SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Sanjay mirchandani 2
#
Edge Computing
#
Advanced Persistent Threat Protection
#
AI Security

Commvault CEO AI shift demands new resilience model

Fri, 21st Nov 2025
Author image
By Sean Mitchell, Publisher

Commvault Chief Executive Sanjay Mirchandani has set out a case for what he calls "AI resilience", using a keynote in New York to argue that enterprises must rethink how they manage data, identity and recovery as autonomous systems spread across business operations.

AI pressure

Mirchandani said AI is moving into core business functions at a speed that exceeds previous technology shifts. He described a surge in data generation from generative and agentic models, alongside new opportunities for threat actors to exploit identities, supply chains and model inputs. He noted that attackers are already using the same types of tools enterprises are deploying.

"Maybe too soon, but. Good morning and welcome. Welcome to shift. We're bringing you, our customers, our partners and our industry leaders together because we are in the most significant and consequential moment in our industry. What we're living through isn't incremental, it's foundational. It's absolutely reshaping how enterprises create, operate, how data flows and how decisions are made," said Sanjay Mirchandani, Chief Executive Officer, Commvault. "Of course, I'm talking about AI and its widespread adoption, if you would, throughout an enterprise. It's also safe to say that it's growing faster than any technology in history."

Distributed complexity

He highlighted the operational strain caused by data fragmentation. Data now sits across multiple clouds, SaaS products, data lakes, DevOps environments and endpoints. According to Mirchandani, this fragmentation makes AI-driven systems more fragile. If the data fuelling those models is inconsistent or incomplete, it can lead to incorrect or unsafe outputs.

"And that's compounded. That's compounded because your data is highly distributed and fragmented across clouds, SaaS, apps, data lakes, DevOps, pipelines, endpoints and more… All of which could make your AI systems fragile and vulnerable and put your business at risk. Because when the data is inconsistent, incomplete or even compromised, AI gets things wrong. Dangerously wrong," said Mirchandani.

Operational shift

Mirchandani said enterprises are also facing a rise in "autonomous non human identities" operating without direct oversight. This, he argued, raises the bar for governance and demands closer alignment between teams responsible for security, identity and recovery. He described traditional resilience processes as too slow and too manual for AI-era requirements.

"We've been calling this new operational approach RES Ops or Resilience operations. It's not a tool or a point solution. RES Ops is the next generating operating model that transforms resilience into an active discipline and enables you to manage resilience across increasingly complex and emerging AI environments," said Mirchandani.

Identity risks

Identity compromise remains one of the most common mechanisms for attackers to gain access to systems. Mirchandani pointed to industry estimates suggesting identity misuse is involved in most breaches. He said organisations need to be able to track, audit and, when required, reverse changes within systems such as Active Directory to avoid long-term disruption.

"According to our friends at CrowdStrike, approximately 80% of breaches involve some kind of compromised identity. So Unity's groundbreaking new identity resilience. The capabilities enable you to easily track any unauthorized or accidental changes to Your identity systems like Active Directory, Enter ID and if necessary, just roll it all back with one click," said Mirchandani.

Clean recovery

Mirchandani also described a challenge in recovery operations. Teams often choose between restoring older data they believe to be safe or recovering more recent data that may contain threats. He said newer approaches to analysing and reassembling datasets are intended to eliminate this trade-off.

"In the event of a cyber attack, now you no longer have to make that choice because we now give you enhanced threat scan and detection capabilities to analyze your backups and identify potential threats to confidently restore clean data," said Mirchandani. "Our new AI enabled synthetic recovery capability uses malware and encryption detection to automatically curate a composite of the most recent and cleanest patterns to isolate the compromise and surgically, surgically recover your data with the least data loss."

Agent-led workflows

Mirchandani also spoke about the role of agent-based interactions in future operations. He demonstrated how users could request recovery information through a conversational interface rather than navigating multiple dashboards. He also described a scenario in which signals from security tooling could trigger automated forensic recovery processes across other enterprise systems.

"This agentic system to system automated experience is where our power lies," said Mirchandani.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Asahi delays results as ransomware attack disrupts operations
Keeper Security named Overall Leader in non-human identity management
ATEN unveils secure KVM switches with 5K video for defence use
Teleport wins AWS award for securing high-growth infrastructure
Cyber-extortion incidents surge as criminals target small firms

Top stories

Digimune & MY CYBER GUARD launch Aussie ID shield
DivisionHex launches new framework to streamline exposure management
HP predicts surge in AI-driven cyber threats & cookie theft by 2026
Hack The Box launches AI cyber range & unveils red team certification
Dynatrace expands AWS integrations & wins LATAM partner award