Data protection vendor Rubrik reintroduced itself as a cybersecurity expert at last year’s user conference, arguing that the future of data backup and disaster recovery lies in convergence with security.
Ransomware and data security will once again be a focus of discussion among vendors this year as ransomware attacks against enterprise customers increase. Even Rubric was no stranger to the battle. It suffered a data breach in March.
Like other data backup vendors, Rubrik last year announced features designed with cyberattacks in mind, including machine learning and AI tools and SaaS backup capabilities for Microsoft 365.
These features will help fight ransomware, said Phil Goodwin, research vice president at IDC. Ransomware has traditionally been a security risk and remains a top priority for backup administrators.
“We see that trend among IT organizations. They don’t really differentiate between data security and data protection,” Goodwin said. “Label data protection is being applied more frequently to protect against anomalies and intrusions.”
How a vendor addresses the twin needs of security and data protection will strike a balance between building useful features that don’t over-promise or under-deliver.
As Rubrik seeks to redefine itself as a cybersecurity vendor, no other backup vendor wants to cloud the picture. Executives at Rubrik’s rival Commvault are adamant that the company’s new detection and cyber-deception tools are still firmly in the realm of data backup.
Backup vendors need to continue to show they can meet the challenges of being a security company as the backups under their control become more targeted. Western Digital, a storage vendor that sells backup SaaS, has admitted that it was the victim of a ransomware attack that brought services down for almost two weeks.
“One company can’t do it all,” Goodwin said. “It’s a journey. [Rubrik is] It is one of the companies that has been proactive in cyber protection and cyber security from a single platform. “
thin silicon line
Veeam, which hosts the VeeamON 2023 conference just days after Rubrik Forward, joined Rubrik last year to position itself with better cybersecurity capabilities. Druva also added security features to its data backup platform in 2022.
All of these vendors are looking to harden their products against ransomware, according to Christophe Bertrand, an analyst in TechTarget’s enterprise strategy group. He said ransomware attacks remain a priority for IT teams and executives, influencing strategy and purchasing decisions. Data backup is now a market where you can differentiate according to the cybersecurity features that vendors offer.
“We see the convergence of cyber response and disaster recovery in this space,” Bertrand said. “While many data protection vendors are committed to security, they are also improving and strengthening their ability to detect ransomware.”
Backup capabilities often include immutable snapshots and air gaps, but vendors are now expanding their software to include traditional security tools. Customers expect backup software and services to include multi-factor authentication to prevent unauthorized access and machine learning capabilities to detect changes to data copies that may contain ransomware payloads.
Jerome Wendt, analyst and CEO of the Data Center Intelligence Group, said that while these are positive additions to the data backup platform, they are a comprehensive set of security features that enterprise IT departments may require. It states that it is not a substitute for Backup companies may be better off partnering with security features rather than building them themselves.
“Everybody’s getting a little more mature about it,” Wendt said. “I’m still not sure if the people doing it themselves and the people partnering with third parties are doing the same.”
NAND Research analyst and founding partner Steve McDowell said cloud hyperscalers, including AWS, Microsoft Azure and Google Cloud Platform, are still stepping away from the data backup and data protection market.
Apart from some simple disaster recovery services such as AWS Elastic Disaster Recovery, McDowell said few hyperscaler portfolios attempt to replicate the capabilities of dedicated vendors.
“I am amazed by the great people. [are] They haven’t rolled out a strong feature set,” McDowell said, adding, “This is a huge opportunity for them to have a little more control over their customers’ lives.”
SaaS data backup capabilities will continue to be popular with backup vendors, analysts say, because many users are still unaware of what shared responsibility model they are adopting when choosing a SaaS application or platform. The list agreed. In this model, service providers are responsible for maintaining the quality of their services, and customers are responsible for protecting the data they use within their services from loss, corruption, or attack.
“The introduction is well behind the hype,” Goodwin said. “[SaaS] It will continue to be a growth market for the next few years. “
airgap ghost
Like other IT vendors, Rubrik may also feature its generative AI story at this year’s Rubrik Forward.
The hype and saturation of generative AI, especially peripheral products such as OpenAI’s ChatGPT, will come to the backup space as well. But analysts said corporate buyers remained skeptical.
I’m still not sure if not only those who do it themselves, but those who partner with third parties do it as well.
Jerome WendtData Center Intelligence Group CEO, Analyst
“It’s very difficult to separate the hype from reality,” McDowell said. “There’s a bit of AI fatigue right now.”
Backup vendors like Rubrik, Commvault, and Cohesity have already built machine learning into their products. Rubrik uses machine learning to detect when user data has been compromised and detect anomalies and encryption in backups.
Cohesity has partnered with Microsoft Azure and OpenAI to add generative AI capabilities to data protection, such as generating readable post-mortem reports after a security incident or security action.
AI cleaning will contribute to the chaos, Bertrand said. Vendors don’t use consistent language in their marketing and bloat their AI capabilities.
“I’ve never seen anyone come out with pretty AI messaging and positioning,” Bertrand said. “In the end, it’s more efficient play.”
However, IT teams must continue to be prepared to use AI for both its pros and its opponents. Goodwin expects more ransomware gangs to abuse the technology.
“If you think the bad guys aren’t going to use it against us, you’re dreaming,” he said.
Tim McCarthy is a journalist from Merrimack Valley, Massachusetts. He covers cloud and data storage news.
