Commvault Challenges Enterprises to Redefine Resilience Amid Escalating Cyber Risks
As cyber threats evolve and operational disruptions become more frequent, the need for robust cyber resilience strategies has never been more critical. Commvault executives Ravi Baldev Singh and Hazem Abushaban recently emphasized the importance of minimum viability, clean recovery, and air-gapped protection during a webinar titled “Save The Day.” This event highlighted the urgent need for enterprises to reassess their disaster recovery frameworks in light of increasing ransomware attacks, destructive malware, and cloud outages.
The Shift from Traditional Disaster Recovery
In today’s volatile threat landscape, cyber resilience, recovery readiness, and business continuity have emerged as pressing priorities for organizations. The traditional view of disaster recovery is no longer sufficient; enterprises must adopt a more holistic approach that integrates disaster recovery with cyber recovery, clean data restoration, and operational continuity. This paradigm shift is essential for ensuring that businesses can continue to operate, even in a diminished capacity.
Singh, Senior Director of Systems Engineering for Emerging Markets at Commvault, articulated the necessity for organizations to redefine what minimum viability means for their operations. He stated, “Organizations need to move beyond broad conversations around backup and availability and instead define, very clearly, what minimum viability means for their business. Businesses must ask which systems, services, teams, and communication channels must come back first, and within what survival time.”
Understanding Minimum Viability and Survival Time Objectives
The concept of minimum viability is closely linked to the survival time objective, which challenges organizations to determine how long they can afford to remain disrupted before facing unacceptable operational, financial, and reputational impacts. This focus on critical systems and processes is vital for maintaining business continuity in the face of cyber threats.
The discussion underscored that recovery must now be directly tied to business survival. Enterprises can no longer afford to view backup as a standalone function; it must be integrated into a broader resilience strategy. This comprehensive approach allows organizations to restore their most critical operations within realistic timeframes, ensuring they can continue functioning even under adverse conditions.
The Role of Structured Blueprints in Cyber Resilience
Commvault advocates for a structured blueprint-driven approach to resilience that aligns technology recovery with business-critical outcomes. This model emphasizes the identification of essential applications, mapping dependencies, and understanding data locations across both on-premises and cloud environments. By creating detailed runbooks, organizations can better prepare for real-world recovery scenarios.
The need for resilience architecture to extend beyond traditional infrastructure was another key point of discussion. Organizations must now protect a diverse array of workloads, including Microsoft 365, Entra ID, Salesforce, Google Workspace, and various cloud-native services. This expanded scope requires flexibility regarding data location, compliance, and sovereignty requirements.
Air-Gapped and Immutable Data Copies
A significant focus of the webinar was the importance of air-gapped, immutable copies of data. Commvault highlighted that many organizations are seeking to establish secondary and tertiary copies of their data outside the primary production environment. This strategy is particularly relevant for businesses aiming to mitigate risks associated with ransomware and destructive attacks.
Abushaban, Cyber Resilience SME and Senior Systems Engineer for UAE Enterprise at Commvault, noted the shift from conventional backup thinking toward operational resilience. He stated, “Customers want flexibility, speed, and confidence that their data is not only protected but recoverable in a clean and controlled way. Air-gapped copies, immutable storage, clean room recovery, and extended protection across cloud, SaaS, and on-premises workloads are now essential.”
The Imperative of Clean Recovery
The discussion also highlighted the critical need for clean recovery. It is no longer sufficient to simply ask whether data can be recovered; organizations must ensure that it can be restored in a clean and trustworthy state. Capabilities such as threat scanning, clean room recovery, and cyber recovery testing are becoming essential components of a robust recovery strategy. These tools allow organizations to validate recovery points and restore systems in a controlled environment before returning to production.
Abushaban emphasized that the challenge today lies not just in the location of data but in the speed and safety of its recovery under pressure. He stated, “Resilience must now be built as a practical, tested architecture rather than treated as a secondary layer.”
Identity Recovery as a Foundational Requirement
Another critical aspect of cyber resilience is identity recovery. If systems such as Active Directory or Entra ID are compromised, the overall recovery process becomes significantly more complex. Therefore, identity protection and recovery must be viewed as foundational elements of any cyber resilience strategy, especially for enterprises aiming to restore core services swiftly after a cyber incident.
Compliance and Sovereignty Considerations
Compliance and sovereignty remain significant concerns for many sectors, particularly in regulated industries and public sector organizations. Recent events have prompted some businesses to reevaluate long-held assumptions regarding the locations of backup copies and the exceptions that may be permissible in extraordinary circumstances. Commvault’s software-defined and storage-agnostic approach is designed to support this flexibility across various environments, including public cloud, sovereign cloud, national repositories, and on-premises systems.
The Future of Cyber Resilience
The overarching message from the webinar is clear: cyber resilience is no longer merely a technical safeguard; it is becoming a core business requirement tied to trust, continuity, and competitive strength. For enterprises across the region, the ability to recover minimum viable operations quickly and cleanly may prove just as crucial as preventing breaches themselves.
According to publicly available www.tahawultech.com reporting.
For the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East: Middle East
