In this interview from Microsoft Ignite, Colm Keegan, senior consultant of product marketing at Dell Technologies, joins theCUBE’s Rob Strechay to discuss the critical shift from cyber prevention to true cyber resilience in Azure environments. Keegan unpacks recent research highlighting a dangerous "confidence versus capability gap," where organizational leadership often overestimates readiness while underinvesting in recovery. The conversation emphasizes why cloud is an operating model rather than a destination and explores the risks of "over-rotating" on perimeter defenses at the expense of being able to recover data swiftly when – not if – a breach occurs.
The discussion further explores how Dell leverages its partnership with Microsoft to offer hybrid solutions that marry Azure’s native prevention tools with Dell’s comprehensive "Secure, Detect, and Recover" framework. Keegan details the necessity of continuous testing and tabletop exercises, noting that mature organizations testing monthly are significantly more likely to recover successfully. From silicon-level security and data immutability to the deployment of PowerProtect solutions via the Azure Marketplace, the segment outlines how companies can burn down Azure consumption credits to secure their data. Finally, Keegan explains how confidence in data recovery acts as a catalyst for AI innovation, allowing leaders to deploy new technologies without the paralyzing fear of data corruption.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
Microsoft Ignite 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open the link to automatically sign into the site.
Register for Microsoft Ignite 2025
Please fill out the information below. You will receive an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for Microsoft Ignite 2025.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
Microsoft Ignite 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open the link to automatically sign into the site.
Sign in to gain access to Microsoft Ignite 2025
Please sign in with LinkedIn to continue to Microsoft Ignite 2025. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Colm Keegan, Dell Technologies
In this interview from Microsoft Ignite, Colm Keegan, senior consultant of product marketing at Dell Technologies, joins theCUBE’s Rob Strechay to discuss the critical shift from cyber prevention to true cyber resilience in Azure environments. Keegan unpacks recent research highlighting a dangerous "confidence versus capability gap," where organizational leadership often overestimates readiness while underinvesting in recovery. The conversation emphasizes why cloud is an operating model rather than a destination and explores the risks of "over-rotating" on perimeter defenses at the expense of being able to recover data swiftly when – not if – a breach occurs.
The discussion further explores how Dell leverages its partnership with Microsoft to offer hybrid solutions that marry Azure’s native prevention tools with Dell’s comprehensive "Secure, Detect, and Recover" framework. Keegan details the necessity of continuous testing and tabletop exercises, noting that mature organizations testing monthly are significantly more likely to recover successfully. From silicon-level security and data immutability to the deployment of PowerProtect solutions via the Azure Marketplace, the segment outlines how companies can burn down Azure consumption credits to secure their data. Finally, Keegan explains how confidence in data recovery acts as a catalyst for AI innovation, allowing leaders to deploy new technologies without the paralyzing fear of data corruption.
In this interview from Microsoft Ignite, Colm Keegan, senior consultant of product marketing at Dell Technologies, joins theCUBE’s Rob Strechay to discuss the critical shift from cyber prevention to true cyber resilience in Azure environments. Keegan unpacks recent research highlighting a dangerous "confidence versus capability gap," where organizational leadership often overestimates readiness while underinvesting in recovery. The conversation emphasizes why cloud is an operating model rather than a destination and explores the risks of "over-rotating" on pe...Read more
exploreKeep Exploring
What are the risks associated with overestimating cyber readiness within an organization?add
What steps are being taken to ensure comprehensive coverage and security for customers using Microsoft and Dell solutions?add
What should organizations do to prepare for potential cyber events and improve their recovery processes?add
What strategies should organizations adopt to enhance their cybersecurity resilience?add
>> Hello, and welcome to another episode of our coverage of Microsoft's Ignite Conference. I'm Rob Stretchay, and we are going to be talking about going beyond prevention and building true cyber resilience for Azure. Today I'm excited to be joined by Colm Keegan, who's the senior consultant product marketing at Dell Technologies. Welcome on board, Colm.
Colm Keegan
>> Thanks, Rob. Great to be here.
Rob Strechay
>> So I think, again, you're dealing with a lot of what's going on in cloud. And to me, again, cloud is not a place, it's an operating model, and I know you guys feel the same way over at Dell Technologies. What are some of the risks of overestimating your organization's cyber readiness?
Colm Keegan
>> Well, the big risk is that you think your capabilities are what they aren't, and the worst time to find that out is during a breach. And so we just actually finished some research, and what's interesting is that the vast majority of IT professionals stated that their leadership overestimates their cyber readiness. So the obvious risk there is complacency. You think that your capabilities are better than what they are, and in fact, what we're calling this is the confidence versus the capability gap. Because you think your capabilities are up here and then maybe they're really somewhere down here.
And so you want to rationalize that and make sure that when you do get hit with a breach, because that's really the way you should look at it, it's when. When You get hit with a breach, how confident are you that you can get your data back and not only get it back, but get it back in time to meet your business SLAS. So recovery time objectives, recovery point objectives. And so that's how we're trying to help our customers is to find out what their posture is and then come in with the right solutions.
Rob Strechay
>> Yeah. Again, to your point, both of us been in this world for quite some time, and when you look at it, the last time you want to know if you can recover is when you have to recover.
Colm Keegan
>> Right.
Rob Strechay
>> So with so many customers and organizations out there really investing a lot in prevention than they are in recovery, or more than they are in recovery, what kind of vulnerabilities are they creating that they may be blind to?
Colm Keegan
>> Well, that's something that we've been actually looking at for the last several years now, is this over-rotation on prevention. And that's just the nature I think, of how cybersecurity has evolved. Because you had your perimeter defenses, you've got your network security, you got your endpoint security, and of course these are all things that you need. But if you're over-invested there and if your emphasis is on, we got to keep them out, in today's world where cyber criminals are very adept at figuring out how to get in... And sometimes it could just be something as simple as you didn't turn MFA on, and we've seen that, where they just didn't turn MFA on, and that was just a big enough vector for them to get in and wreak havoc. So really what we want to do is we want to look at, okay, well what are your capabilities? Where are the gaps? And at a bare minimum, let's make sure that you've got a clean copy of your data that's off the attack surface and that you can recover from so that if the unexpected happens, you're reasonably confident you get that data back. And a big part of that confidence is having seen it through testing, and doing testing is part of your culture. Not just, "Ah, we'll do it once every six months."
Rob Strechay
>> Right.
Colm Keegan
>> Because what we're seeing is the companies that are more mature from a cyber resiliency perspective, they're testing all the time. They're testing monthly if not more. And those companies that do that, according to the research, are three times more likely to recover than those that are doing it less frequently.
Rob Strechay
>> That makes total sense to me when you look at it. I've always been a big proponent of doing tabletop exercises start to finish, including the recovery aspect of it. Because I think, again, when you start to look at this just throughout the years, the attack surface has gotten so much more complicated to put it mildly. And in fact, one of the things questioned to you is that how is Dell's partnership with Microsoft really helping these customers think and face the challenges of cyber resilience in Azure?
Colm Keegan
>> Well, so it's a hybrid context. So there's things you need to be doing on-prem, there's things you need to be doing in the cloud. There's things that Microsoft does really well, there's things that Dell does very well. So we want to take the best of the prevention capabilities that are native to Azure and that are extensible to on-prem if you're doing things like Azure Local for example, and then marrying them with the cyber resiliency capabilities that we bring to the table. And yeah, look, there's some overlap. So we have a framework that many others also follow. Secure detect and recover, and it starts at the silicon layer, runs all the way through up to the network layer and even now through production storage, protection storage, out into a vault. And so you have this continuum so that you've got multiple layers working for you, but you have that vault as sort of your fail-safe. So what we're doing with Microsoft is we're working with... Again, every customer is unique. We want to see where they're at in the journey and then basically take the best of what Microsoft is doing from a prevention standpoint, so you can think of things like Microsoft Sentinel or Microsoft Defender, taking them with Dell's capabilities, which, again, is extensible from on-prem and into the cloud. We make our solutions available in the Azure Marketplace, so we give our customers lots of choices between software-defined offerings, SaaS offerings. And then let's figure out which puzzle pieces we need to put in to make sure that you're covered across the board. And that's really our approach.
Rob Strechay
>> Yeah, it makes a lot of sense. I think you were mentioning this around the research, showing the gap between prepared organizations how they feel and the reality of what's going on. What potential consequences are there of those leaders who are a little bit overconfident or overestimating their cyber readiness?
Colm Keegan
>> Well, it all comes down to what happens when a breach occurs and what are the outcomes there? How long are you down for? How long does it take you to recover? And if the outcome is you're down for days or weeks, depending on the business, it could be catastrophic. So like we said at the beginning of our talk, you don't want to discover that in a real-world scenario. You want to get in front of this now and your best friend... And this is where the cloud can help you because the cloud, in many respects, is like one giant sandbox. And you think of all the development work that goes on in the cloud, use that to your advantage. Spin up these workloads in the cloud and then test against, simulate a cyber event, and then see how good you are at recovery. Start the clock, how long does it take you to get back? And then from there, you can figure out, "Well, here's where we need some solutions to bridge that gap."
And so I think from a leadership standpoint, obviously those companies that have experienced a breach are the most vigilant today. But the thing is, you don't have to wait for that to happen to you. You can trust your folks to come in, and work with partners like Dell and Microsoft, to help you with these tabletop exercises so that you can actually see firsthand how ready you really are. And I think for a lot of organizations, it's going to be an eye-opening experience. But that's the time to discover it, before you get hit with some catastrophic cyber breach.
Rob Strechay
>> I was going to say, I think that's why you're suggesting it, I've always suggested, you got to prepare for the breach because it's not if, it's when it's going to happen. Why do you see that, also just expanding on that, so important to today's organizations?
Colm Keegan
>> Because it really kind of drives how you approach cyber attacks. So if your mindset is it's just a matter of time before we get hit, then you're going to be taking all the steps necessary to make sure that you can recover. And so like I talked about earlier, those mature organizations, they're testing all the time, but the other thing that they're doing is they're also optimizing. So cyber criminals are constantly changing their tactics. And if you're in a cybersecurity role, you're aware of that and you want to be able to test to see if the latest breach that occurred is something that could impact you. So now you're moving... It's not that you stop with your prevention capabilities, but what you're doing now is you're spending more time and more effort on the testing to see how well you can recover. And what that does is it does a couple of things. One, it helps you to optimize. Two, when you actually get to a point where you feel that I can get my most critical data back within my SLAs, it's going to give you that confidence. And now when you start thinking about where organizations are with investing in AI, for example, that's the ultimate honeypot for cyber criminals. They want to go after and try to corrupt your data, make it hallucinate, and do all sorts of things. And look, leadership understands that. And yes, they want to move forward, but if there's any question in their mind that they're going to be vulnerable, probably they're going to really tread slowly there. But if you now have the confidence that, look, we can get our data back, we've seen it in our own environment, well, it's going to give you the confidence to move forward more quickly on those initiatives. So it has really a compounding effect. One is I can sleep better at night because, look, it's just a matter of time before we get breached, but we've tested it, we see it works. And then two, we can actually start innovating and not be fearful of what might happen if our AI gets breached, for example.
Rob Strechay
>> Yeah, I totally agree with the fact that AI and the fact that it's basically about data is such a vector for cyber criminals and people who want things to go bump in the middle of the night kind of thing. So really it's crazy how important it is to have this stuff and have that mindset as well. Can you explain how PowerProtect solutions really offer customers more choice in Azure?
Colm Keegan
>> Yeah, absolutely. So as you know, we've been offering PowerProtect Data Domain for many years, and our customers have been using it on-premises. And we've also made that available as a software-defined offering in the marketplace in all the marketplaces, but also in Azure. And many of our customers deploy it today. And so they're able to protect and secure their data, get data immutability, and so it gives them that consistent experience. But we also now offer software as a service and PowerProtect Backup Services. So one of the things we're going to be talking about at Ignite this week is that that's now available as a solution you deploy directly from the Azure Marketplace, using Microsoft Azure consumption credits. So if you've got a contract with Azure and you want to draw down on that, and you're looking for a solution that basically can protect any workload anywhere it resides, as well as SaaS apps for example, then you can use that. In fact, many of our customers use both because they may have had our Data Domain solutions on-prem for a long time, they want to continue using them in Azure. But they need a solution for protecting Microsoft 365 or Salesforce, so they can use both. But the idea is we want to give our customers choice depending on where they're at, because in some instances they may decide, "Well, our backup solution is getting a little old in the tooth, but we really don't like the idea of having to deploy and manage our own infrastructure." So something like PowerProtect Backup services could be very attractive because now they can just consume data protection as a service, get all those capabilities, as well as cyber resiliency too, because you can deploy a vault within that framework as well.
Rob Strechay
>> Yeah, that makes total sense to me. Consume as you need and buy it how you can. And especially being in the Azure Marketplace and being able to burn down those credits becomes extremely helpful to people who are trying to figure out and rationalize their entire funding models for this. But you guys also have your Secure, Detect, and Recover framework. What is so unique about that in addressing cyber resiliency?
Colm Keegan
>> Well, so one is very comprehensive. Kind of touched upon it earlier, is that it starts at a silicon layer. So even before something hits your data center environment, there's all sorts of capabilities that Dell's baking into the silicon to make sure nothing's been tampered with. So that if your system powers up and it detects that something has changed on the motherboard, for example, it's not going to power up because it doesn't want to affect everything else on your network. And then it extends to things like data mutability. You want to make sure that your data can't be encrypted, can't be deleted, can't be overwritten. And so we have those capabilities really across all of our power offerings from PowerStore, PowerProtect. You can get that data mutability so that your data won't be compromised. And then extends to things like Managed Detection and Response. So look, as you know, Rob, cybersecurity skill sets are in short supply. Wouldn't it be nice if you could rely on a deep bench of cybersecurity professionals in Dell to help you from a managed detection and response perspective? So that way indicators of attack, indicators of compromise can be detected and we can act on your behalf. And then it extends into things like recovery, so a Cyber Recovery vault. So that, like we've been talking about, when all else fails, and unfortunately that's a reality, you have the confidence that you can get your data back because it's isolated, it's off the attack surface. And then you also have forensic intelligence working on that data. And this is a really key part because you can deploy a digital vault, but if you have to roll back copies of data to find a clean copy, that's clock time. And so now your recovery time objective is out the window. So we have forensic intelligence on there that actually will pinpoint those copies that are clean that you can restore in a clean room before you actually push it out to your recovery environment. And so really that whole Secure, Detect, and Recover encompasses really full end-to-end capabilities.
Rob Strechay
>> Yeah, understanding RTO and RPO, definitely two things that people have to figure out. And finding that RPO is really important. Like you said, being able to make sure it's clean and you can bring it back. So as we go into this week and everything's going on with Microsoft Ignite, what is one key message you want organizations to take away from this discussion?
Colm Keegan
>> So the key one, and again, this is out of the research, is that it's important for organizations to shift from a prevention mindset to a resiliency recovery mindset. In other words, continue to do what you're doing with all your prevention in your environment. But if you're underweight in recovery, you really need to focus on that. And then secondly, build a culture of continuous testing. And that can be hard because testing takes time, but now there's ways you can do it where you can build more automation into it so it's less labor intensive. And when you work with partners like Dell and Microsoft, for example, we can help ease that transition. Again, bring skill sets to bear so that way we can backfill maybe where you have gaps. But I would say shift from prevention to a recovery mindset and then just test, test, test. Test as frequently as you can, at least once a month. And in so doing, you can continue to optimize. Because again, the cyber criminals are constantly changing their tactics. You want to try to stay in front of that as much as you can.
Rob Strechay
>> Yeah, I totally agree with that. I think, again, an ounce of prevention is definitely worth a pound of the recovery, to put it mildly.
Colm Keegan
>> Yeah.
Rob Strechay
>> But you got to test the recovery. I think to your point earlier, it's not if, it's when. Really strong stuff. Thanks for coming on board, Colm. really great to have you here.
Colm Keegan
>> Thanks, Rob. Great to be here.
Rob Strechay
>> And thank you all for watching theCUBE, the leader in tech analysis and news. Stay tuned.
Rob Strechay