Cyber Resiliency Summit Encore Presentation | Cyber Resiliency Summit Analyst Wrap

Clips
News
More from Cyber Resiliency Summit Encore Presentation

Christophe Bertrand

Principal Analyst

SiliconANGLE & theCUBE

Rob Strechay

Dir./Principal Analyst & Host

theCUBE Research

Cyber resilience redefined: theCUBE analysts on AI, security and the human factor

As organizations grapple with evolving cyber threats and advanced social engineering tactics, the convergence of data protection, cybersecurity and AI has become critical.The just-concluded Cyber Resiliency Summit shed light on the fundamental shifts in how businesses must approach security, resilience and risk management moving forward.“We’ve had such great guests on, both from industry and end users, that talked about things like supply chain, security built-in, being secure and building from security from the ground up,” said Rob Strechay (pictured, right), principal analyst at theCUBE Research. “I loved the themes that were going on throughout this entire event

play_circle_outline The Evolution of Cyber Resiliency: Data Protection, Backup, Recovery, and AI Strategies for Successful Collaboration

play_circle_outline Need for a layered approach to security, data protection, and compliance in cyber resilience.

play_circle_outline Role of CISOs at the board level in addressing cyber resilience as a business issue.

Info
Transcript

Cyber Resiliency Summit Analyst Wrap

Christophe Bertrand

Principal Analyst SiliconANGLE & theCUBE

Rob Strechay

Dir./Principal Analyst & Host theCUBE Research

HOST

During the Analyst Wrap for the Cyber Resiliency Summit, theCUBE Research’s Christophe Bertrand and Rob Strechay unpack the evolving landscape of cyber resilience. They emphasize the shift from traditional disaster recovery and data protection methods toward a holistic, layered approach.
Collaboration across teams and technologies emerges as a crucial factor, alongside addressing human vulnerabilities such as social engineering and phishing.

Find out more about theCUBE's coverage of the Cyber Resiliency Summit https://www.thecube.net/events/thecub... Read more

explore Keep Exploring

What are some key points about cyber resiliency that were discussed by various speakers? add

What is the process of combining signals from a storage array with those from a SIM in order to understand and track cyber incidents back to their source in a security operation center? add

What is cyber resilience and why is it considered a board-level issue rather than just an IT issue? add

bolt Powered by CUBE AI

Cyber Resiliency Summit Analyst Wrap

search

Christophe Bertrand

>> Welcome back to the Cyber Resiliency Summit. My name is Christophe Bertrand, principal analyst at theCUBE Research. I am joined today by Rob Strechay, managing director at theCUBE Research. Rob, great to have you here for this sort of wrap-up segment. I mean, it's been a great summit. What are your thoughts?

Rob Strechay

>> I thought it was great as well. I'm very excited because I think they hit upon a lot of themes. We've had such great guests on, both from industry and from end users, that really talked about things like supply chain, security built in, being secure and building from security from the ground up, and really looking across their entire ecosystem and not just taking for granted what is already there is secure and going back and really understanding the history of things and your backups and such. I loved the whole themes that were going on throughout this entire thing about really, it's not just about making copies, but it was about, hey, how do you really approach cyber resilience in its totality, not just in point products? And I thought that was the great part of this.

Christophe Bertrand

>> Yeah. I mean, really, when we started this process, I think the question was, is there such a thing as cyber resiliency? Is it a category? Analysts, we like to talk about categories. Or is this just marketecture or marketing stuff? But the reality is I think a lot of vendors now recognize that it is real. Cyber resiliency is more than a theme. It seems to be the evolution of traditional disaster recovery and data protection. It has some of those same components, but it adds so much more, as you indicated. For me, the big takeaway is over and over the fact that we heard about the workflows being different, the fact that, yes, preparation as well as the ability to test was critical. And then really, if you think about the various speakers we had, we got so many perspectives. We got a 360 on the topic from the fact that, well, if it's a matter of when, it's going to be likely some sort of potentially social engineering that's going to make you make a mistake as an IT professional and let the bad people in, to the fact that there are some great technologies and techniques now to keep testing and go discover the problems in your backups, for example, improve your ability to recover, so many different themes. So here's my take. I'd love to get your perspective. You've been in the business for many years, as have I. I think we're literally facing the combination of a traditional data protection backup recovery market with some components of cyber security and that is just a totally new animal.

Rob Strechay

>> Yeah. I think they have to come together. I was talking recently with Paul Nashawaty about the AppDev aspects of cloud and AppDev and our predictions going into 2025. And when you start to look at kind of the shift left of security, it can't be just shift left or shift right or shift center if that is a shift. You really need it built in by design and it has to have continuity across, like you said, taking the human aspect out, which is really huge. And I was glad you talked about the human management aspect and what was phishing and, again, pretexting and things of that nature because the whole social engineering part, that's probably the scariest part to me because there's very little you can do with technology beyond AAA, and authentication, authorization, and tokens. Putting that to the side, I think to your point, a lot of the cyber part of this is how do you combine the signals that you get at your storage array, and we heard that from a couple of different folks on the sessions this week, with that of your SIM? And how do you take those signals and then understand how to track them back to where things have happened, start to isolate, start to take action? Because that is usually what had happened in the SOC, a security operation center. But SOCs and operation centers are more or less gone and it's these platform engineers that are left trying to figure out this with their security compadres to go and figure out how to make things resilient. And then when something does go bump in the night, how do you take action? Because I think that's the big piece of it because, like you said, all of these different components when you get into cloud and Kubernetes and serverless and data pipelines and AI and AI speeding up everything, not only the bad guys but the good guys, and in ways that you look at with the amount of data that's coming in now, that is really a target-rich environment.

Christophe Bertrand

>> Yes. Not only that, I think the other dimension to this is we have this combination of people, processes, and technologies that until recently did not really talk to each other that well. It's getting better. We heard about that. We heard about partner ecosystems, about APIs, about, to your point, being able to convey signals into the right teams or the right processes and constructs to make things work. At the end of the day, I think the framework provided by NIST, which is an area we'll research in the next few weeks so stay tuned on that, is definitely a good way to get things going, in my opinion. Certainly, there were slightly different opinions across the various experts we talked to, but there seems to be a general consensus. It's a starting point. I mean, again, it's not going to solve some of the other issues that we uncovered. It feels like we're really at the beginning of something very new. Because you brought up AI, not so much because AI is maybe an accelerant, but because there's this specter of compliance, you've got to deal with data and data management. So the combination of cyber and backup and recovery is happening, but really, I think fundamental data management is also at the heart of everything here. We heard about data resilience. Great topic, but the truth is you have to protect the infrastructure, for sure. You have to protect the data too. And you cannot go do any AI with any data that's not compliant and typically those compliance requirements will have a lot of cyber components to it and vice versa, so it's becoming a perfect storm. This sort of triangulation effort I think is making things difficult for end users. So do you think we're going to see maybe new roles emerging? I mean, clearly the CISOs, whatever we call them, CISOs, CISOs, CISOs, everybody has a slightly different acronym, chief security officers. But okay, the security execs, right? Do you think they're going to become kind of the new big boss?

Rob Strechay

>> I thought that a few years back when ransomware started hitting. Like you said, we've both been in this industry and selling product into this space. I've also been on the other side where I owned disaster recovery and all of the storage for a financial services company and I can tell you that it has to be a partnership. It's just too broad and I think that the CISO is going to have a seat at the table. I want to see every year desktop or tabletop types of scenarios are dealt with and everybody's brought in, and what happens when we get hit with ransomware and whatever our actions, and I think those still are not being done enough. And I think to a lot of the people who talked on the summit here, this is a board-level issue. Cyber resilience is absolutely not just an IT issue. It's not a CISO issue. It's not a CIO issue. It is a board-level issue and it could cost the company. I mean, if you think about where the data is stored, what data you have stored, it's your intellectual property. I mean, we were talking about this in the spectrum of AI where J.P. Morgan has zettabytes of data and a lot of it is proprietary customer PII and a lot of that type of stuff. And when you start to look at them and when they're using AI and training models internally for their AI to go and help their customers either be quicker, better, faster at their trades and execution, gain money, gain resource, you start to look at these types of things and those then become targets. And one of the comments was protect the protector because when you start to look at this, there's got to be a layered approach to this and I don't think any one person can understand all of the technologies and all of the methods for doing the protection. Some of it's going to be built in down at the disk level of the disk arrays and in the controllers and in the software and then some of it's going to be sidecars to that, that help really optimize that and index it and really secure it and back it up and move it. And then you've got the offline stuff as well. It's got to be an entire strategy. So I look at it as architects that can work across and work together across these different environments are going to be required because, especially with AI and these newfangled cloud-based or cloud-native applications that may live on-premise on a cloud operating system and the operating model on-premise or in a hyperscaler cloud or in a colocation facility, it's going to become more and more important to understand the full breadth from that hyperscaler, back to your colo, back to maybe even a database on a mainframe, how that operates and all of the different parts. Because to your point on regulation, just the EU AI Act of last year really has a whole critical, high, medium, and low threats from an AI perspective and what you really have to do, and a lot of that is going to impact developers and traditional IT and it's going to take both sides. It's why I kind of look at platform engineering seems to be the natural place for this to land longer term as a persona, but I'm interested to see how it changes because I think AI is going to change it over the course of 2025.

Christophe Bertrand

>> Right. I think it's interesting to talk about AI in this sort of two phases, right? There's AI as a tool, right? It makes things more automated, better, faster. It may help you better protect and recover from an attack, but it's also a tool that's used by the attackers, so I'm curious to see what happens in terms of is there going to be some sort of equilibrium there or are we going to see one side being smarter than the other and making better use of AI? And then there's the AI infrastructure that's being built. I think it's still early stages and people are struggling to see ROI in their implementations. We've heard that across the board, but certainly, we had some conversations on this topic where there are some areas that are easier to get ROI out of. And I don't want to get into a whole discussion around agents and processes and agentic AI and I think we'll leave that to another summit to some of our colleagues, but I do think that's going to become a primary, a new source of attack or potential for attackers. So okay, I'm looking at the negative aspects for sure, but the truth is, to your earlier point about the board being involved and this being a business issue, if it has value for the business, it has value for the attackers of the business. And I wonder what we're going to see in 2025 and beyond around the AI infrastructure, which is so complex, has so many moving parts, and it seems to be not that well protected. Luckily, we heard from a vendor on this topic who is thinking through this and I think we'll see a lot more around it. So I'm not going to send my predictions here back down to all of our viewers. I need to think about this a little bit more, but what I want to say is I think that's an angle that we will be talking a lot about here at theCUBE Research, AI, data protection, cyber resiliency. And building cyber resiliency from the beginning, whether it's as a vendor, you're picking a vendor that has it built in the array, if it's a storage system, or in the code that you develop and those best practices, a lot of people don't wake up in the morning thinking about cyber resiliency and they should. So, Rob, do you have any closing thoughts on this topic, on the summit? We have research we are going to be working on, so we'll come back and talk about that. We have predictions we're working on. What are your closing thoughts for our viewers?

Rob Strechay

>> Yeah. My closing thoughts were it's not just about the technology. It's about the human aspect of it and I thought that was really brought out through a lot of the different interviews that were going on, and the fact it's about how we use the tooling, how we use the infrastructure. And really, when you're going out and evaluating, this needs to be one of the top evaluation criteria as you go and look at that next set of kit that you're going to bring into your infrastructure, as you modernize. And I think to that approach, it's about having a strategy that looks at across all of the different technologies because there's just not one vendor that was on that can solve every single problem that is out there. And I think that shows you that it's just such a big wide open attack space that you really need to have a strategy, have an architecture, look across that, and know why you're implementing what, where, and when.

Christophe Bertrand

>> All of this is happening against a backdrop of serious skills shortages across the board, architecture, cyber, AI, you name it. So it's going to be interesting to see how service providers and software vendors can build some more automation, probably with AI, to make things easier to be able to catch up with all of these skills shortages. Rob, thank you so much for your time, for your perspective. There will be more conversations around cyber resiliency for sure. All of this content is available in cube.net on demand and we will very likely have a few more additions in the next few quarters of this summit because it's such a great topic and there's so much going on. Rob, thank you so much for joining us.

Rob Strechay

>> Thank you and thanks for having me on. Love it.

Christophe Bertrand

>> And to our viewers, this was a great summit. Thank you so much for joining us. Again, take a look at the content on demand as much as you want and as often as you can because it is an important topic and we will have more additions of the summit and this research coming up in the next few months. My name is Christophe Bertrand, principal analyst here at theCUBE Research. Thank you very much for your time.