In reality, bad actors are leveraging technology to launch ever-more complex cyber and ransomware attacks. Countering this rapidly evolving threat requires organisations to “fight fire with fire”.
Modeen Malick, principal systems engineer at Commvault, says: “It can prove challenging to understand where AI and ML can be most effectively applied as well as how to separate genuine benefit from unnecessary hype.
“Finding the right use cases for AI and ML can improve an organisation’s overall cybersecurity and recovery posture as well as compliance and operational efficiency, helping to facilitate the cyber resiliency that has become an essential component of business continuity today.”
The impact of AI and ML
AI is not a new, but it has evolved over time to become extremely efficient for data classification and analysis (also known as predictive AI). Taking this a step further into deep learning and AI models built and trained on large data sets, there is GenAI, which is highly efficient in sentiment analysis and generating content. “If the right tools are used to solve the right problems and, if these solutions are relevant to a business use case, AI holds significant potential to transform businesses,” Malick points out.
“However, it is important to bear in mind that the same AI and ML tools revolutionising business are also available to bad actors who are now leveraging AI to make ransomware attacks even stealthier and harder to detect. AI is also being leveraged by providers of ransomware-as-a-service. To combat any AI driven threat, it is essential to have AI-powered defence capabilities in our arsenal.”
Use cases for AI in the data management space
A recent research report from Enterprise Strategy Group reveals that 99% of organisations surveyed believe built-in AI and ML capabilities are important for supporting backup, data recovery and ransomware efforts. This reinforces how quickly the promise of AI technology has been adopted by the industry. How can organisations leverage AI most effectively to protect data, enhance operational efficiency and improve cyber resilience?
The security posture of the backup environment has become a key area of concern for organisations relying on backups and protected copies of data to be able to recover from a cyber crisis. AI and ML can address several common pain points in data protection and recovery including the use of ML-driven data classification to more effectively discover assets that are prime targets for ransomware exfiltration as well as automation to help improve data management and migration at scale. Tools like anomaly detection can be hugely beneficial in proactively identifying and flagging suspicious behaviour while AI can assist in determining the best recovery point, creating effective data recovery strategies and automating disaster and cyber recovery plans.
Leveraging maximum value
Security threats can be catastrophic for organisations. Ransomware is a top threat to overall viability of businesses. It is becoming increasingly pervasive as bad actors are using more advanced techniques and continue to target backups. AI and ML have an important role to play in enhancing overall cybersecurity and cyber recovery postures by helping to more effectively and efficiently identify threats, jump start the recovery process, automate intelligent data recoveries and improve compliance, among other benefits. Reducing downtime is critical as businesses cannot afford to lose days or weeks to a cybersecurity event. Malik believes this is where the real value of AI lies: helping to improve operational efficiency and ensure faster time to protection, detection and recovery in a constantly evolving technology world.
