive and become operational — and anything outside of it, you can afford to let burn, at least temporarily. What remains surprisingly common, however, is the lack of clarity many organizations have around their own minimum viable state. Even more concerning is how few have formal plans, up-to-date documentation, or regular test exercises in place to validate this baseline.

The traditional understanding of “minimum viable business” has evolved. It no longer simply refers to maintaining basic operations—it’s now intrinsically tied to how effectively and efficiently an organization can recover from disruptions. Whether those disruptions stem from cyberattacks, outages, or human error, the ability to rapidly resume business-critical operations has become a defining capability on survivability.

Luckily, Cloud Rewind empowers organisations to do just this.

Ok so how does Cloud Rewind Enables Minimum Viability

Commvault Cloud Rewind directly enables minimum viability by addressing the key gap in traditional disaster recovery:

  • Rewind full environments, not just individual files

  • Automate complex restorations across AWS, Azure, and other multi-cloud platforms

  • Minimise human intervention, ensuring faster, error-free recovery (no more stressful situations)

  • Ensuring restored environments match their last clean, known state so no surprises

By automating the restoration of the entire minimum viable environment seamlessly and effortlessly, Cloud Rewind turns a high-risk manual rebuild into a controlled, orchestrated, and rapid recovery process. (And IT folk can rest easy)

Why This Matters More Than Ever 

Downtime costs an average of $14,000 USD per minute—so every second of fumbling through untested recovery plans bleeds money, credibility, and control. Theoretical strategies are worthless if they fail under pressure. Without automation and orchestration, minimum viability isn’t a strategy—it’s a fantasy. You might know what needs restoring, but how, how fast, and in what sequence? That’s where most IT teams choke.

When systems crash and the C-suite is breathing down your neck, guesswork and manual effort are just suicide. Commvault Cloud Rewind removes the chaos out of recovery with a one-click restoration of your minimum viable environment—clean, verified, and ready to go.

This isn’t rare anymore, it is reality. Ransomware, outages, and breaches are daily occurrences. Treating resilience as a nice-to-have is how companies die slow.

So, in conclusion

Let’s recap – Minimum viability defines what you must recover. Cloud Rewind makes that recovery operationally possible. It’s as simple as that, takeaway message is don’t find out during a disaster that things don’t work, especially the minimal number of services needed to remain viable. Due yourself a favour and attend one of Commvault’s RSA sessions (Details below) where they will reinforce a key takeaway: resilience is not achieved through data protection alone. It requires:

  • Cross-environment orchestration

  • Strategic recovery zones

  • Policy-driven automation

  • Deep visibility into interdependencies

Organisations that treat backup as an isolated function will continue to struggle with prolonged downtimes and compliance risks.

The future belongs to those who integrate protection with recovery—and design with resilience in mind. These elements are a lot to think about when experiencing an outage (and more important to appreciate the value of being prepared beforehand).

Want to learn more?

Commvault is exhibiting at the RSA Conference 2025 in San Francisco from April 28 to May 1.

You can find them at two locations in the North Expo Hall.

  • Booth N-5678: Experience the “Rewind to the Future” interactive journey, showcasing Commvault’s rapid cyber recovery solutions

  • Booth N-4308: Engage in hands-on demonstrations of the full Commvault Cloud platform, including features like Cloud Rewind, Cleanroom Recovery, and Threat Scan

Or join one of their open sessions (space is limited however so make sure you register!

  • Tuesday, April 29 11:00am – 12:00pm PT or 1:30pm – 2:30pm PT
  • Wednesday, April 30 11:00am – 12:00pm PT or 1:30pm – 2:30pm PT
  • Thursday, May 1 9:00am – 10:00am PT

Additionally, Commvault is hosting the Commvault® Recovery Range™, powered by SimSpace at the Alloy Collective.

Submit a Comment

Your email address will not be published. Required fields are marked *