In 2024, cyber resilience will be a big topic at the management level. Because data backup is the basis for the continuity of business processes. AI as a feasible and practical technology will play an important role.
The following trends will play an important role in 2024 in implementing cyber resilience in companies technically and organizationally:
Trend 1: AI and ML are becoming viable and affordable technologies
Artificial intelligence (AI) and machine learning (ML) are becoming a tangible and usable technology for many companies from upper mid-sized companies to maintain data security and data availability. AI can detect and initiate defense against increasingly sophisticated attacks by hackers on backups more quickly and accurately. Since the integration of AI into cybersecurity, backup and recovery is already underway and now possible for the majority of companies, decision-makers must ensure cyber-resilient availability of data, applications and infrastructure based on this. What matters here is the selection of suitable AI platforms. AI should be measured by the extent to which it contributes to meeting business goals and robust data security. It must also be selected carefully and sparingly: fragmented tools in AI pose an increasing risk to cyber resilience.
It is also important to take a strategic approach to reduce complexity in the area of backup. Your job is to manage the rampant growth of SaaS and IaaS infrastructures, if it cannot be prevented entirely. The larger the situation, the more important the help of an AI by collecting information and suggesting measures becomes.
At the same time, AI will optimize and accelerate backup and recovery processes. Thanks to ML, AI constantly defines verified models of an ideal backup process and displays problems with backup jobs in a filtered manner. It calculates the optimal recovery point objective (RPO) of the last malware-free backup file in the event of an attack. Cloud platforms for data management make AI technologies and the necessary data pool owned by hyperscalers available and affordable in compliance with data protection regulations. Companies can reallocate IT infrastructure costs into technology investments.
Trend 2: AI is changing C-level planning and decision-making processes
AI enables CISOs and CIOs to set new priorities. Companies have been using artificial intelligence for years to gain deeper insights or added value from existing information. This makes AI and ML all the more important for cyber-resilient data security. AI-driven segmentation and classification of data will advance risk management for data types. Real-time analysis of risk situations at a granular level is only possible with AI. Managing backup processes and recovery that is oriented toward business goals and sufficiently fast for service level agreements also requires the help of AI assistants.
After an ultimately unavoidable attack, the question arises as to how quickly a company can recover and make its infrastructure and data available again. Weeks or months are no longer acceptable. The goal must be recovery within hours. In 2024, end-to-end security plans must leverage the full range of technologies and measures for true cyber resilience.
Trend 3: Data security and data backup is now a top priority
Members of top management, including the CEO, will become more committed to cyber defense in 2024. There's no way around it. An IDC survey commissioned by Commvault found that only 33 percent of senior executives are highly involved in current cyber-preparedness initiatives, even though 61 percent of respondents believe data loss is very likely or likely.
Cyber resilience can only be a top-down initiative. In 2024, boards of directors will expect more engagement from the C-level to ensure companies are taking a holistic view of their security posture: from detection to protection to recovery. In addition, new laws such as the SEC decision, the Caremark Act in the US, IRAP and DORA will require greater engagement from the highest levels. In the EU, NIS2 brings managing director liability into focus - for an ever larger group of affected companies.
Although the new regulations do not mandate the presence of cybersecurity experts on the board, more and more boards are investing in training and access to specialists to expand their knowledge in these areas. Likewise, more compliance, security and cybersecurity experts will be appointed to the supervisory boards. In the future, they will play a similarly important role as financial experts, who have long been recruited as indispensable members of supervisory boards.
Trend 4: ITOps and SecOps work more closely together
Collaboration between ITOps and SecOps teams will continue to evolve in 2024. Because any organization that continues to operate in silos is seriously limited in the event of an attack. Organizations must consider their defenses across the entire NIST framework. This includes identifying risks, responding to attacks and restoring data and infrastructure if necessary. This requires close collaboration between operational IT and IT security. We have already observed closer cooperation between both groups over the last twelve months. In the future, this will go beyond emergency mutual aid to deal with an incident. Companies will appreciate it if regular cooperation and communication make cooperation and coordination a matter of course.
In 2024, companies will treat their data as an asset and focus on robust asset management, future planning and the workforce needed to support it. Because despite all the progress and indispensability of AI: human control will remain fundamental, so companies must give priority to training. This is the only way they can ensure that the responsible teams can use the full potential of AI technologies while keeping an eye on their systems. Building resources and skills in IT and security teams will be critical for cyber resilience, especially ahead of the tasks of deploying, maintaining and managing new AI systems, said Peter Kayi, General Manager Commvault Germany.
More at Commvault.com
About Commvault Commvault is the leading provider of backup and recovery. Commvault's converged data management solution redefines what backups mean to the advanced business with applications that protect, manage, and utilize their most valuable asset: their data. Software, solutions and services are available directly from Commvault and from a global network of proven partners. The company employs more than 2.300 highly qualified people worldwide, is traded on the NASDAQ (CVLT) and is headquartered in Tinton Falls, New Jersey, USA.