Rubrik’s emphasis on security illustrates changing DR strategy | #malware | #ransomware | #hacking | #aihp
Rubrik made a point of shifting its messaging at Rubrik Forward 2022 to include security, highlighting its use of machine learning and artificial intelligence to help combat ransomware.
During the vendor’s first in-person show, Rubrik emphasized its security offerings to customers. It unveiled a rebranding of its data protection platform as Rubrik Security Cloud and talked up its machine learning features, an attempt to recast itself as something other than a pure data protection company.
Ransomware attacks may not be new — the first dates back to 1989, said Bipul Sinha, co-founder and CEO of Rubrik, in his opening keynote. But in 33 years as business has moved out from behind the on-premises firewall to the cloud, ransomware attacks have gotten more complicated and more frequent.
“There is an attack happening once every 11 seconds,” Sinha said, citing a 2021 prediction from Cybersecurity Ventures.
Rubrik is not alone in its push to reimagine itself as a cyber security company. This week in Las Vegas, Veeam also highlighted the merging of backup and security technology.
Fighting ransomware with AI
The COVID-19 pandemic opened up new vectors of attack as employees around the world were forced to work from home, Sinha said. But a global pandemic isn’t the only event affecting cyber conflicts. Russia’s invasion of Ukraine includes cyber warfare, as well as combat.
“In three years, cybercrime will cost $10 trillion to the world — $10 trillion. That’s half of the U.S. economy. And if ransomware was a country, it would be the third-largest GDP,” Sinha said, again citing a Cybersecurity Ventures study.
Sinha said that in the past 30 years, ransomware attacks have continued to change, and defense tactics have had to change along with them.
Indeed, cyber criminals have matured and become more business-like, and their attacks have matured, said Wendi Whitmore, senior vice president of Unit 42 at Palo Alto Networks, a threat research and analyst team, during the opening keynote.
“[The maturity and growth] have enabled [the attackers]to increase automation,” she said. “Not only automation for their activities on the back end, but automation of scanning for new victims.”
Now, Rubrik is highlighting tools that utilize AI, including its Observability Engine, to help companies fight against cyber attacks. Part of the Rubrik Security Cloud, the Observability Engine uses machine learning to monitor data usage, spot anomalies and start the quarantine process, according to the vendor.
“Machine learning [and] artificial intelligence is required for cybersecurity,” Sinha said. “Because the volume and variability of attack has gone beyond human comprehension.”
Johnny Yu, an analyst at IDC, called the application of ML and AI to data protection a necessary step in the fight against bad actors that are using automation and machine learning to refine their attacks.
From a criminal enterprise standpoint, they are using automation to identify victims, trawl through systems to find vulnerability points to exploit. The good guys need automation and machine learning to counter that. Johnny YuAnalyst, IDC
“From a criminal enterprise standpoint, they are using automation to identify victims, trawl through systems to find vulnerability points to exploit,” Yu said. “The good guys need automation and machine learning to counter that.”
The ML and AI technology Rubrik highlighted isn’t completely new to the company; Rubrik’s data protection platform already used ML under its covers to monitor backups, Yu said. But during the conference, the vendor put ML, which requires large sets of historical data to train the algorithms appropriately, front and center.
“Now they are putting a name on it,” Yu said.
Yu said he expects Rubrik will continue to build out its AI and ML features and use it as a market differentiator.
Line between security and protection blurs
Rubrik’s push to make security a priority wasn’t unique messaging this week from a data protection vendor. One state over, during VeeamON in Nevada, Veeam executives also highlighted the threat of ransomware and suggested that security is becoming more critical to its products.
This shift in messaging at either conference didn’t surprise industry analysts.
“There’s recognition that ransomware can’t be fully addressed with data protection alone, and that security needs to be involved,” Yu said.
Data protection vendors such as Rubrik and Veeam aren’t looking to replace an organization’s cybersecurity stack as much as they’re looking to make their products and services more useful to security teams, Yu said.
Ransomware has also forced organizations to rethink their data protection strategy, according to Christophe Bertrand, a senior analyst at Enterprise Strategy Group, citing a soon-to-be published study.
“Disaster recovery is dead. It is now essentially the era of cyber recovery,” Bertrand said.
Because recovery is critical after a ransomware attack, companies have to adjust their strategies in order to effectively respond to attacks. That includes making the most of their backup and recovery vendors, Bertrand said.
“Traditional business continuity is now morphing into something that’s broader in scope, driven by ransomware,” Bertrand said. “The cyber landscape is changing, and the role that backup and recovery vendors play should change as well.”
Enterprise Strategy Group is a division of TechTarget.
