AI is no longer a revolution — it’s the foundation of the modern enterprise. But as AI continues to evolve, real economic value lies not just in AI itself, but in how organisations manage and secure their data. Without a strong foundation, AI’s potential remains untapped.
Sanjay Poonen, Chief Executive Officer and President of data protection and management provider Cohesity, believes AI’s future is deeply tied to data security and resilience. In this first of a two-part feature, he shared insights on Cohesity’s AI strategy, its partnership with Nvidia, and why data—what he calls ‘deep gold’—is the key to AI’s success.
What were your observations about the AI disruption on the consumer side as well as the development side for large tech companies?
I think AI is like any other major innovation curve — just like the cloud. Would the cloud disrupt everything on-prem? Yes, a little bit. But it changed how the world approached a consumption economy where you don’t have to deploy everything on-premises and can instead use technology as a service.
Significant advances in cybersecurity and ransomware have made companies like ours far more relevant and nimble in how we address the threat landscape. A topic that was considered boring 20 years ago — backup — has now become cyber resilience.
I see AI in the same way. It has the potential to make us significantly more productive. Take writing, for example. If you’re a journalist or content creator, imagine drafting an article without spell check. In the 1970s and 80s, people manually proofread everything. Did spell check displace jobs? Not really; it simply made writing more efficient.
The same principle applies to AI tools like ChatGPT and other generative AI models. Ideally, they help us create better first drafts — whether it’s a written document or a piece of music. Instead of replacing us, these tools enhance our productivity, allowing us to accomplish more in less time. That’s how I use generative AI in my daily life.
When applied to software development, AI should help engineers write their initial code drafts more efficiently. It should enable us to deliver code faster to customers and develop AI-driven tools that enhance data search and management. This is exactly what led us to create Gaia in partnership with Nvidia.
The implications of AI are profound. If I were a young engineer just starting my career, this would be the most exciting time to enter the field.
You mentioned ransomware and data protection. The general advice is to not pay the ransom, no matter what, but a lot of companies don’t have backup, or they don’t have their data in the right place. What’s your advice to them?
I once wrote an article for VMware about the five rules of cyber hygiene and cybersecurity. One element of this was that it’s a bit like brushing your teeth; cyber hygiene means you have to do some basic things.
For example, organisations need to educate people on multi-factor authentication. Ten years ago, few were thinking about second-factor authentication. Today, I hope every consumer — including my parents, who are in their 80s — understands it. You type in your password, and then you verify your identity through a second factor, whether it’s a code sent to your phone, a fingerprint, or a retinal scan. That extra step ensures it’s really you, not someone who has stolen your password.
You must set strong passwords. If you have data, you encrypt it. You also segment your applications using the principles of zero trust. Zero trust means you assume no one is automatically trusted. You start with no access, then grant access selectively — first to one person, then two, and so on. If you think of your applications as a surface area, you only give people access to the smallest piece they need, rather than everything. These are essential cyber hygiene principles that everyone should learn, not just IT people.
Then you start applying cyber hygiene to the principles of data. At Cohesity, we designed zero trust security into the core of our platform from the get-go. That means building in features like immutability, which is like the seatbelt in a car — it’s there by default, not something you pay extra for.
Our backups are immutable by design and can be encrypted if you choose. We’ve also integrated deep anomaly detection, threat hunting, and advanced scanning across large amounts of data to ensure a strong security posture. It’s the same principle as monitoring a large number of cells in the human body to detect infections in healthcare.
The security industry operates in a similar way. AI and machine learning algorithms help scan vast amounts of data and detect sleeper cell malware before it becomes a problem. These techniques reduce the risk of ransomware attacks, ensuring that the likelihood of data being compromised remains low. But if an attack does happen, we can guarantee fast recovery. No solution — ours or our competitors’ — can guarantee that you won’t get hit by ransomware. In fact, we advise organisations to assume they will get attacked. It’s not a matter of if but when.
We were the first to collaborate with Nvidia in this space, and Nvidia has invested in only one company here — us.
What was the impetus behind Nvidia’s investment in this particular segment?
When I began thinking about this product we now call Gaia, I went to Jensen Huang, Nvidia’s CEO. The concept of Gaia was that we’re sitting on hundreds of exabytes of data, and it’s reasonably invisible because it’s backup data. We thought we could build a vector database — what’s called retrieval-augmented generation, or RAG — on top of backup, which had never been done before.
So we developed a concept and showed it to him. He was blown away. Gaia is designed to run on GPUs, and he said, “This is brilliant. You’re the first one to do RAG for backup, and if the world’s data is on your platform, Gaia is going to drive a lot of GPUs.” He told us to build Gaia on top of Nvidia’s enterprise AI platform.
Nvidia’s platform has a GPU layer with a software layer on top. That software layer allows applications to run anywhere — in a private cloud or a public cloud. We said, “No problem.” Jensen and his team agreed to invest in our company, and Nvidia joined our board of observers.
As we were finalising the deal, we asked him if he would be interested in investing. His response? “Hell yes, because we want to be associated with the success of this.”
He later featured us at his GTC conference, where he highlighted three companies — SAP, ServiceNow, and Cohesity. As we continue advancing in AI, we’re also driving awareness for Nvidia.
How do you see the future of enterprise AI?
I think the economic value of AI will take one of two shapes — either a cylinder or an hourglass. Let me explain what I mean.
There are three key layers where economic value in AI will emerge. The first is the hardware layer, which includes GPUs and enterprise AI infrastructure. Nvidia is already making a lot of money here, as this layer consists of both hardware and some software components.
The second layer consists of large language models (LLMs). The economic potential of this layer is uncertain: Will it generate sustained value, like a cylinder, or will it commoditise, like an hourglass?
Above that is the layer of AI applications, where the data resides. This includes companies like us, Salesforce, or SAP. Take SAP, for example — a lot of manufacturing data is stored in SAP systems. Salesforce holds a massive amount of customer data, and Workday manages HR data. There’s clear economic value in this layer because enterprises will pay for AI applications.
Microsoft is still figuring out the right pricing model for Copilot. The initial US$30 per user didn’t work, so they’ve now raised the price of Office 365 by US$3. Maybe that adjustment will work, but there’s still value to be had there.
So, will the economic structure of AI be a cylinder or an hourglass? I believe it’s more likely to be an hourglass, as LLMs will eventually commoditise. Just look at OpenAI — SoftBank is putting another US$50 billion into AI, and OpenAI’s valuation is approaching US$300 billion.
I was talking about DeepSeek and how the true value — or deep gold — is in data. For us, that’s exactly where our value lies. We want to work with enterprises, and while we will use LLMs, our strength is in this gold of data — hundreds of exabytes — that we enable our customers to search, analyse, and secure. That’s value.
