Smoke and Mirrors, Locks and Data: Focus on Resilience

With interviews from Cohesity’s Catalyst London event at the Royal Institution

In ‘Smoke and Mirrors Locks and Data’, TechTV’s in-depth analysis of the world of cyber security, we examine the crucial importance of cyber to AI because without reliable cyber, AI’s output cannot be safely guaranteed.

Recently we attended an event at the Royal Institution.  Whether standing there in front of the Faraday lab where he helped unlock electricity, or seated in the main auditorium where lectures and announcements have been made over the years by some of the world’s greatest scientists (including the discovery of no less than ten elements from the periodic table), it is hard not to be in awe.

As we held a series of interviews at Cohesity’s Catalyst London event, it was also tempting to reach for grand comparisons. Something that Cohesity’s CRO Kit Beall could not resist: AI, he suggested, may prove more consequential than the internet. But across four interviews at Catalyst London, a quieter and more useful argument emerged. Whatever AI becomes, it will be built on data — and almost nobody is ready for what happens when that data can no longer be trusted.

Beall and colleague Carol Carpenter, Cohesity’s CMO, framed the opportunity and the risk together. Any task a computer can automate will be automated, Beall argued, but the models are only as good as what goes into them. “Garbage in, garbage out,” he said — the oldest law in computing, newly urgent. Carpenter’s concern was what happens when things go wrong: agents going rogue, hallucinations steering decisions into a ditch. Her answer is recovery to the last known good state, and an open ecosystem — ServiceNow, Snowflake, Databricks — rather than a walled garden. She also noted Europe’s appetite for sovereignty, and the need to meet customers wherever their data lives.

James Blake, who has run hundreds of incident recoveries, delivered the most uncomfortable session. Most organisations, he argued, still treat a cyber attack like a flood. The CIO grabs the last snapshot, throws it back into production, and declares victory. But a flood has few variables; a ransomware attack has a human adversary, fifteen stages, and zero days. “If you take that snapshot and just put it back into production, you will get hit again and again and again.” The CEO stands up, says it’s all done — and they’re down again. Recovery, in Blake’s telling, is not availability. It is the re-establishment of trust in identities, systems and data, and it takes far longer than anyone’s stated RTO. His most damning line was almost an aside: every single customer he has seen encrypted or wiped already had an endpoint detection vendor.

Rob Sadowski picked up the thread from the platform side. Data trains models, feeds models, and is generated by models, which makes protecting it existential rather than merely operational. Cohesity’s answer, Maestro, leans on open standards like MCP so teams can work through whichever AI agent they prefer. On the anxiety of the moment, he was measured: AI is a force multiplier, not a replacement — organisations using it only to remove people are missing the point. And on resilience, he offered the sharpest test: it is one thing to say you back up your data; to rehearse a recovery, prove it, and meet the objectives you committed to is another thing entirely.

PwC’s Karen Penman and Rachel Higham supplied the human dimension. Penman described a client who worked around the clock for two days to recover — only to find the attackers still inside, waiting. Recoveries now stretch into weeks and months, and, as she put it, none of us are wired for that. Higham’s prescription is to define your “minimum viable company” in peacetime: the ten to fifteen percent you must recover first. And rehearse it. Because it is no longer just revenue at risk. It could be lives.

These conclusions were supported by our other guests. Gareth Mott, a research fellow at the Defense Think Tank, the Royal United Services Institute, explained why resilience has become a UK national security issue.

I think there was a point at which stuff like cyber insurance started to get a lot more expensive. I'm very simplifying here, but if the premium was doubling and then the coverage was halving each year, and then you suddenly had to be evidencing your cybersecurity credentials more rigorously to a panel of insurers just to try and get insurance.

Rhys Oxenham, VP for AI, Suse, went on to argue that increasing levels of automation made security controls essential:

I think in every new world, it will challenge previous assumptions and expectations around security. We are, you know, historically, we've been in a very human-led world. Humans would interface with systems through user interfaces, through command line interfaces. And yes, automation helped. Automation helped accelerate those tasks. But there was always a human making the determination of what to do in those situations. Now, what we are seeing is that the world and enterprise and even individuals, we are using AI to accelerate that. And we are offloading some of that decision-making responsibility to a large language model, to an AI. And when you start thinking about, well, taking those AI models and putting them into the enterprise where you give them access to customer data, you give them access to proprietary IP, you do need to think about security controls.

Leave a Reply

Your email address will not be published. Required fields are marked *