AI has made cyberattacks easier for threat actors, especially when organisations still rely on traditional data recovery methods. According to Commvault’s latest study, only 41% of organisations in Asia are able to recover data after an attack. Even more concerning, 39% of those hit by ransomware end up paying the ransom.
Pranay Ahlawat, Chief Technology and AI Officer at Commvault, says enterprises need to rethink their approach to recovery, especially if AI is not yet part of the strategy. He spoke with Frontier Enterprise about the findings, and what organisations can do to strengthen their readiness.
That 41% figure isn’t particularly encouraging. What’s going wrong?
The gap between business expectations and IT realities in cyber resilience is stark.
First, the context of recovery has evolved. After a cyberattack, organisations often face uncertainty about the integrity of their backups. Traditional recovery methods may unintentionally restore compromised data.
Second, technological complexities hinder effective recovery. It’s not just about data; metadata such as network configurations, access controls, and load balancers are critical.
Third, process deficiencies are common. Many organisations lack regular recovery testing and well-documented incident response plans. Without rehearsed procedures, recovering quickly during a crisis becomes challenging.
Bridging these gaps requires a holistic approach that combines advanced tools with robust processes, enabling organisations to recover with confidence and speed.
What drives enterprises to abandon their no-ransom policies during attacks?
The decision to pay a ransom is often driven by economic pressure. When ransomware hits, business operations come to a standstill, resulting in significant financial losses. The urgency to restore services can override even well-established policies.
Commvault’s 2025 State of Data Readiness Report found that 39% of organisations facing ransomware demands end up paying, even among those with explicit ‘no payment’ policies. This highlights the value of preparedness. Organisations confident in their recovery capabilities are less likely to capitulate.
Why did Commvault combine technology and AI into one leadership role?
The convergence of technology and AI in this role reflects the changing nature of software development and data protection. AI is no longer an add-on; it has become essential to building resilient, adaptive systems.
We’re integrating AI into our products to help identify threats earlier, speed up recovery, and reduce operational complexity. We’re also using AI in how we build software, recognising that development practices themselves are evolving.
As AI becomes more pervasive, protecting models and data is increasingly important. We’re starting to look at cyber resilience and data protection differently, not just to secure data, but to protect the models and infrastructure that depend on it.
How is AI transforming data recovery, and what are the key challenges to adoption?
AI is changing data recovery in three key ways:
First, as data environments grow more complex, managing them manually becomes harder. AI can support efforts to organise and process varied data sources, making it easier to maintain consistent protection.
Second, automation is starting to influence how organisations approach backup. AI tools are being used in areas like discovery, planning, testing, and reporting, potentially reducing manual effort and improving response times.
Third, user interaction with data protection systems is starting to shift. Some newer tools aim to reduce manual configuration, which may help make recovery processes more flexible over time.
Still, challenges remain. Effective AI depends on data quality and strong governance. Organisations need clean, well-managed data and ongoing validation to ensure their AI systems perform reliably.
Which emerging technologies are poised to disrupt the data recovery landscape?
Several developments could influence the future of data recovery:
First is AI-driven orchestration. These tools aim to automate recovery workflows, identify critical assets, and minimise manual steps, potentially improving response times during incidents.
Next is cleanroom recovery. This involves the use of isolated, air-gapped environments to test and carry out recovery procedures without risking reintroduction of threats.
Third is cloud environment rewind. This concept lets organisations restore entire cloud environments, including configurations and dependencies, to a previously known good state.
Can you share some successful case studies?
Sony, which operates across electronics and entertainment, consolidated its cyber resilience efforts while reducing costs by moving to a centralised data protection platform.
With infrastructure spanning on-premises, cloud, and SaaS, the company sought a unified approach that could support recovery, threat detection, and global scalability, particularly across AWS and Azure environments.
To meet these requirements, Sony implemented a layered strategy combining automation, anomaly detection, and support for its multi-architecture environment.
This approach helped reduce its recovery point objective (RPO), improve threat detection, speed up recovery, and minimise downtime, all contributing to more consistent business continuity.
What is Commvault currently developing in its labs?
Our labs are currently focused on several areas of development:
First is AI integration. We’re exploring how AI can improve data protection and automation.
Next is post-quantum cryptography. In preparation for emerging security risks, we’ve added support for NIST’s HQC algorithm to help protect data from future quantum computing threats.
We’re also working on recovery enhancements. These efforts include forest-level Active Directory recovery with runbook automation, as well as tools to help restore cloud environments — including configurations and dependencies — to known safe states.
