Aussies wary of AI when it comes to data security

Aussies wary of AI when it comes to data security

Backing up data is something that’s always been part of the world of IT – well, the concept anyway; whether people do make backups, whether they make regular backups, whether they test their backups work – these are all another thing.

Cohesity is in the business of ensuring organisations of all types and sizes have reliable, accurate, trustworthy copies of their data. It’s always been important to safeguard data from inadvertant loss but today we have the ceaseless, relentless attack on data by cybercriminals worldwide who know it’s big business to hold a company’s data to ransom. Cohesity executives Kit BeallKit Beall (pictured below), chief revenue officer, and Paul Henaghan (pictured above), MD ANZ, spoke with iTWire to dig into the findings.

Australians are all too painfully aware of the damage that can be caused by cybercriminals with large high-profile data breaches in recent years. It’s perhaps no surprise then that Cohesity’s latest research finds 83% of Australians are concerned about AI as a risk to data protection and security, significantly higher than both the UK (64%) and US (72%).

Despite the advantages and benefits of AI being spoken about from all corners, Australians clearly are fatigued and show a lack of trust around how their data is stored in an increasingly AI-driven world.

More than 90% of Australians said they would think about ending their relationship with a business that suffered a cyberattack.

The message to government and enterprise is clear; cyber resilience is paramount. However, Cohesity’s research also found many organisations overestimate their cyber resilience capabilities, leading to disruptions and ransom payments.

It’s a problem Cohesity takes seriously. In fact, Cohesity MD ANZ Paul Henaghan explained Cohesity’s focus and ability on protecting Australians was a major drawcard when considering the role.

Similarly, Cohesity chief revenue officer Kit Beall previously held executive roles with VMware and Cisco and saw the move to Cohesity as aan opportunity to think about what’s important, and more broadly, how technology transformations apply to our everyday lives.

“Data security has become the most important topic of our time,” he said. “The industry has gone through intrusion detection systems and intrusion prevention systems, whitelists, blacklists, all the traditional things, and on to zero trust.” Yet, security has to have a limit. As Beall puts it, “you can’t build a big enough fence or a deep enouch moat if you want to transact with the outside world.”

“We’re all consumers,” he said. “When you pay someone, order a coffee, take a ride in a bus or train or taxi, have a retirement account or health records, your entire life is a database entry somewhere in a cloud.”

“The conclusion I came to is data security – and ultimately the ability to have resiliency around data – was going to be the most important topic going into the next decade.”

Beall gave iTWire a personal example. He’d been in Australia speaking with Cohesity customers and made the comment “I don’t have enough cash on me to get back to the USA. I’m relying on my plane ticket. Or, if that’s not working, I can swipe my card. If that disappears then I’m stuck.”

It’s a sobering thought to imagine our life relegated to data entries in online services and that a single error has the potential to inconvenience us through to seriously impact our lives.

“When we really personalise this and think about security there will be some breach somewhere. You can look at all the names in the world where it’s happened,” Beall said.

“It makes people numb, but it makes them weary too.”

Certainly, Australians are no strangers to high-profile, very public, data breaches from major household names in recent years. Combatting these problems is something Cohesity is “laser focused on”, Beall said, and not simply Cohesity as an organisation, but the individuals who make it up, as evidenced by Beall and Henaghan as they talk about what motivated them to become part of the Cohesity mission.

“Cohesity works with the biggest banks, airlines, and manufacturers, giving assurance that we have fresh, accurate, clean copies of their data, and that we give them the ability to come back grom an outage.”

Not only that, but “speed of recovery is something we’ve focused on,” Beall added.

Making businesses resilient against inevitable data outages, and how quickly, is “the most important topic of the day,” he said. “That’s what Cohesity has built on, and it’s incredibly powerful.”

“The survey shows a visceral reaction to how people feel about their data being used, held, and managed,” he said, noting it’s important for Australian companies to position themselves so they can re-establish business as quickly as possible.

In fact, in music to iTWire’s ears, Beall said, “we aim to make ransomware an unattractive place to make money.” After all, ransomware thrives by being profitable without repercussions. So long as someone somewhere pays the ransom, then ransomware will continue to exist.

“The tech advantage we can provide makes it a moot point. If criminals know they can’t ransom an encrypted copy of the data that’s as much as a deterrent as anything.”

While it’s generally recognised that companies should not pay a ransom for their data, the hard reality is when your business is at the brink of collapse because all your data is locked up, people may make different decisions.

“We’ve gamified ransomware with Australian companies,” Henaghan said. “We had 20 organisations in a room and talked about their company policy not to pay a ransom. We went through a ransomware attack and led the participants through the steps to their final decision whether to pay the ransom or not. It was remarkable how many in an extreme situation made a very different decision at the end.”

“Just north of 50% said they’d pay some level of ransom, even if they had a policy against it,” he said.

It’s a chilling insight. Much like the old adage about the best time to plant a tree was 20 years ago, but the next best time is right now, companies know they must protect their data. You can’t wait until the point you’re being ransomed; the best time to put data protection in place is that you should have already done so, but if not, the next best time is right now. Do it now.

Australia is often recognised by technology vendors as a market leader and rapid early adopter for new technology. “If you look at G7 countries around the world, Australia is very much a leader,” Beall said. And thus, “a lot of Australians are aware AI will get deployed here first and are more sensitive to it. Australia has the biggest cloud adoption as a percentage of IT spend, so the anticipation from many consumers is leading-edge tech will be here sooner than other countries.”

As iTWire readers well know Australia was double-slammed with data breaches from Medibank, then Optus. “Consumers are more aware about data issues than they were 10 years ago,” Beall said.

“It’s important for companies to engage customers from a position of trust. If you are a consumer and know your data is protected and secure, everything is being done right, and AI can give a better service then you’re much more open to it,” he said. “But, if you’re concerned by how data is used, then AI is exacerbating the situation.”

While data leakage is a serious issue, “what’s a bigger risk is if you can’t get a business back on line for 200 days, say. I hate data being leaked, but if you can’t access your data for 200 days that would change people’s lives not for the better.”

Thus, “businesses must insist on having data resiliency from the start. Business is so integral to our lives, and then it can be used in the right way by tech like AI.”

Such a company that can help you with data resiliency is Cohesity. “We are, at our core, an AI-powered security company,” Beall said. “We have a system that enables very high-speed, high-performance backups, adjusted to what the customer wants. It can scale up, even to every few minutes based on the application.”

“Our platform is built on top of a hyperconverged architecture with a proprietary file system underneath. We allow you to restore individual files, or the whole environment, or even boot a proprietary environment from the backup.”

“There’s no need to go to a vault and rig tapes that take days or weeks. We can do in minutes what other products do in weeks. We’ve architected high-performance read and write.”

“We have multiple options like cloud offerings with multiple clouds, as a service, a private tenant, as well as white box on-prem solutions partnered with Cisco, HPE, and IBM. We offer every deployment option you can envision, including an immutable vault in a separate environment.”

Cohesity must certainly be doing something right; “seven of the top banks in the USA are clients of ours, and three of the top airlines. Energy is also a huge vertical,” Beall said.

Of course, innovation doesn’t stand still. “Where we’re going next is to help customers get insights on their data. A newer part of our portfolio works on the fresh copy of the data, checking for signatures, metadata, and establishing trends and patterns.”

“We also launched another product around generative AI. Certain customers have a need to understand their unstructured data in PDFs, PowerPoints, and so on, so we launched a RAG product called Gaia. It’s in its early days but we have a dozen customers gaining insights in what would otherwise be data hidden away.”

It’s exciting stuff to be sure. Companies all over the world are seeing the value in leveraging their vast stores of data for artificial intelligence purposes, but yet the Cohesity research finds consumers globally – and especially in Australia – expect business to get data protection right before they go ahead with these experiments.

Despite Government and public institutions going to great lengths to encourage more robust cybersecurity, data protection, and data privacy measures, it’s clear many organisations are falling short.

This situation has to change. If your company doesn’t have robust cyber resilience in place then you run the risk of seriously impacting your customers. They don’t want to hear you have all kinds of projects in mind if they can’t trust you are protecting data in the first instance, and if you can’t recover business critical data to restore key business processes following an incident.

 

ALSO

Hear IT journalists discuss the Cohesity research here:

 

Originally Appeared Here