Are AI copilots for storage the answer to AI-powered cyberthreats and data risks?
According to Pure Storage’s latest Innovation Race Study, 86% of surveyed IT leaders place the reduction of their organization’s risk profile as their top priority, with cyberthreats having the greatest impact (42%).
Meanwhile, AI is revolutionizing business, and not always for the better. Cybercriminals are increasingly using AI to increase the frequency and impact of cyber-attacks, especially with ransomware.
However, existing data and storage infrastructure generally lack flexibility to react to the rapid pace of change required to protect data, and rapidly recover if needed. How can AI help? What else should we do to modernize our data storage infrastructure to keep up with the risks?
CybersecAsia discussed these issues and more with Pratyush Khare, Area Vice President, Systems Engineering, Asia Pacific & Japan, Pure Storage:
Can AI copilots in storage enhance security assessments? How do they provide CISOs with visibility to benchmark their security posture?
Pratyush: The first AI copilot for storage that Pure Storage announced recently leverages data insights from tens of thousands of Pure Storage customers to guide storage teams through every step of investigating complex performance and management issues and staying ahead of security incidents. Integrated into Pure1, Pure Storage’s management layer, the AI copilot is built on an LLM (Large Language Model) and uses Generative AI capabilities to interpret the intent of the user’s prompt and format the response in a conversational, chat-like experience.
Pure Storage also announced at the same time a new security assessment for customers of our Storage-as-a-Service offering, Evergreen//One. The new assessment provides deep visibility into fleet-level security risks and offers actionable recommendations to maximize cyber resilience. Based on aggregated intelligence across 10,000+ environments, the Security Assessment presents numerical scores from 0 to 5 to benchmark the security posture of the entire storage fleet. It also delivers best practices to align with NIST 2.0 standards, advance regulatory compliance, remediate potential security anomalies, and rapidly restore operations if a security-related event occurs.
The new AI copilot leverages the security assessment to provide Chief Information Security Officers (CISOs) with visibility into benchmarking their security posture against other Pure Storage customers.
How does AI-powered anomaly detection mitigate the operational impact of cyberattacks and hasten data recovery/restore?
Pratyush: Anomaly detection is used to unearth threats such as ransomware, suspicious activities and denial-of-service attacks, by evaluating performance anomalies. With AI, anomaly detection gets equipped with an arsenal of capabilities, including machine learning models that analyze customer environments to detect risky patterns based on performance heuristics and context on how storage is used.
Beyond anomaly detection, AI can also provide incident response recommendations to help organizations recover from security attacks. They can highlight summaries of security issues, coupled with remediation actions, aiding security teams in understanding and addressing risks more effectively.
For instance, Pure Storage’s AI co-pilot leverages insights from numerous deployed systems to guide teams to streamline storage management tasks. By interacting with natural language queries, storage administrators and IT teams can quickly obtain detailed assessments, actionable recommendations, and benchmark rankings of security policies.
By employing AI copilots in storage, organizations can improve overall security operations, reduce the risk of potential threats and proactively stay ahead of emerging threats. Additionally, CISOs can gain deeper insights into their company’s security posture, and effectively identify and prioritize risks, allowing them to streamline remediation efforts across their storage infrastructure.
Does ‘as-a-service’ storage platforms sufficiently address current enterprise data and storage management needs as well as mitigate future risk and uncertainty? What are the real-world benefits?
Pratyush: ‘As-a-service’ storage platforms allow organizations to access the latest innovations in storage management technology, without incurring the technical overheads of managing the storage themselves.
Through subscriptions, organizations can avoid hefty capital expenditure (CAPEX) of buying new storage capacity when they are unable to determine with certainty how much storage they might need in the future. Even with growth projections, organizations may wind up tying down financial resources that will have a greater impact in other areas of the business.
Through SLAs with STaaS providers, organizations can treat storage as operating expenditure (OPEX) and ‘pay as they go’, as they scale their storage needs according to business needs. The STaaS model also allows organizations to simplify storage management, eliminate waste, enjoy greater reliability, and reduce operational risk.
In the real world, given ever-changing economic headwinds and growing uncertainty owing to a variety of factors such as geopolitical instability, market fluctuations and climate change, organizations will need to explore ways to mitigate operational risk and enhance their resilience.
The scalability and flexibility of STaaS models enable organizations to reserve financial resources for times of crisis, instead of having to tie them down to hefty fixed storage investments. Organizations looking to readjust existing reserve commitments according to evolving storage needs can do so through SLAs that provide more flexibility.
To combat the growing risk around increasingly sophisticated cyber-attacks, certain STaaS SLAs are also designed to increase the resilience of an organization’s critical storage infrastructure, through ongoing security and risk assessments aligned with international regulatory standards.
What should organizations in Asia Pacific bear in mind with regards to Storage-as-a-Service service-level agreements (SLAs), in order to further empower them with guaranteed outcomes and reduced risk from their critical infrastructure?
Pratyush: Storage-as-a-Service SLAs should encompass guarantees for energy efficiency, performance, availability, zero data loss, and capacity buffers. Commitments to avoid forklift upgrades or data migrations between hardware, along with ransomware recovery SLAs, are also critical considerations.
- Performance and uptime commitments: Downtime can significantly impact operations, so organizations need to enable provisions for compensation or remedies if uptime commitments are not met. An uptime guarantee sets clear availability expectations. Meanwhile, performance SLAs define measurable KPIs like minimum throughput (MB/s) and help ensure accountability and consistent service delivery.
- Protection guarantees: Organizations need to ensure that SLAs include protections against cybersecurity threats, with guaranteed recovery plans for incidents like ransomware, access to cleanroom environments, and compliance with security standards. It would be advisable to prioritize providers offering proactive threat assessment services with AI-powered anomaly detection to discover and mitigate unusual or malicious activities promptly.
- Support for AI: Guaranteed storage performance ensures that GPUs are consistently fed data, which helps with optimizing workflow efficiency. This is critical for maintaining high throughput and minimizing latency in AI-driven tasks.
