Veeam: DR is Dead...Long Live Cyber Resilience

Veeam, Kyndryl and ESG discuss cyber resilience with respect to disaster recovery and how today's IT environments must be able to have immutability built into the data backup environment

Log in to Truth in IT

IT has become the heart of the enterprise as it powers business transformation. This can only happen on the basis of a sound, secure and modern infrastructure, one in which data and applications are protected wherever they live, from inside and outside threats. In this Truth in IT webcast, we’ll uncover insights taken from ESG’s exhaustive 2022 IT Spending Report including:

     ~ Where enterprise IT shops are moving on their use of DRaaS

     ~ CapEx vs. OpEx SLA models…which are right for you?

     ~ Maximizing your agility by leveraging multiple cloud vs. multi-cloud

     ~ Data protection challenges and opportunities with container deployments

We had ESG’s Christophe Bertrand with Michelle Watson from Kyndryl and Ankit Gupta from Veeam to learn how to bulletproof your data protection cybersecurity posture and why cyber-resilience reigns as the new king and the most worthy successor to traditional DR.

Dave Littman: [00:01:24] Hi, Dave Littman, Truth in IT. Welcome to today's webcast, DR is Dead, Long Live Cyber Resilience. Today's webcast is sponsored by Veeam and Kyndryl. Today's webcast will go probably about 45 minutes. We'll be taking your questions and comments in the chat room, so please keep them coming. We've got someone from Veeam standing by to answer any technical questions, and we've got staff from Truth in IT to answer any questions you might have about the stream or the volume or anything like that. 
 
As you know, we're doing an Amazon gift card giveaway, and here's how that works. Toward the end of the event, we're going to display an image directly over the video player that looks like this. When you see it, just click on it and it will take you to a page that looks like this. Just hit the Enter button and you'll find out immediately whether or not you've won. And whether you have or you haven't, as you know, we're running these events all the time, so any questions on that just chat them in. 
 
So let me get to our panel first. I am going to introduce Christophe Bertrand. Christophe is Senior Research Analyst with Enterprise Strategy Group, ESG, and Christophe will be joined by Ankit Gupta, who is Senior Director of Global Systems Integrators with Veeam. And Christophe and Ankit will be joined by Michelle Weston. Michelle is Director of Security and Resiliency with Kyndryl. So I'm going to pass things over to Christophe Bertrand. Keep your questions coming, and I'll catch up with you later. Christophe, we'll have some questions to pass along to you, but take it away.

 

Christophe Bertrand: [00:03:00] Thank you, Dave. Hello, everyone. Great to be here. And well, let me just kick it off with what I love to do, which is talk about some numbers and what we're seeing in the market. So ESG recently conducted research focused on IT spending intentions and kind of key issues that will come up in 2022. And surprise, surprise, we found out that there's quite a bit going on around cyber resilience, cybersecurity and ransomware. Actually, [00:03:26] 63% of organizations said that they were attacked in the past 12 months. So, a pretty high number. And the frequency of attacks is really something that is having a deep impact on IT infrastructure investments and where the focus is placed. As a matter of fact, we asked also in general terms whether these IT professionals thought that this was more of a concern compared to two years ago. And 37% said that the concern for ransomware is much greater today than it was two years ago, and another 45% said it was definitely greater. [00:04:06] 
 
So all in, if you will, the concern is such that it has changed the dynamic of the decision-making in IT and even at the business level. As a matter of fact, you may not be shocked. The [hint?] was to find out that 22% of organizations say that ransomware and ransomware readiness is now a business priority for the executive team and/or the board of directors. That's one in five organizations. Another 46% say that it's one of their top five business priorities. So clearly a business issue that's having visibility at the higher echelons. 
 
And today there are essentially a lot of-- there's a lot of focus on prevention and recovery. So a lot of money going into cyber tools, data recoverability, air-gapping, as well as getting together a formal incident response plan or business continuity plan. Lots of evolutions, a lot of changes. So that's why I'm so pleased to be joined today by two experts in the field. And as a matter of fact, I'm going to start with you, Michelle. I have a simple question which istell us about what you do at Kyndryl and maybe an overview of how you approach ransomware for your clients.

 

Michelle Weston: [00:05:29] Okay, great. Thank you so much, and I'm really glad to be here. I appreciate the opportunity to talk to all of you. I'm Michelle Weston, and I have offerings for the global security and resiliency practice here at Kyndryl. And for those of you who may not be familiar with Kyndryl, we are a brand new company. We come out of IBM, historically what was global technology services, infrastructure services and is now a brand new company-- publicly traded company as of earlier in November. And it's an exciting place to be. So technically, we are the world's largest startup and we are quickly evolving our culture and our strategy, all with the customer in the center to deliver the key capabilities that they need. [00:06:23] My specialty is security and resiliency, and what we really feel is the intersection point for both of those under the banner of cyber resilience. So what do I mean by that? It's everything that you would need to do to anticipate, protect, withstand, and recover from any disruption to cyber-enabled business? What is cyber-enabled business? It's IT businesses, isn't it? So it is a broad banner. It's not just recovery from ransomware attacks, it is any disruption. 
 
But what we do know about cyber attacks is in terms of both cost and impact, much, much more impactful financially, brand, revenue loss, customer loss, and sometimes our customers that are hit with ransomware have the difficulty of even staying in business after that. [00:07:20] We know that the frequency of these is also increasing. And certainly when you look at the workloads and the type of business processes that Kyndryl supports for our clients and manages for them, a lot of these are mission-critical applications, ERP systems. We support everything. But when you look at some of, you know, the systems that are running supply chain or hospitals, if they're impacted, it's even an impact to human services, not just to that particular enterprise. And a key example of that was the gas shortage that we experienced here on the east coast of the United States earlier this year, right? So these things are very impactful, both in terms of time, lost revenue, customer acquisition, etc. So it's top of mind for any C-suite to be looking to mitigate risk from these and other disruptions. And that's where we really see both security and resiliency converging in market.

 

Christophe Bertrand: [00:08:32] Absolutely, and that's exactly what we're seeing, and so I was curious about, Ankit, your perspective and where does Veeam come in and how do you work together supporting your joint customers when it comes to cyber resilience in general terms and of course, ransomware mitigation?

 

Ankit Gupta: [00:08:50] So firstly, Christophe, thank you for inviting me into this panel. And as Michelle said, you know, ransomware is one of the biggest concern for any C-suite. But before that, let me tell you this thing like, Michelle, I'm so elated and excited to work with Kyndryl. Even though it's a new company, but you bring 50 years of experience along with it in dealing with ransomware. So thank you for selecting Veeam as one of your valued partner. And Christophe, you were talking about some numbers. Let me tell you this thing, right? [00:09:26] SonicWall did some studies and they mentioned that there will be around 714 million ransomware attack in the worldwide. This is from 2020 to 2021. That's 134%, 135% increase. So you can imagine ransomware is such a huge thing for Veeam also to take care of. 
 
The biggest thing for ransomware is the agility and the time to response. Veeam and Kyndryl together bring that advantage of agility to our joint customers. This will help the customers to quickly minimize the cost associated with that ransomware. Also help to protect the brand. If you remember what happened to Target or anybody like that with the credit card information leak, so we together, with Veeam and Kyndryl, we help to protect not only the cost associated with it, but also the brand of the customers. [00:10:29]

 

Christophe Bertrand: [00:10:30] Well, and I think this is absolutely key. The consequences of ransomware can be really far reaching, including human cost, as Michelle was mentioning. So actually, Michelle, would love to get maybe a customer example, an anecdote of success combating ransomware and cyber attacks from one of your projects.

 

Michelle Weston: [00:10:52] Yeah, no. I mean, I don't want to specifically name any of our customers, get in this situation, as you can understand, but I can give you some anecdotal examples of where we've been able to help them recover. But first, let me talk a little bit about why this is a different type of disruption, right? Ankit mentioned the 50 years of experience that resiliency services, IBM at the time, had. And I mean, basically, we've helped clients recover from every major outage in the last 50 years, anything from 911, hurricanes, tsunamis, you name it. And a lot of these are also insider attacks, to be clear. So these could be things that are extremely difficult to defend from. When you look at the differences between any disruption, you know, previously with natural disasters as well as cyber, it's not just the cost and the impact and the frequency that's different, but it's also the ability to defend and more importantly, recover from them. We know that they are different in that there are additional data verification, data validation steps that need to be taken prior to initiating the recovery. And if you ask our clients, you know, are they prepared for disruption to their enterprise? Most will say, well, absolutely, I have a DR plan. I test it multiple times a year. I've standardized on best-of-breed technology. I work with, you know, major services providers to ensure my resiliency. [00:12:28] If you say, well, with 100% accuracy, are you sure you can come up from a cyber attack? That's where we find our customers really falter and look for that assurance with a provider like Kyndryl. The reason we're a bit different here is our own unique IP that we brought in to market about three years ago around cyber incident recovery and allowing clients to be able to have that additional data verification, data validation assurance that it's a golden copy that is on immutable storage that is scanned for anomalies routinely. 
 
And then very differentiating, and this is what Ankit was mentioning with time to recover, is the ability to have automation and orchestrated recovery with a software product that we develop here at Kyndryl to allow clients with a push of a button to recover their entire enterprise. [00:13:26] The anecdote that I will give you, we had a client that had planned a DR test. They had ordered in lunch. This was going to take all day. It was a complicated environment, and with our capability, with resiliency orchestration, they were able to fail over and fail back the entire enterprise within 22 minutes. They had to cancel lunch and that is a success story right there.
 
So if you translate minutes into dollars, we know how much, and you can read this as well, how much every minute counts with respect to a cyber attack. If you're able to recover the environment before it even leaks to the street, let's say, before that brand and reputation damage is done, you can imagine economically how beneficial that would be for clients. So everything is around speed when you have a disruption, but the additional assurance that what you are restoring is good and you're not going to propagate it through the environment. These are some of the differential-- some of the differences we see with respect to cyber and why your traditional ransomware detection capabilities or DR capabilities are not going to be enough in that respect.

 

Christophe Bertrand: [00:14:50] Exactly. And that's why we're talking about cyber resilience and maybe the fact that DR is not what it used to be anymore, that the bar has been raised because of all the reasons you've indicated and the different workflows, different [runloads?], complexity that may be involved. So, one of the-- one of the things I'd like to do is maybe now turn our attention to the cloud because quite a lot has been said around disaster recovery as a service. Maybe we should put it cyber recovery as a service in this case, and we see from our research that clearly it's picking up nicely in terms of adoption in the market. [00:15:29] A lot of organizations today are using disaster recovery as a service, about 60% of them, and that's gone up significantly from only a few years ago. 
 
And the main thing that we hear in terms of the factors that are the biggest drivers behind their consideration of cloud based data protection service, which of course makes so much sense in today's economy, is the ability to store data remotely for disaster recovery and also giving them, in a sense, the potential to free up IT staff, get improved service levels, be actually more cost-effective as well, and allow organizations overall to gain not only better availability levels and results, but do this in a cost and efficient manner. [00:16:18] So with this in mind, Michelle, let me turn back to you and ask you what you're hearing from customers about disaster recovery as a service.

 

Michelle Weston: [00:16:27] Yeah, and what I'm actually going to propose, it's a bit of a provocative thought, but I believe resiliency itself is evolving here, right? So if we evolve resiliency to be cyber resilience, which is the combination of cybersecurity and all of the resiliency capabilities around recovery that we know today, think of how important and significant that is because the factors that ESG has just-- that you just took us through, if you're able to combine what you do on the recovery side with what you do on the protection and security side, think of what you're able to do there. You're going to drive down the likelihood of disruption. If you're providing data security, cloud security, any of those transformative processes, all they do is increase the threat vectors for some of these bad agents, right? Your staff is perhaps distracted while they're engaged in this very heavy transformation processes. 
 
So hand in hand with that needs to go a very programmatic approach to both security and resiliency. And that's why Kyndryl has combined the two into a practice, the same global practice here, because we recognize that if you plan for resiliency, at the same time, you're doing all of the planning for security for your enterprise, if and when anything happens, you're able to ensure that resiliency much more efficiently and effectively. And that's why we believe the two go hand in hand. Again, if you look at risk, there's really not a bifurcation between security and resiliency. Any risk to the environment needs to be, as I said, anticipated, protected, withstood from, and then also the ability to recover if and when. So I think that we're really talking about not just an evolution of DR, but an evolution of resiliency into what we're calling cyber resilience, and that includes cybersecurity.

 

Christophe Bertrand: [00:18:34] And I think this is exactly what my expectation is in terms of where the market is going, and that's why I'm very curious about Ankit where Veeam comes in to help. And maybe if you could place the prism here on how you deploy and what you've seen in the field, how you deploy Veeam as a service in this context of heightened cyber resilience.

 

Ankit Gupta: [00:18:58] Yeah, I think first of all, Christophe, if you think about the industry, it has been moving to a service-driven model for some time now. Clearly, this has been fast tracked due to all the recent events. And I think when Michelle was talking, I was thinking about one thing. You know, one of the boxers said, the real boxer said that everybody has a plan till the time they get a punch in their face. So every company is ready for disaster recovery till the time they really know when it really happens, whether they are ready or not. And that's where I bring this point. Deployment takes planning and deep expertise, and that's what Kyndryl along with Veeam brings to the table, and we can deliver one of the best environment and make you ready unquestionably. Veaam platform offers powerful backup replication and recovery services. Veeam brings a thought leadership into the technology market with a bit of expertise. Kyndryl takes that technology, advances, build up a service around that which Michelle was talking about, resiliency, that security, and delivers to the customers to make them ready for unwanted attack. And that's where Veeam partners with Kyndryl to make it a little better for our customers.

 

Michelle Weston: [00:20:26] Yeah.

 

Christophe Bertrand: [00:20:28] Excellent, and I think, you know, as you think about what we've been through in the past couple of years, there's been an increase in the frequency of attacks based on our research from a ransomware standpoint, but also a tremendous amount of transformation that has happened in the market. And this digital transformation has not only accelerated in the past couple of years, but has created an interesting scenario which brings me to the topic that I would like to talk with both of you about, the topic of containers and the evolution of the use of containers, and more importantly, when you think about it, how you protect those environments, right? 
 
And our research has actually shown that there's a big disconnect here, which is something I'd love to hear about from your [00:21:16] perspective. We found that the majority of people, 75% of people think they can actually protect container applications or container-based applications the same way they would back up any other application. And of course, we know that's the wrong answer. Very different animal. And if you double click on that, you realize that many organizations may in a sense not truly understand what resources are needed to successfully support a consistent backup of container environments. [00:21:51] So against this backdrop of re-platforming, heightened frequency of attacks, new applications and maybe a lack of data protection, you know, technology in place, I was wondering, Ankit, if maybe we could double click on the data protection piece here, and maybe you could tell us more about what Veeam is doing to protect those containerised environments.

 

Ankit Gupta: [00:22:18] Absolutely. I think you are referring to Kubernetes and the Veeam acquisition of Kasten. So let me describe this thing this way that cloud native adoption and usage continues to explode and already beginning to change the face of the modern data center. Kubernetes native backup is one of the most critical [00:22:41] need. Kasten by Veeam, which we acquired in early 2021, is an industry recognized leader in addressing this need with the market leading technology and marking customers across the world. Organizations moving to a container-based strategy and hyper aware of being able to be nimble and light, that's why you move to container. Veeam and Kyndryl, we will be partnering together even in the Kasten space where we will be providing a container-based backup. And the idea over here is to satisfy the end customer goal so that if anything happens, whether it's ransomware, whether it's security, whether it is disaster recovery, then you can recover container by container. You don't have to have any stoppage in any system. That's the difference which we bring to the table. [00:23:41]

 

Christophe Bertrand: [00:23:42] Excellent. So actually, Michelle, I'd like to get your opinion, too, because you're also in the first line here of defense for those environments that typically have been deployed to get for digital transformation, to bring new business to organizations, change your customer experience. So can you give us your perspective on, well, two things really, and sort of rebounding on what Ankit was just saying, the protection-- or data protection of container environments, but also maybe leveraging containers for data protection.

 

Michelle Weston: [00:24:14] Yeah, and I think I like the words that you used at the beginning of that with a disconnect because I think there is one. Obviously containerized workloads are on the rise. As Ankit mentioned, there's a lot of benefits for organizations to utilize this. We see that as the future, certainly. I do believe that protection and the ability to recover are both very immature at this moment. And the other disconnect is you will have customers that also think that they can use their containers for DR. And what we're here to say is that you really need protection and DR for containers, right? This is a critical workload. It's just like any other workload, and there shouldn't be an assumption that it's somehow inherent to what the containerised workload has. I would also add again that you need to be able to secure them, right? So you have the whole security aspect of this, protection aspect of it, the ability to recover. Obviously, Kasten is interesting technology for Kyndryl and just to again reiterate sort of how we go to market together from a joint development perspective, we at Kyndryl again have our own unique IP. You can think of it as an orchestrator of orchestrators, Veeam being one, right? But it is the way that we build this from an orchestration capability. It's sort of the top of the hierarchy. And what that allows us to do is also provide that protection and recovery for containerized workloads. That was something that we've baked into the software product as well. And then also being able to provide cyber resiliency for them. 
 
So what you can expect from Kyndryl in my portfolio over time is we're going to be opening the covers of resiliency and we're going to be baking in as much security as we can so that it is inherent to the service that that Kyndryl provides for you. You don't-- you no longer need to think of resiliency and security as separate and disparate things. That's the future and the current state.

 

Christophe Bertrand: [00:26:25] Absolutely. Actually, I was going to ask you a question, Michelle, and the same question would be for you also, Ankit, as we think about all of these trends, so projecting yourself into 2022 that's just around the corner, what do you see as the main challenges for your customers?

 

Michelle Weston: [00:26:42] Well, like I said, I think ransomware detection is a key piece of it. There's also other emerging security trends around zero trust as an example. I mean, look at what COVID has done for us. It has given us the opportunity to be on this Webex all within our our homes, right? But from an enterprise protection, security, and resiliency perspective, that's a nightmare, isn't it? Because our enterprises are ensuring our security and resiliency as we speak on this Webex? So it becomes the enterprise outside of the walls of the enterprise that needs this and zero trust really plays very keenly into that. If you look at ransomware disruption as a triggering event for the need for more security and resiliency, agree. But then remember those insider attacks and access, privileged access management, identity access management, that's another key trend. What people have traditionally thought is table stakes in the security space now becomes quite interesting, and being able to limit that access is very key for an enterprise to remain secure. So that's another key trend, I would say. 
 
Obviously, cloud and both the benefits and the disruption that it has caused. Again, if you look at what COVID 19 has taught us, those businesses that were cloud-enabled were the ones that were allowed to-- were the ones that remain buoyant through that entire and continued to be impacted by this pandemic. So I think, you know, those are some of the emerging trends that I think enterprises will have top of mind. 
 
But if I had to sum it up into one word, it's risk. Risk is only increasing, and risk actually from infectious disease. If you look at how these things are ranked by the World Economic Forum, every year they release both based on impact and likelihood, a particular risk, what its impact and likelihood will be to enterprises around the world. And of course, those things like cyber attacks and natural disasters always ranked very high. But if you look at how the ranking has changed for infectious diseases between both 2020 and 2021, it's certainly been reevaluated in the light of the pandemic. So I like to say viruses are both biological and computer, and that's the business I'm in in terms of mitigating any risk, including those.

 

Christophe Bertrand: [00:29:24] So, Ankit, from your standpoint, what do you see in 2022? Are you on the same general wavelength or do you see something maybe that we haven't covered yet in this discussion?

 

Ankit Gupta: [00:29:34] No, I think I completely agree, and like Michelle, the whole thing what you said, the viruses, whether it is biological or physical or mental, it's a risk. It's a huge risk. And that's what we are also observing in the market right now. And what we call it, like, you know, it's a more of an internet of behavior thing which we are studying, like COVID 19, things are changing. Organization are faced with fast changing landscape and have to react very quickly to ensure that they stay relevant and competitive. And this is where, you know, Kyndryl along with Veeam can really help them in terms of not only just ransomware, not only as disaster recovery prediction, not only for security, but it's an overall-- you have to have an overall bubble to act for every kind of thought process which other people are thinking to stay relevant in the market. So I completely agree with Michelle.

 

Christophe Bertrand: [00:30:37] So I think, you know, this de-risking of the infrastructure through cyber resilience for me sounds like not only a big take away for 2022, but probably for many years moving forward. And it brings up, I think, other questions that I'm going to be more on the economic side of things now. I was curious about, okay, if I'm a listener, I'm an IT professional. I think I understand here what needs to happen. These are great investments to make for resilience. But clearly, what is it going to look like when I engage with you? Could you give me, maybe Michelle, I will start with you your view on CapEx versus Opex consumption models? What are you seeing? What are you offering?

 

Michelle Weston: [00:31:25] They are table stakes, right? Consumption based pricing is table stakes. It is an expectation. So if you look at the hyperscalers and how they go to market and their key partners for us here at Kyndryl, it is now the expectation of customers to consume services that way. So I certainly see an impact to the capital investments that businesses have traditionally relied on, right? Definitely table stakes from that perspective. [00:31:53] 
 
I think overall there is the expectation that what we have in our consumer lives will translate into the enterprise. If you look at our name, it's made up of two words, one coming from the word kyn, meaning relationships, people. And we mean both our customers as well as our employees and the skills that are there. We also mean-- we also take the name from the world where tendril, right, the curly cue growth that is pervasive, ubiquitous, and goes everywhere, touches everything, that is what Kyndryl is expected to become. We are expected to be pervasive in market. 
 
What I will say on the security space, again, with resiliency, we had this to a degree, even more so on the security side. Our customers are inundated with point solutions. Point solutions, you know, great technology, this security product for this specific thing, and they have loads of them. And there's no one there to help manage and provide a service with an orientated business outcome around all of that. That's what Kyndryl's for. And [00:33:06] I do believe that doing that both on the resiliency and security side under the banner of cyber resilience will be key to our success and doing that well.

 

Christophe Bertrand: [00:33:16] So actually this brings up a very interesting point that I'd like to maybe ask Ankit about. So, of course, many security products exist, it's complex, and you're helping simplification, but I'm curious here about multiple clouds or multicloud environments. So, Ankit, what's your take on that from a Veeam standpoint? Because that's the other thing that's happening. People have many options now.

 

Ankit Gupta: [00:33:42] So let me describe it this way. Like, you know, the COVID, right? COVID has got us into rethinking of where we stand with the digital transformation and how fast we have to get things done. That has changed the whole system. And Michelle also mentioned one point that, you know, during this particular trying time, the companies who have been successful, they were majorly on-- or basically they knew how to work on the cloud. And that's where this multiple cloud vendors and multi-cloud environment will come. And as a Veeam, I can assure you this thing that we support every cloud vendor on earth. At the same time, we partner with Kyndryl to make sure that all the services which customers is looking for to protect themselves against the malware or ransomware, Kyndrly can give them that operating bubble. So that's where I think-- Michelle, I don't know if you want to add something to it, but if I'm thinking about the overall environment, it has changed to a faster adoption of digital transformation. At the same time, people wants to be very well protected and they require the whole kind of services built around it. And that's where Veeam and Kyndryl come together.

 

Michelle Weston: [00:35:10] Yeah, and I think it's both multi-cloud as well as hybrid cloud, and we believe that is the reality. You know, the expectation that everything is going to live in the cloud, be born in the cloud, I think that is a thought that didn't come to fruition, right? The clients are going to still keep their mission-critical applications and data on-prem as well as utilize the cloud for the benefits that it provides. So it is hybrid. So now if you think about your enterprise and it's even more hybrid with respect to COVID-19 and and having so much of the enterprise outside of the enterprise, as I said, all of that needs to be secure, protected, and recovered. And I think that's what both Kyndryl and Veeam have staked their businesses on in terms of the client need to be able to do that and mitigate any risk across that surface.

 

Christophe Bertrand: [00:36:06] And based on the success of the organizations here and of course, the need and the market trends, I think it's a great business to be in, unfortunately, I'm going to say for years to come because cyber resilience is definitely going to be a struggle moving forward. But really, when you think about it, I really like the way both of you have positioned the solution here, de-risking the enterprise and all the great benefits you also gain by having this holistic approach and really a protection of the data assets of the organization in general. Before I ask you for your final thoughts, I'd like to ask Dave. Dave, do you have any questions that came through from our audience?

 

Dave Littman: [00:36:50] Yeah, we do. We have a bunch of questions. And first, I want to thank Jim from Veeam, who's been handling questions in the chat room. Great job, Jim. And if we don't get to your questions here today, if we don't get to all of them, someone from Veeam or Kyndryl will get right back to you. So yeah, a couple of questions I do want to pull out here. And a question came in about the effects of ransomware on the SMB space. And if the consumption model puts these elegant sort of solutions more in the-- within the grasp of the SMB. So I guess I'll throw that out to Ankit and then Michelle.

 

Ankit Gupta: [00:37:24] David, thank you for the question. I think it's a great question. Let me give you some kind of numbers to relate to it. Almost 60% of the small companies they close in six months because of the ransomware attack. Just to give you a perspective of the enterprise space, out of five companies, one company will get attacked on ransomware. So these are some huge numbers, which if you think about it, for the economical trial around the world, if 60% of the companies closes every six months, then you can imagine what it will going to do to the overall economic of the country. And that's where Veeam comes in, where we actually advise people to protect the data. There are only, you know, two things which you have to take care in an organization. Number one, the most valuable thing in your organization is people, which you should protect from COVID and everything else. And the second thing which is the most valuable thing is data. And the Veeam along with Kyndryl, that's what we're going to provide, the protection of that data.

 

Michelle Weston: [00:38:40] Yes. Yeah, and I think, you know, the only thing that I would add there, I think that was actually really well said. You know, the only thing that I would would add to that is just honestly some of the things that we've already spoken about with respect to cyber resilience and just being able to mitigate that risk and exposure. From an SMB perspective, that mandate is just the same as it is at the enterprise. And I do believe that they are more susceptible because when you look at ransomware-- the ransoms that people pay, right, it's easier for an enterprise that has invested in all of the technology to withstand the attack, right? Pick it up number one and then withstand. If you're a small hospital, as we've seen in the U.S. that have been hit with ransomware, it's easier to just pay the ransom of 50k or whatever and get back up. The issue that you have, though, when you do that is it allows these bad actors to actually proliferate and next time they hit you and they may come back to you again now that they know you're vulnerable, it won't be 50k, and it just proliferates across the SMB space. But that is what we've seen. They do tend to hit that, schools, hospitals, small businesses because they realize that they'll get the ransom. The issue is that ransom is going to increase and the frequency of tax of that type of enterprise will also continue to be on the rise. So that's really what I think. I don't see a distinction between large enterprise and SMB. It's for both, it's a priority.

 

Dave Littman: [00:40:33] Okay, great. Would you think that the as a service consumption model makes these sorts of solutions more within the grasp of the SMB financially?

 

Michelle Weston: [00:40:41] Yes, I would. Yeah.

 

Dave Littman: [00:40:43] Okay. Okay, cool. Okay, so that finishes that question. A couple more. We'll do some final thoughts, then we'll get to the giveaway. So this question referred to the golden copy, Michelle, that you referred to. Is there a way to ensure that that golden copy has not been-- you know, has not been corrupted, that it is, you know, recoverable back to a steady state?

 

Michelle Weston: [00:41:04] Yeah, so first of all, it's on immutable storage. Write once read many technology that many providers have, right, that is sort of a basic feature of any cyber resiliency solution and I mean, resiliency here. I would argue now that it needs to include security as well, but you need immutable storage. You need some form of a data mover and then you need some ability to recover. You can rely on your own devices, but the more elegant solution would be one that is orchestrated in an automated recovery like what we provide. That solution takes it a step further. So not only do we put it on immutable storage, but we're scanning it routinely for any anomalies, so we can assure that the golden copy that's on immutable storage has not been altered because it's been continually scanned. And that is a differentiation for us. 
 
And then really, the differentiation is that speed and that ability to orchestrate-- automate the recovery and also to be able to proactively manage your risk. We have a dashboard view. The software will attempt recovery of your backup environment. And if there's any failures, you'll get an amber alert that says, okay, here's a place where you need to proactively address your risk. Now, when you look at the regulatory compliance, which is also increasing, and if you look at any of the major market disruptors, I believe COVID-19 will be one and there will be a whole slew of additional compliance that will ensue. If you have someone in and they say, okay, we want to see your DR plan, you can actually demonstrate it for them in the software. Well, let me just show you how I can fail over and fail back my enterprise, that's powerful. So it's a demonstrable capability. You can show how you proactively manage risk, and I think that's really powerful in today's highly regulatory compliance world that we all live in.

 

Dave Littman: [00:43:19] Okay, great. Okay, cool. So again, you know, if we didn't get to your question, we'll have, again, someone from Veeam or Kyndryl will get back to you. Let me pass things over back to Christophe. We'll do some final thoughts. Then we'll get to the giveaway. Christophe?

 

Christophe Bertrand: [00:43:32] Yes. So first of all, thank you very much, Michelle and Ankit, for this conversation. I think we've covered a lot of ground and a lot of what you've said again is supported by the research that I see that we conduct and we're going to keep looking at this market closely. I think as you were highlighting ransomware and cybercrime is really an equal opportunity offender. There is-- no one is immune from it. Well, unless of course, they take all the right steps working with you guys and at least get in a position where beyond education and prevention, there's also that recoverability because it's not a matter of if, it is a matter of when. I think that's maybe my final thought on this one. So, you know, very briefly, Ankit and Michelle, what would be your final recommendations to our listeners? Let's start with you, Michelle.

 

Michelle Weston: [00:44:27] Very simply, I said for years, back up and DR are converging. We don't see a separation between the two, and now I would argue that security and resiliency are converging as well, all under the banner of mitigating risk and ensuring cyber resilience, which is the ability to anticipate, protect, withstand, and recover from any outage to a cyber enabled business.

 

Christophe Bertrand: [00:44:54] Ankit?

 

Ankit Gupta: [00:44:56] From my side, you know, data is growing, guys. Like if you think about, 300 million users get added every year to the social media world. Every year. So the 12-year-old becomes a teenager and they come to the social media. So it's around 300 million people get added. So if you think about it, an average user's is almost like 900 kilobytes of usage per day, you can imagine how much data is increasing day by day. So there are only two things which you can protect, and you should always do it. One is people. One is data. Do that.

 

Christophe Bertrand: [00:45:37] Excellent. Thank you so much.

 

Dave Littman: [00:45:39] Okay. Dynamite. Well, I want to thank our panel. I want to thank first Christophe Bertrand with ESG and Ankit Gupta with Veeam and Michelle Weston with Kyndryl. Thank you so much for being here today. We really learned a lot, and I hope our audience enjoyed our session today. I'm Dave Littman with Truth in IT. You know, maybe DR is not dead, maybe that's not really the right term, but we truly have entered the age of cyber resilience. So do whatever you can to protect yourselves. We want to wish you all a great holiday season. Thanks so much for coming today. Let's put up the giveaway. Good luck with that, and we want to wish you all a great day. Thanks again for coming, everyone.

 

[00:46:18] [music]