In 2024, business leaders in the Asia Pacific (APAC) region and beyond, will deepen their focus on cyber resilience. With over 90% expressing concern about ransomware attacks, according to a recent IDC report, the correlation between cyber resilience and operational stability has never become clearer.
I have been with Commvault for about half a year and in the crucial window of first 90-days, I spent meeting approximately 100 of our customers across APAC. There were three clear takeaways from those customer interactions. First, enterprises realize cyberattacks will happen. It’s not a matter of if but when. Second, every organisation has an incident response plan. It is only a question of ensuring that the plan is constantly tested for new scenarios. Third, albeit having a cybersecurity framework, organisations find themselves in a chaos having to manage multiple platforms and having to go through the detect-secure-recover few times over.
2024 is when data and cyber resilience will be at the front and centre of every organisation
Martin Creighan is Vice President, Asia Pacific at Commvault
Equipped with the first-hand knowledge of what regional enterprises are facing, as validated by what technology industry analysts are seeing in the market, I, along with Commvault’s senior leadership team anticipate 2024 to be a year of even more pervasive threats. However, it is also a year when enterprises are going into fiercer battle against bad actors.
2024 is when data and cyber resilience will be at the front and centre of every organisation. Data is where everything flows, yes, and where data flows is the future of the business. Cyber resiliency is all the rage, but the real, simple story and every organisation’s concern is business continuity. Thanks to transformative technologies such as AI and machine learning, they will be further developed, and they will be leveraged. They will not be an adornment nor an accessory. Companies will fight AI with AI. Governments and regulators will provide the framework and environment to make it happen and to secure the digital economy. Businesses working in siloes will get tighter. The C-suite and boards will be more engaged and IT and security teams, working together more aligned, and closely. These are the trends we anticipate in 2024.
Data and cyber resilience at the core
Data is a critical asset of every organisation. As such, preventing any compromise or loss of data, especially with new threats consistently popping up, has become and will remain a strategic priority.
In 2024, the ability to protect data and to recognise and respond to cyber threats swiftly will become a competitive differentiator. Companies that focus on cyber resilience, which encompasses data protection, data security, data intelligence and recovery, will have the upper hand. The growing sophistication of cyber threats will necessitate advancements in data security technologies and strategies, with businesses that adapt promptly likely to stand out in the industry and gain more public trust.
Data intelligence will be a board-level priority. Forrester estimates that organisations will need to manage twice the amount of unstructured data in 2024. With more data than ever, a company’s ability to leverage data intelligence to detect early warnings of a breach, and recover in hours versus weeks or months, will gain a competitive edge and free up valuable resources to put that data to work. We should expect to see a priority on the entire lifecycle of a potential breach or ransomware attack – not just the recovery phase.
AI will shape cyber resilience
Artificial Intelligence (AI) will significantly shape cyber resilience by enabling faster and more accurate threat detection. The success of AI-powered data intelligence will be measured by reduced incident rates and faster recovery times. Using AI to fight AI-driven threats will be a common theme in 2024. As the integration of AI with data protection tools is already underway with many enterprises, leaders must keep pace with these developments to ensure their strategies are robust.
Choosing the right AI platforms will be paramount in a crowded marketplace. The answer lies in the simplicity and alignment with business goals, considering that tool fragmentation is a known risk to cyber resilience.
Evaluating AI use cases will involve a critical look at data protection tools’ impact on cyber resilience, with a strategic approach to reducing complexity and addressing the sprawling growth of SaaS and IaaS environments.
Adept understanding of AI and AI regulation and policy is vital
Despite the diversity and different levels of technology adoption in the region, governments and regulators are working towards creating an environment that promotes a common goal: responsible AI and balanced innovation that supports the economy.
China, a forerunner in AI, has unveiled rules governing generative AI effective August 2023. Considered as “interim measures”, the guidelines govern recommendation algorithms, synthetically generated images and chatbots similar to ChatGPT.
Singapore, aspiring to become a global AI hub, has just unveiled its National AI Strategy 2.0 on 4th December 2023. Embracing AI as vital to the country’s continued success, the strategy repositions AI as a necessity for Singapore. It also directs the focus from local to global, and wide-scale capability, infrastructure and foundation for AI versus individual projects.
Close to Singapore, we observe economic groupings such as the Association of Southeast Asian Nations (ASEAN) and the Asia Pacific Economic Cooperation (APEC) seeking to establish shared standards and regional guide on AI governance and ethics as a step in the right direction.
With all these developments in the region considered, having an adept regulatory understanding will be as crucial as the technology adoption. Navigating the complex landscape of emerging global AI regulations will demand a proactive and well-informed approach, with businesses establishing dedicated teams to maintain compliance.
Greater senior and board-level involvement in cybersecurity and compliance
With an increased focus on cybersecurity in 2023, board members in 2024 will be more attuned to identifying enterprise risks, and particularly engaged in decisions around risk management. Boards must concern themselves with the overall cyber preparedness, which is necessary as recent IDC-Commvault research found that only 33% of senior executives are involved in current cyber preparedness initiatives. We anticipate this percentage will increase in the next twelve months.
As regulation evolves and require a cybersecurity expert to sit on the board, we anticipate greater investment on training and access to security experts and advancing boards’ knowledge of enterprise risks. I believe within the next several years we will see more compliance, security, and cybersecurity experts fill board seats, similar to financial experts that have long been recruited as necessary board members.
To reiterate, 2024 will pave the way for a greater focus on cyber resilience – one that encompasses data protection, data security with built-in AI capabilities, and recovery. AI will be used to derive more value from data, while also detecting threats earlier – fighting AI threats with AI. By approaching cyber resilience in a more holistic manner, enterprises are reducing the risk in their business, damage in their brand and reputation. With the right amount of engagement and cooperation, internal (boards, C-suite, IT and security organisations) and external stakeholders (governments, regulators, industry players) will play a role in the overall organisational best use of technologies to elevate cyber resilience and to improve the digital future in Asia Pacific.