Commvault continues to demonstrate a pattern of consistency and growth, its global expansion announcement of its Metallic portfolio Data Management as a Service (DMaaS) solutions, and its constant innovation to be an active partner in organizations’ fight against cyber threats.  
 
Commvault knows all aspects of data management - backup and recovery, security and more.  As we look to learn more about security and IT Ops, VMblog reached out to industry expert Indu Peddibhotla, Senior Director, Products and Strategy, at Metallic.
 
VMblog:  Are security and IT Ops becoming increasingly interrelated?

These worlds are meshing together as security initiatives become top of mind for all business units and lines of business. Take backup and recovery for instance - which has traditionally been managed by IT Ops - but has become an irreplaceable element of an organization's security posture - representing their "last-line-of-defense" against ransomware and other cyberattacks. Data protection solutions not only enable IT teams to quickly and comprehensively recover their critical data, but they also significantly minimize the disruption caused by a ransomware breach or malicious attack - a primary challenge Security teams are focused on solving.

So, whether they like it or not, Security and IT Ops are increasingly finding they need to collaborate in the development and implementation of their organization's data security and protection strategies. Specifically, they need to work hand in hand to determine where their organization's critical data assets are located, and then jointly implement a strategy that can prevent cyberattacks from reaching these assets, identify attacks when they breach their defenses, and remediate any damage caused by an attack. Integrations between IT Management and Security platforms such as SOAR (Security Orchestration, Automation and Remediation) are also helping with this.

After developing and implementing a data security and protection strategy, they then need to work together to test the strategy. One way they can do this is by simulating various types of attacks, and then have the Security and IT Ops teams practice how they would respond to these attacks - a technique that, along with the simulation of other types of data disasters, we at Commvault like to call "data recovery drills." Such drills enable Security and IT Ops to ensure that everyone understands what their data security and protection responsibilities are when there is a real-life attack. They also allow the Security and IT Ops teams to ensure they have the necessary playbooks/runbooks defined and appropriate processes, solutions, and personnel in place to defend and recover from attacks.

VMblog:  What challenges does this convergence create for security and IT Ops teams?

Peddibhotla:  One challenge is the increased complexity of hybrid cloud and shadow IT environments. With Security and IT traditionally having different charters - defining clear roles and responsibilities between the teams, breaking down organizational silos, and design collaboration between Data Owners, IT and Security is key in implementing a successful data security strategy. Lack of documented playbooks and runbooks severely inhibit an organization's ability to mitigate and respond to attacks.

Another challenge Security and IT Ops teams encounter is working with SaaS and cloud service providers. Under the shared responsibility model, cloud service providers are usually responsible for securing and protecting their services' infrastructure and applications - but not the data that these services store and use. Security and IT Ops teams need to ensure their data security and protection strategy accounts for this by documenting how and in what ways they are securing and protecting the data used by their cloud services.

VMblog:  What common characteristics do you see in organizations where security and IT Ops have collaborated to implement a robust data security and protection strategy?

Peddibhotla:  Almost all the organizations I have seen in which Security and IT Ops have collaborated to implement a strong data security and protection strategy have executive leadership advocating for or sponsoring data integrity initiatives. If the importance of maintaining the organization's data integrity does not come from the top down, it can be difficult to create a culture that motivates the Security and IT Ops teams to do the hard work required for them to collaborate to minimize the threat posed by cyberattacks.

In addition, organizations that seek to optimize their data and have implemented robust data management capabilities usually have the strongest data security and protection strategies. Data security and protection is not an area where spending more necessarily gets you more. In fact, organizations that try to just throw money at the issue often end up with redundant security and data protection solutions, each of which requires different skills and processes. It is critical for organizations to manage their data sprawl and have a good understanding of their critical data assets which in turn helps them develop the required policies to safeguard that data.

Another common blueprint for success is an organization's ability to incorporate secure design principles into the early planning stages of IT deployments. Security and IT should collaborate and develop policies from inception of IT projects in the context of the organization's overall security posture rather than as an afterthought.

VMblog:  What does the future hold for the convergence of security and IT Ops?

Peddibhotla:  One thing we are increasingly seeing is Security and IT Ops teams working together to develop an overall data security strategy for the organization. The rapid proliferation of cloud technologies and the associated data sprawl is forcing organizations to rethink their data policies and strategy. CISOs and Security teams are increasingly becoming key influencers in traditional IT managed solutions and are helping drive the convergence. Integrations between IT and Security tools are driving automated runbooks to manage IT while monitoring and responding to security incidents.

For example, today, some data protection solutions use AI to detect data anomalies on backups that might indicate a cyberattack. By identifying these attacks early on, they can reduce and contain the damage by limiting their "blast area." In the future, these solutions will likely continue to evolve by adding early detection signals and warnings that help Security analysts identify potential attacks in play.

As organizations are grappling with the complex hybrid cloud environments and the data protection and security challenges it presents, now more than ever, Security and IT teams are coming together to formulate their data strategies. In the battle against rising cyber threats, it is imperative for these teams to collaborate closely, leverage tools and skills, and develop data management and protection policies that help protect their most valuable asset - data.

##