Commvault continues to demonstrate a pattern of consistency and growth, its global expansion announcement of its Metallic portfolio Data Management as a Service (DMaaS) solutions, and its constant innovation to be an active partner in organizations’ fight against cyber threats.
Commvault knows all aspects of data management - backup and recovery, security and more. As we look to learn more about security and IT Ops, VMblog reached out to industry expert Indu Peddibhotla, Senior Director, Products and Strategy,
at Metallic.
VMblog: Are
security and IT Ops becoming increasingly interrelated?
Indu Peddibhotla: Absolutely.
These worlds are meshing together as security initiatives
become top of mind for all business units and lines of business. Take backup and
recovery for instance - which has traditionally been managed by IT Ops - but
has become an irreplaceable element of an organization's security posture -
representing their "last-line-of-defense" against ransomware and other
cyberattacks. Data protection solutions not only enable IT teams to quickly and
comprehensively recover their critical data, but they also significantly
minimize the disruption caused by a ransomware breach or malicious attack - a
primary challenge Security teams are focused on solving.
So, whether they like it or not, Security and IT Ops are increasingly
finding they need to collaborate in the development and implementation of their
organization's data security and protection strategies. Specifically, they need
to work hand in hand to determine where their organization's critical data
assets are located, and then jointly implement a strategy that can prevent
cyberattacks from reaching these assets, identify attacks when they breach
their defenses, and remediate any damage caused by an attack. Integrations
between IT Management and Security platforms such as SOAR (Security
Orchestration, Automation and Remediation) are also helping with this.
After developing and implementing a data security and
protection strategy, they then need to work together to test the strategy. One
way they can do this is by simulating various types of attacks, and then have
the Security and IT Ops teams practice how they would respond to these attacks
- a technique that, along with the simulation of other types of data disasters,
we at Commvault like to call "data recovery drills." Such drills enable Security
and IT Ops to ensure that everyone understands what their data security and
protection responsibilities are when there is a real-life attack. They also
allow the Security and IT Ops teams to ensure they have the necessary playbooks/runbooks
defined and appropriate processes, solutions, and personnel in place to defend
and recover from attacks.
VMblog: What challenges does this
convergence create for security and IT Ops teams?
Peddibhotla: One
challenge is the increased complexity of hybrid cloud and shadow IT
environments. With Security and IT traditionally having different charters -
defining clear roles and responsibilities between the teams, breaking down
organizational silos, and design collaboration between Data Owners, IT and
Security is key in implementing a successful data security strategy. Lack of
documented playbooks and runbooks severely inhibit an organization's ability to
mitigate and respond to attacks.
Another
challenge Security and IT Ops teams encounter is working with SaaS and cloud
service providers. Under the shared responsibility model, cloud service providers
are usually responsible for securing and protecting their services'
infrastructure and applications - but not the data that these services store
and use. Security and IT Ops teams need to ensure their data security and
protection strategy accounts for this by documenting how and in what ways they
are securing and protecting the data used by their cloud services.
VMblog: What common characteristics
do you see in organizations where security and IT Ops have collaborated to
implement a robust data security and protection strategy?
Peddibhotla: Almost
all the organizations I have seen in which Security and IT Ops have
collaborated to implement a strong data security and protection strategy have
executive leadership advocating for or sponsoring data integrity initiatives.
If the importance of maintaining the organization's data integrity does not
come from the top down, it can be difficult to create a culture that motivates the
Security and IT Ops teams to do the hard work required for them to collaborate
to minimize the threat posed by cyberattacks.
In
addition, organizations that seek to optimize their data and have implemented robust
data management capabilities usually have the strongest data security and
protection strategies. Data security and protection is not an area where
spending more necessarily gets you more. In fact, organizations that try to
just throw money at the issue often end up with redundant security and data
protection solutions, each of which requires different skills and processes. It
is critical for organizations to manage their data sprawl and have a good
understanding of their critical data assets which in turn helps them develop
the required policies to safeguard that data.
Another
common blueprint for success is an organization's ability to incorporate secure
design principles into the early planning stages of IT deployments. Security
and IT should collaborate and develop policies from inception of IT projects in
the context of the organization's overall security posture rather than as an
afterthought.
VMblog: What does the future hold for
the convergence of security and IT Ops?
Peddibhotla: One
thing we are increasingly seeing is Security and IT Ops teams working together
to develop an overall data security strategy for the organization. The rapid
proliferation of cloud technologies and the associated data sprawl is forcing
organizations to rethink their data policies and strategy. CISOs and Security
teams are increasingly becoming key influencers in traditional IT managed
solutions and are helping drive the convergence. Integrations between IT and
Security tools are driving automated runbooks to manage IT while monitoring and
responding to security incidents.
For
example, today, some data protection solutions use AI to detect data anomalies
on backups that might indicate a cyberattack. By identifying these attacks
early on, they can reduce and contain the damage by limiting their "blast
area." In the future, these solutions will likely continue to evolve by adding
early detection signals and warnings that help Security analysts identify
potential attacks in play.
As
organizations are grappling with the complex hybrid cloud environments and the
data protection and security challenges it presents, now more than ever,
Security and IT teams are coming together to formulate their data strategies. In
the battle against rising cyber threats, it is imperative for these teams to collaborate
closely, leverage tools and skills, and develop data management and protection
policies that help protect their most valuable asset - data.
##