Skip to content
Cyber Resilience & Data Security

ResOps: The Next Era of Recovery Intelligence

Why resilience operations – not traditional ITOps – will help define how modern enterprises survive cyber disruption.

Darren Thomson, Vice President and Chief Technology Officer, EMEA, Commvault

For decades, IT operations focused on uptime:

  • Keep the infrastructure running.
  • Hit your recovery time objective (RTO).
  • Meet your recovery point objective (RPO).

But modern cyber threats don’t respect infrastructure boundaries – and recovery isn’t just about restoring systems anymore. It’s about restoring clean, trusted data – across teams, under pressure.

In this episode of STRIVE, I sat down with Stephen Foskett, founder and president of the Futurum Group’s Tech Field Day, to discuss an emerging discipline: resilience operations – or ResOps.

And it’s more than a buzzword. It’s a shift in how organizations think about recovery intelligence.

Watch the full episode.

Key Takeaways: What ResOps Changes

  • ResOps moves recovery from infrastructure-focused to business-focused. It’s not just about bringing systems back online – it’s about restoring trusted, usable data.
  • Traditional RTO and RPO metrics aren’t enough anymore. Mean Time to Clean Recovery (MTCR) is emerging as a more meaningful way to measure resilience.
  • Breaking down silos is foundational to cyber readiness. Security, infrastructure, and DevOps must operate in sync – not in parallel.
  • Resilience is an operational discipline, not a tool. Culture, communication, and coordination matter as much as technology.
  • Recovery intelligence is becoming a competitive differentiator. Organizations that recover cleanly and quickly protect revenue, reputation, and trust. 

From IT Ops to ResOps: What’s Changed?

Stephen reflects on an earlier era of IT where teams often supported systems without fully understanding the business applications they powered. Recovery meant restoring infrastructure. Today, that model falls short. Modern environments are:

  • Distributed
  • Cloud-based
  • DevOps-driven
  • Security-sensitive
  • Deeply integrated with revenue streams

ResOps acknowledges that recovery is no longer an isolated IT function. It’s a cross-functional discipline that helps connect infrastructure, software development, and security with real business outcomes.

Why Traditional Metrics Don’t Tell the Whole Story

RTO. RPO. These metrics have guided disaster recovery planning for years. But as Stephen explains, restoring quickly isn’t enough if the data you restore isn’t clean.

Enter a more meaningful metric: MTCR. It’s not just how fast you recover; it’s how fast you can recover to a verified, trusted state.

In a ransomware event, that difference matters enormously. Restoring compromised data can restart an attack cycle. ResOps focuses on restoring operational integrity – not just functionality.

Sneak Peek: Why Clean Recovery Matters

In this moment from STRIVE, Stephen explains why traditional recovery metrics miss the mark – and why recovery is a cross-functional discipline.

The Real Barrier: Organizational Silos

Technology isn’t usually the biggest blocker to resilience. Structure is. Security teams often report to one executive. Infrastructure teams to another. Application teams to yet another. Each with different priorities, different incentives, and different definitions of success.

ResOps challenges that fragmentation.

Stephen discusses how collaborative workshops and cross-functional alignment are helping break down those silos. Because during a cyber event, organizational misalignment slows recovery more than tooling gaps ever will.

Why Commvault Is Leaning Into This Conversation

STRIVE isn’t about product features. It’s about how recovery thinking is evolving. ResOps aligns closely with what we see in the field:

  • Customers struggling with coordination during incidents.
  • Organizations restoring infrastructure but questioning data integrity.
  • Leadership asking for metrics that reflect real business impact.

The concept of MTCR reframes recovery intelligence around business trust – and that’s where the industry is heading. Recovery is no longer a back-office process. It’s an executive concern.

The Future of Recovery Intelligence

Looking ahead, ResOps is likely to mature rapidly. Over the next 12–18 months, organizations are expected to:

  • Integrate security and recovery workflows more tightly.
  • Adopt new recovery-focused metrics.
  • Operationalize resilience earlier in application lifecycles.
  • Invest in intelligence that distinguishes clean data from compromised data.

Cyber threats are accelerating. Recovery strategies must evolve at the same pace. ResOps helps provide a framework for doing that.

Watch the Full Episode

In this episode, we discuss:

  • How ResOps differs from traditional IT operations.
  • Why MTCR is helping to reshape recovery metrics.
  • What organizational alignment looks like in practice.
  • How DevOps culture influences resilience.
  • Where recovery intelligence is expected to head next.

Watch now.

If you’re responsible for cyber readiness, continuity, or recovery strategy, this is a must-watch discussion.

FAQs

Q: What is ResOps?

A: ResOps (Resilience Operations) is an emerging discipline that integrates IT operations, security, DevOps, and business stakeholders to help improve recovery intelligence and organizational resilience.

Q: How is ResOps different from traditional IT operations?

A: Traditional IT ops focuses primarily on infrastructure uptime. ResOps expands that focus to include clean data recovery, cross-functional coordination, and business alignment.

Q: What is Mean Time to Clean Recovery (MTCR)?

A: MTCR measures how quickly an organization can restore verified, clean data and resume safe operations after a cyber event – not just how quickly systems are brought back online.

Q: Why are metrics like RTO and RPO insufficient in modern environments?

A: They measure speed and data currency, but not data integrity. In ransomware scenarios, restoring compromised data can extend disruption.

Q: How can organizations start implementing ResOps?

A: Begin by:

    • Aligning security, infrastructure, and DevOps teams.
    • Evaluating recovery metrics beyond RTO/RPO.
    • Testing clean recovery processes.
    • Breaking down operational silos.
    • Incorporating resilience thinking earlier in system design.

Q: Why is recovery intelligence becoming more important?

A: As cyber threats grow more sophisticated, the ability to recover cleanly, quickly, and confidently directly impacts revenue, customer trust, and regulatory posture.

Darren Thomson is a Field CTO at Commvault.

More related posts

Thumbnail_Blog-Testing-Once-a-Year-2026

Testing Once a Year Is Not a Resilience Strategy

Read more
Thumbnail_Blog-IDC-Resops-2026

From Recovery to ResOps™: Building Enterprise Resilience That Scales

Read more
Readiverse-Featured-Image-888-x-500

Ready Is Good. Resilient Is Better.

Read more