AI Resilience & ResOps: Next-Gen Cyber Recovery Strategy | Sanjay Mirchandani

Please view video here for a time-stamped transcript

Please welcome Sanjay Mirchandani.

Good morning.

I was going to say, ladies, gentlemen, and agents, but maybe too soon.

But good morning and welcome to Shift.

We’re bringing you, our customers, our partners, and our industry leaders together because
we’re in the most significant and consequential moment in our industry.

What we’re living through isn’t incremental.

It’s foundational.

It’s absolutely reshaping how enterprises create, operate, how data flows, and how
decisions are made.

Of course, I’m talking about AI, and its widespread adoption, if you would, throughout an
enterprise.

It’s also safe to say that it’s growing faster than any technology in history.

Just a few weeks ago, the Wall Street Journal reported that Big Tech

is pouring more than $400 billion into AI infrastructure spending this year.

And that’s going to drive trillions in expected economic value.

It’s no longer experimental.

It’s now core to our business.

And it’s introducing new challenges for you as CIOs, CISOs, and practitioners.

For starters, it’s a matter of scale.

Generative

and agentic AI are creating an unprecedented volume and variety of data that needs to be
protected and managed.

And given its power, AI can also introduce new threat vectors, new attack vectors, and
opportunities for bad actors to target and poison identities, supply chains, models.

They’re also using AI tools like we use in our own businesses to turn around and attack
us.

And with the rise of autonomous non-human identities and models, this introduces new and
evolving governance and observability requirements and is also increasing the need for

sovereignty, data sovereignty.

As a leader, you are on point and under some pressure.

Your CEO is demanding that you quickly embrace AI to give your businesses that edge.

But you often have to manage it with the legacy systems, the technical debt, and the
skills you have today.

And that’s compounded.

That’s compounded because your data is highly distributed and fragmented across clouds,
SaaS apps, data lakes, DevOps pipelines, endpoints, and more.

And then all of this, all of which could make your AI systems fragile and vulnerable and
put your business at risk because when the data is inconsistent, incomplete, or even

compromised, AI gets things wrong.

Dangerously wrong.

So the question we’re addressing today is, this.

How fast can you recover to keep pace in this high speed, high stakes environment where
both breaches and mistakes are inevitable?

At Commvault, we care deeply about this and believe that to scale your AI investment
effectively, you need a new approach to resilience.

Two years ago, we elevated data protection to a more strategic posture with cyber
resilience as an operational state where IT and security could confront pervasive threats

and emerge stronger.

It’s rapidly become the standard of our industry.

And today, we’re going to raise the bar again with AI resilience.

This is the defining challenge in the age of AI.

It’s not enough to just secure the infrastructure.

With AI, we now have thousands of intelligent and autonomous agents making decisions, and
mistakes, with little to no human oversight.

Which is why AI resilience requires us to broaden our operational focus to continuously
secure our data at source and monitor for any anomalies.

To control the identities of the individuals and the devices that access and use that data
autonomously.

And three, predictably recover data at massive scale without corruption.

To achieve AI resilience, you must bring security, identity, and recovery together.

Your organization is counting on you

to deliver resilience in the age of AI.

However, while effective in many instances, traditional approaches and processes around
resilience are no longer enough.

They can’t keep pace with the speed and the scale of AI-driven systems.

And this is further complicated because the teams responsible for resilience, like SecOps,
data security, and recovery, often have their own tools,

policies, and requirements.

To combat this, many of the CIOs and CISOs that I speak with are exploring progressive
approaches to unifying, to bring this together, these critical resilience activities.

And there’s one last factor to consider.

Manual, error-prone processes around your data securing identity are quickly evolving to
agentic AI, which makes sense.

However, if you’re unable to keep pace,

with agentic AI, your business is potentially at even greater risk.

Which is why we’ve re-envisioned resilience for the age of AI.

We’ve been calling this new operational approach ResOps or Resilience Operations.

It’s not a tool or a point solution.

ResOps is the next generating operating model that transforms resilience into an active
discipline.

And enables you to manage resilience across increasingly complex and emerging AI
environments.

We’re going to redefine the category by enabling this.

At Commvault, we see ResOps as a continuous automated loop that reinforces your resilience
across data security, identity, and recovery.

The first steps are all about understanding your data.

its sensitivity, and who is accessing it.

This includes real-time sort of access policy enforcement.

For example, LLM prompt protection to govern how AI data is accessed in real time.

Next up is the continuous detection.

This is where you automatically scan.

You scan for and detect potential issues, anomalies, cyber threats to minimize the impact
of compromised identity systems

and damaged data.

Then with automation at its core, a strong ResOps practice will enable you to confidently
and intelligently recover your critical data, reestablish access to key systems, and

restore your business.

So this includes quickly recovering to a convolved cleanroom or an isolated environment
for testing and forensics, or even better, moving clean, trusted data back into

production.

So ResOps processes restore your business and keep your data reliable, governed, and
trustworthy.

In essence, resilience now runs the business.

Which brings us to what we’re here to talk about today.

As you know, Commvault has always been obsessed with solving our customers’ most
significant resilience challenges with elegant innovative solutions.

We’ve been working on this challenge for years

and are again upping the ante to give you what you need to embrace ResOps; to compete and
win in an AI-driven world.

Let’s think about this.

I’m pleased to announce Unity, the latest release of Commvault Cloud.

This is.

This is the most significant release in our history.

Unity’s cloud-native platform is built from the ground up to give you the scale, the
performance, and the data security you need.

We debated the name and we called it Unity because it unifies resilience across security,
identity, and recovery.

It unifies resilience across all workloads.

From today’s production workloads to tomorrow’s emerging AI workloads.

And it unifies resilience across data wherever it lives.

Clouds, regions, data centers, edge locations.

This is a generational leap to re-architect resilience for the modern enterprise.

Now, let me share some highlights I’m particularly excited about.

Commvault Cloud

is a unified platform with deep, deep automation to manage resilience across your on-prem
environments, as well as your cloud-borne, cloud-bound, and emerging AI workloads.

And we’ve also re-engineered Hyperscale X, our platform that docks natively into Unity and
seamlessly connects your on-prem systems to our state-of-the-art Metallic AI control

plane.

So no more silos and no more…

fragmentation.

Just one experience, one policy engine, one unified pane of glass to predict the threats
and accelerate clean recoveries regardless of where your data lives.

It’s simplicity at scale, which is fundamental, essential for ResOps.

And we can’t talk about resilience without answering what I call the billion dollar
question.

How do you know

if you are recovering the cleanest, safest data with minimal loss?

Minimal loss.

It starts with identity resilience.

According to our friends at CrowdStrike, approximately 80 % of breaches involve some kind
of compromised identity.

So Unity’s groundbreaking new identity resilience, the capabilities enable you to easily
track

any unauthorized or accidental changes to your identity systems like Active Directory,
EntraID.

And if necessary, just roll it all back with one click.

It’s enterprise-grade resilience for your identity systems.

Next, we continue to innovate around our legendary recovery capabilities.

Until now, you had to make an uncomfortable choice between

the cleanest recovery, which may not include your most recent data, or the most recent
recovery, which may include corrupted data.

So in the event of a cyber attack now, you no longer have to make that choice because we
now give you enhanced threat scan and detection capabilities to analyze your backups and

identify potential threats to confidently restore clean data.

And the one that, and we’ve also solved a really, really hard science recovery problem.

Our new AI-enabled Synthetic Recovery capability uses malware and encryption detection to
automatically curate a composite of the most recent and cleanest backups to isolate the

compromise and surgically recover your data with the least data loss.

So there’s no more guessing and there’s no more manual recoveries needed.

Additionally, by integrating Satori Cyber’s preventive recovery capabilities, Unity will
now show you who’s accessing the environment and how the data flows through the business.

This is really important and critical for AI governance and security.

So it also proactively protects AI data by intercepting, inspecting, and enforcing
policies in line,

before sensitive data reaches an LLM or the model actually responds.

And we also dramatically enhanced our Cleanroom Recovery capabilities to test, analyze,
and validate recoveries before returning data and workloads into production.

This includes the most requested feature, runbook automation, to accelerate your recovery
scenarios.

And I’m proud to say we think we’ve answered the billion dollar question.

So today you don’t have to, you no longer have to choose with Unity.

You get cleanest, fastest and most complete recovery, no compromises.

Together these with a multitude of other enhancements truly accelerate recovery timelines
with clean and safe data.

Which brings me to yet another groundbreaking advancement.

Unity uses AI

everywhere.

You see, we believe a single policy engine to manage your identity, your security, and
your recovery is the secret sauce for resilience, which is why we’ve re-architected

Commvault Cloud for the future.

Built on our Metallic AI engine, Unity not only protects AI workloads at scale, but
transforms the user experience.

For decades, you’ve been forced to use complex UIs and manual steps to navigate

your operations on recovery and then to hunt for insights.

With Unity and our ResOps model, that era is over.

So in full disclosure, they don’t usually, they as in the company, doesn’t usually let me
anywhere near the technology.

The laptop’s as far as I’m allowed to go.

But given our new AI capabilities, they’ve taken the risk on letting me actually do a demo
myself.

So this better work.

A moment ago I said, we use AI everywhere.

And I mean it, everywhere.

And it’s all in our new Metallic AI engine UI.

So I’m gonna show you this.

This is our new, all new AI-powered UI.

Okay?

This happens to be our new Threat Scan dashboard.

It gives users a view into the most critical tasks across their estate.

As we navigate through Unity, the AI capabilities come with you.

For instance, two common questions that customers ask.

How do I know I’m not missing anything?

And, how can I see the data and the resources I’m not protecting, but should be?

You’ll see it right there.

Here with advanced discovery capabilities to find the data and resources across your
estate.

And then rather than doing it manually, our AI capabilities help you determine what to do
with it.

Only our platform can do this.

We find the unprotected resources and we recommend and then enforce the right policies
with a single click.

This used to be an intensive manual process and it’s now intelligent

and automated.

Let’s look at another example.

As you know, delivering true resilience requires a sophisticated approach and
understanding your readiness is paramount.

So how do you sift through what really matters most?

There’s a lot there.

With Unity, it’s easy.

I like to call it AI-easy.

Okay, here’s a rich set of ResOps data like the jobs that I’ve run,

the critical issues, replications, scheduled tasks, and more.

Very typical.

It’s the heartbeat of your resilience operations on one page and in one pane of glass,
cloud native, on-prem, whatever your flavor.

It’s a lot.

But our AI capabilities help you quickly make sense of what’s going on and determine what
needs attention and most importantly recommends what actions you should take.

So with resilience,

every minute counts.

So Unity empowers you to quickly understand and act.

It’s pretty impressive, I thought.

What do you think?

So lot of feedback was, we’ve got to update the UI.

So we spent years and millions of dollars upgrading the UI, only to be asked, hey, do you
have a Gen interface?

Gen AI interface?

So then we had to go back and start looking at that.

You can never please everybody.

So a couple of weeks ago, we introduced conversational resilience with the first MCP
server in our space.

In short, Commvault is unlocking the agentic future of cyber resilience all without
logging

into our interface.

So in other words, we enable you to harness the power of Commvault with a simple
conversation.

You want to see it?

All right, let’s see it.

Let’s have a look.

You all know Claude from our friends at Anthropic?

OK.

Rather than hopping from app dashboard to dashboard, what if you simply talked to your
most critical systems?

With Commvault Cloud, you will.

Just ask, Claude, what are my latest Commvault activities?

All right and look at this report of everything you need to know without even logging into
the Commvault Cloud UI.

Folks right there.

Agentic interactions will revolutionize your enterprise user experience.

And Unity’s intelligent automation gives you the speed, the accuracy, and the scale you
need in the AI-first era.

So let’s take this demo a little further, because this agentic system-to-system automated
experience is where our power lies.

Here’s how you can leverage agentic interactions to light up ResOps, to connect SecOps,
incident response, and cyber recovery

operations, which is very typical when you have something that goes wrong.

Imagine this.

A CrowdStrike alert is shared with Commvault Cloud.

This is nothing new.

Commvault and CrowdStrike are constantly exchanging intelligence.

Commvault Cloud then takes context shared by CrowdStrike and recommends a forensics
investigation.

So Commvault Cloud automatically sends a notification through Slack to the ResOps team,

including all the relevant information from CrowdStrike to Commvault.

In this case, there’s a potential compromise of Active Directory and some virtual
machines.

Unity then recommends we run an isolated Cleanroom Recovery so the forensics team can
analyze it further.

Let’s approve this isolated Cleanroom Recovery for our forensics through Slack.

And based on our incident response process, Commvault Cloud will automatically open a
ticket in ServiceNow to track the progress across the various teams.

At the same time, Commvault will provision an isolated cleanroom

and start recovering the Active Directory domain controllers and the compromised data for
the Forensics team.

By the way, the only thing the user is doing is chatting through Slack with these
predefined powerful ResOps tasks which are completely automated.

I think this is speed, this is power, and this is true resilience.

Now let’s take a quick look behind the scenes.

Commvault took the information about the potential compromise from CrowdStrike.

It’s grabbing the Active Directory structure and questionable data from an immutable
AirGap copy in the cloud-hosted by AirGap Protect.

And then it’s recovering it to a safe, isolated environment in AWS for the forensic team.

And when it’s done, good hygiene, it updates ServiceNow, the ticket, and…

You hear that?

That’s Slack notifying the forensics team.

Okay?

And let’s click on the notification.

And so we click on it, here’s ServiceNow update in Slack telling the team that they’re
ready to take action.

The isolated environment has been set up, the systems in question have been replicated,
and they can get going.

The forensic analyst that grabs the ticket can simply click, go to the cleanroom, and
boom, it takes them to AWS and they’re off to the races.

Folks, that’s just a glimpse, a glimpse, a teaser into the future of resilience with
ResOps.

Powerful actions from trusted, powerful systems like Commvault, CrowdStrike, ServiceNow,
and AWS through a simple

conversational interface like Slack.

Okay, it’s speed, simplicity, and power.

Feel free to appreciate it.

There was a lot there, I give you that there was a lot going on, but that’s typical.

That’s typical when you find something that’s that’s that looks suspicious.

You got multiple teams, multiple tools, multiple processes, multiple handoffs, and we
brought it all together in a conversational interface with powerful workflows behind the

scenes.

So as you can tell.

As you can tell, I’m pretty excited about this.

I’m excited about Commvault Cloud Unity I’m excited what it could do for you.

And Rajiv and Pranay who are back there, who are the real technology experts,

will show you what the all new Unity platform can do for you.

They’ll take you right into the depths of it.

But let me leave you with this.

While others may baselessly claim to do aspects of this, only Commvault has the vision,
the innovation and the experience at scale to make you ready and resilient in the era of

AI.

At our very core, Thank you.

At our very core, I’m super proud of the fact that we’re an engineering company that
really tirelessly innovates to solve the hardest problems.

And hopefully that’s where we shine, okay?

And with that, I’d like to say thank you to all of you for joining us here at Shift and
talk to you soon.

Thank you.