As organizations grapple with evolving cyber threats and advanced social engineering tactics, the convergence of data protection, cybersecurity and AI has become critical.

The just-concluded Cyber Resiliency Summit shed light on the fundamental shifts in how businesses must approach security, resilience and risk management moving forward.

“We’ve had such great guests on, both from industry and end users, that talked about things like supply chain, security built-in, being secure and building from security from the ground up,” said Rob Strechay (pictured, right), principal analyst at theCUBE Research. “I loved the themes that were going on throughout this entire event. It’s not just about making copies, but it was about, ‘Hey, how do you approach cyber resilience in its totality, not just in point products?'”

Strechay was joined by theCUBE Research’s Christophe Bertrand (left) for wrap-up coverage of the Cyber Resiliency Summit, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the modern-day mandate for organizations to rethink their approach to security, with a comprehensive, proactive strategy that integrates technology, human awareness and business leadership.

The role of AI as advanced social engineering becomes pervasive

The human element in cybersecurity continues to pose a key concern in cyber resilience. Social engineering attacks, such as phishing and pretexting, continue to be among the most effective tools for cybercriminals. Even with the most advanced technology, human error remains a significant vulnerability. Organizations must implement robust authentication mechanisms such as AAA (authentication, authorization, and accounting) while also investing in ongoing security awareness training for employees, according to Strechay.

“I was talking recently with [theCUBE Research analyst] Paul Nashawaty about cloud and AppDev and our predictions going into 2025,” he said. “When you start to look at the shift left of security, it can’t be just shift left or shift right or shift center if that is a shift. You need it built in by design, and it has to have continuity across mitigating the human aspect, which is huge.”

The key point to note is that taking the human element completely out of the equation is nearly impossible, making proactive education and strategic mitigation key to resilience.

The Cyber Resiliency Summit also explored how AI-powered cybersecurity measures must evolve faster than malicious AI-driven attacks to maintain an equilibrium. Additionally, as AI infrastructures grow, organizations must ensure their AI-driven operations adhere to compliance and security best practices, according to Bertrand.

“It feels like we’re really at the beginning of something very new,” he said. “Not so much because AI is maybe an accelerant, but because there’s this specter of compliance and you’ve got to deal with data and data management. The combination of cyber and backup and recovery is happening, but I think fundamental data management is also at the heart of everything here.”

Finally, enterprises must secure not only their infrastructure, but also their data. Regulatory frameworks, such as NIST, provide a solid foundation, but organizations need to go further, integrating real-time threat monitoring, backup validation and proactive risk assessment, Bertrand added.

“I think fundamental data management is also at the heart of everything here,” he said. “We heard about data resilience. Great topic, but the truth is you have to protect the infrastructure, for sure. You have to protect the data too. You cannot go do any AI with any data that’s not compliant, and typically those compliance requirements will have a lot of cyber components to it and vice versa, so it’s becoming a perfect storm.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE Research’s coverage of the Cyber Resiliency Summit: 

Photo: SiliconANGLE