Cyber resiliency is no longer just a security buzzword — it’s a business imperative.

As threats grow more sophisticated and relentless, artificial intelligence has become a double-edged sword: a powerful tool for enterprise defense and a weapon in the hands of adversaries. In today’s landscape, the ability to recover quickly from an attack hinges on how effectively AI can be deployed to protect and verify core data assets.

So what does cyber resiliency actually look like when AI is at the heart of it? Are organizations seeing real-world benefits, or just more complexity?

“AI is the force multiplier, and it’s the force multiplier for the good or bad actors in terms of what’s happening there,” said Brian Householder (pictured, left), senior advisor at Index Engines Inc. “The attack surface, the attack vectors, all of those things are really becoming much, much greater, and so I think that’s the challenge that most of them have. I even see it when it comes to AI deployments for enterprises.”

Householder and Jim McGann (right), chief marketing officer of Index Engines, spoke with analyst Christophe Bertrand during an exclusive conversation on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how AI is reshaping cyber resiliency, even as attackers weaponize it to develop new attack vectors and entry points. (* Disclosure below.)

AI as a defensive strategy in modern cyber resiliency

AI has become essential in protecting digital infrastructure. At Index Engines, AI is embedded into its CyberSense platform to detect anomalies, verify data integrity and support faster, more confident recovery. Without it, organizations face enormous challenges in identifying clean copies of data post-attack, according to McGann.

“Part of cyber resiliency is about trust in data, trust that you have good data, because that’s what keeps a business going — whether it’s an Epic or healthcare database with records in it, or whether it’s running your financial systems,” he said. “That’s the most important point: You can try to keep them out, but making sure you have a clean copy data is critical.”

AI is especially crucial for identifying subtle signs of data corruption. Legacy recovery methods often assume backups are trustworthy, but modern attacks frequently target backups first. This makes AI-based scanning and validation a linchpin in any resiliency strategy.

“Now you have to make sure [the gold data copy] hasn’t been corrupted and it hasn’t been ransomware or encrypted or partially encrypted or all these different attack vectors that now occur,” Householder said. “I think that’s the critical one where AI … it sounds like where people are starting to realize, ‘OK, that gold copy, I’m not sure if it’s a gold copy after all.'”

CyberSense’s approach to AI is proactive and research-driven. Index Engine’s lab detonates thousands of ransomware variants in isolated environments to study behavioral patterns. This enables the AI engine to differentiate between normal user activity and malicious manipulation of files or databases.

“We see 800 to thousands of new variants every day,” McGann said. “They’re just iterations. Now with ransomware as a service and AI, that’s turned up significantly. We went into an AI engine and described what a ransomware needs to do. It kicked out the code to that, and it was pretty good. We’re seeing hundreds, if not thousands, of variants a day. We have an isolated network; we detonate the malware, and we study the behavior.”

Index Engines delivers CyberSense through strategic partnerships with leading storage and data protection vendors, such as Dell Technologies Inc. These alliances ensure that AI-powered data integrity checks are integrated into both primary and secondary storage environments, according to McGann.

“Dell has a Cyber Recovery isolated vault that’s been very successful,” he said. “We have thousands of deployments globally, including some of the largest organizations out there. We also have partnerships with IBM with their safeguarded flash storage environment in production, so snapshots of data are being scanned. We have partnerships with Infinidat as well. Again, snapshots with their InfiniSafe product.”

Here’s theCUBE’s complete interview with Jim McGann and Brian Householder:

(* Disclosure: Index Engines Inc. sponsored this segment of theCUBE. Neither Index Engines nor other sponsors have editorial control over content on theCUBE or SiliconANGLE) 

Photo: SiliconANGLE