With collaborative cybersecurity the talk of the industry in recent months, what are some real-world developments on this front in Asia Pacific?

According to a recent IDC study commissioned by Commvault, 61% of respondents believed that data loss within the next 12 months due to increasingly sophisticated access is “likely” to “very likely.”

Various research has shown that data is everywhere and harder to protect than ever before:

    • 89% of companies are multi-cloud, according to Flexera’s State of the Cloud Report 2023
    • Gartner’s 12 Data and Analytics Trends to Keep on Your Radar reported that 50% of enterprise-critical data will be outside a company’s cloud
    • 60% of companies lack complete visibility into where data resides, according to the 5th Annual Nutanix Enterprise Cloud Index

Organizations face unprecedented volume and sophistication in cyberthreats and share major concerns about what bad actors can do in terms of business disruption and brand reputations. To address the escalating risks, Commvault believes collaboration is key.

As the company adds more collaborative partners in security and AI to its list, CybersecAsia checks in with Martin Creighan, Vice President, Asia Pacific, Commvault, to find out more about some real-world developments on the collaborative cybersecurity front.

With collaborative cybersecurity the talk of the industry in the Asia Pacific region recently, what are some real-world developments you think will positively impact cyber-resilience among organizations in the region? 

Martin Creighan (MC): In today’s era of escalating attacks, the industry’s collective goal is to elevate cyber resilience. There’s not a day that passes that we do not want to outdo ourselves and transcend boundaries to protect the digital world.

At Commvault, we are shifting from data protection to truly lead the charge in cyber resilience. By actively conversing with our customers across APAC and beyond, we saw a common sentiment across all enterprises, irrespective of the sector they are operating in, that they want to be released from the trap of hybrid chaos and complexity.

As evidenced in a recent IDC-Commvault study, most enterprises expected imminent attack with 61% of respondents believing the data loss in the next 12 months is likely to occur due to a cyber-attack. This dire situation demands a radical approach towards cyber resilience. This is what motivated us to join forces with fellow industry leaders and build a partner ecosystem that truly moves the needle in cyber resilience.

Earlier this year, we announced integrations with CyberArk, Microsoft Sentinel, and Palo Alto Networks. Today, the full expansive set of security and AI partners that are choosing to integrate with Commvault Cloud include Databricks, Entrust, Netskope, and we foresee this list growing quickly in the months to come. 

Martin Creighan, Vice President, Asia Pacific, Commvault

Together with our industry partners, we aim to empower our joint customers with more ways to rapidly detect, protect, and respond to potential threats and attacks while also improving data visibility and governance. In doing so, we are not only meeting customers’ needs at this critical moment, but we are collectively and jointly bringing faster, smarter, and more connected security insights to organizations around the world.  

Looking ahead, I see concerted efforts around cybersecurity education and training, certifications, and building more robust information and threat intelligence sharing across APAC organizations. Public and private sectors are also increasingly working together to combat cyber threats – the work spans best practices sharing, collaborating to review existing cybersecurity policies regulations, and modernizing them to meet the present-day needs.

Other real-world developments that positively impact cyber-resilience among organizations in the region include a heightened focus on innovation especially around cloud security, zero-trust architecture, incident response and recovery planning, a more proactive approach to threat hunting and recovery planning also made possible by AI and machine learning.   

How can board and C-suite executives be more informed and involved to better align corporate strategies for cyber-resilience? 

MC: Today’s modern hybrid enterprises will agree that cyberattack may be the biggest existential threat we face today. Sophisticated cyberattacks do not only threaten organizations with huge financial losses, but also bring about reputational damage that could have lasting impact on their customers’ trust and relationship.   

Despite the serious consequences of cyberattacks, there were worrying findings from IDC-Commvault’s recent study about organizational best practices in cyber preparedness. A survey of 500 security and IT operations leaders revealed that despite the awareness of imminent cyberattacks and possible data loss, there is a lack of executive engagement in organizations’ cyber preparedness initiatives.  

The research further revealed that in many cases, senior executives/line-of-business leaders are minimally engaged in their company’s cyber preparedness initiatives — only one-third (33%) of CEOs or managing directors and less than a quarter (21%) of other senior leaders are heavily involved. According to the research, the majority (52%) of senior leaders have no involvement in their company’s cyber cases. This data is alarming, to say the least, and needs a complete mindset shift across the board. 

Beyond merely reacting to cyber threats, the C-suite must ensure teams are prioritizing proactive defense, real-time threat intelligence, and robust risk management. That is the only way to achieve genuine cyber resilience. Needless to say, that both the board and C-suite executives play a critical role in ensuring that an organization’s corporate strategies are aligned with cyber resilience norms which in the case of Asia Pacific, varies a lot due to different levels of resources and varied stages in technology adoption across territories.  

To better equip today’s digital businesses, we are building on Commvault’s heritage in engineering excellence and now redefining data protection to a more encompassing enterprise-grade cyber resilience. With our new Commvault Cloud platform, we will be delivering the best-in-class cyber resilience that leverages the best technologies and expertise of our AI, cloud and security counterparts.  

As we chart the future of cyber resilience, there is a need for more concerted industry-wide initiatives to fight cyber-attacks. For instance, Commvault has recently launched a Cyber Resilience Council, aimed at advising our customers on emerging security trends and cyber threats as well as highlighting best-practices in cyber resilience.

To effectively challenge today’s threat asymmetry, enterprises need to create strategies that increase the operational risks and costs for attackers and minimize the fallout for victims, while also scaling and keeping pace with an attacker’s adaptations. 

To this end, the board and C-suite need to have a more intimate, connected relationship across a range of areas including but not limited to talent; cybersecurity culture; budgets; regular interactions that keep all key stakeholders aligned on the organization’s cybersecurity posture including adherence to regulatory compliance; common approaches to risk assessment, incident response and management; and more. This will not only fortify the organization from inside-out to fight threats of tomorrow but also help them overcome IT Chaos and ultimately become cyber resilient.