- 14 hours ago
Perbualan mendalam bersama Ketua Produk Cohesity, Vasu Murthy, mengenai bagaimana serangan siber kini membentuk strategi kewangan, ketelusan, seni bina pemulihan dan kesiapsiagaan AI di rantau APAC.
Category
đź—ž
NewsTranscript
00:00Kita beralih kini kepada laporan khas dari AWS Re-Invent 2025 di mana Ketua Produk Coast City, Vazu Merdi, berkongsi dapatan penting tentang bagaimana serangan cyber bukan lagi isu teknikal semata-mata, tetapi semakin menjadi risiko kewangan yang boleh menjejaskan pasaran dan keyakinan pelabur.
00:25Kita ikuti laporan penuhnya, silakan Najib.
00:27Vazu, thank you so much for joining me at AWS Re-Invent 2025.
00:32It's a very crucial conversation happening here, especially on the Agenting AI and all that.
00:38But at the same time, looking at it in terms of the level of adoption of Agenting AI, AI cloud and all that, so we are talking about also the cyber security aspect of it.
00:48So that's why I'm going to talk to you about this because Cohesity, you have the research which finds 73% of publicly traded
00:56impact companies, basically adjusted earnings guidance after cyber attacks.
01:01and even private firms shifted budgets from growth to basically remediation.
01:07I want to ask you, what does this tell us about how organisations should rethink cyber risk?
01:12cyber risk because not as just IT costs to the company, but also the core financial and strategic variable.
01:21So, when a business is stopped for a day, how much revenue impact can it have, right?
01:30This is what cyber attacks do.
01:32They can stop and freeze businesses from operating and every day, every second, the business revenues
01:38that the company would have made is out there at risk.
01:43And so, no, it's not a surprise that in big cyber attacks, organisations have to adjust revenues and even account for that risk.
01:51And that shows the enormity of the risk, right?
01:53So, how do you keep your business from running continuously and make sure you don't have to do this?
01:59Like, the analogy I would say is that when you get a common cold, you can still do most of the work and you'll be fine.
02:05but you're down with like a very serious disease, you can't work.
02:10And what we try to do is if you're prepared, you can actually reduce the impact downtime of such cyber attacks.
02:18When you reduce it, your impact of revenue also is going to be low.
02:21And so, this actually shows that you can actually quantify the impact of cyber attacks more concretely.
02:27And that's really what does revenue adjustment mean.
02:29Right.
02:30Of course, in your research also points to a gap between actual financial fallout and what companies publicly disclose.
02:39Do you see that this transparency gap widening or narrowing in that sense first?
02:44And what are the implications for investors' trust and board accountability in FPAC especially?
02:49See, there is a difference.
02:51So, if you're really resistant to cyber attacks and you were able to recover really quickly,
02:58then your disclosure is only limited to what regulatory requirement is.
03:01Right.
03:02If you didn't lose any customer data, you're able to get back.
03:05It'll be like a routine thing that nobody has to report about it.
03:08But there is going to be instances where customer data is compromised or accessed and then there are regulatory requirements to report it.
03:15And so, that will then sharpen the focus on those companies that are not able to secure the data that well from the companies that are able to bounce back.
03:23And so, yes, I think regulations are ones that are going to enforce transparency.
03:30Companies themselves, if they're able to recover, there's nothing to report.
03:33So, that is one aspect of it.
03:35There's even a second aspect of transparency.
03:38People need to understand that these things will happen.
03:41Attacks will happen. Attacks will succeed sometimes.
03:44Nobody can say that, oh, attack happened against me that it succeeded means that I'm really, really in a bad situation.
03:49No.
03:50It's all about responding back.
03:51And so, even for disclosure in terms of helping others prepare better, I think in industry there should be a norm for transparency and disclosure for these.
04:01So, to help the whole industry evolve and get more mature.
04:05Right.
04:06One of the findings, very crucial.
04:08Nearly 97% of APEC organizations need more than 24 hours to recover data from backups and many take more than a week.
04:17Why is recovery still the biggest failure point, if I may?
04:22and what architectural or operational shift that are needed to bring recovery time from days or weeks to just minutes or hours?
04:31If there is one thing we have learned from customers, it's practicing.
04:34Right.
04:35Right.
04:36So, nobody says APEC companies recover from disaster any slower than anywhere else in the world.
04:41Right.
04:42Disaster recovery is practiced.
04:43Yeah.
04:44People know when a data center goes down they can go recover because they practice it.
04:47Yeah.
04:48But practicing cyber recovery has not become a norm.
04:52And also the tools for such practice are also difficult.
04:57And today it's also expensive to do all those practices for cyber recovery.
05:01That's why we've been working very hard to provide products to make it easier and more cost effective in order to practice cyber recovery.
05:08So, that is one thing.
05:09If every organization were able to practice cyber recovery, they will be able to recover faster.
05:14Yep.
05:15I want to ask about the findings as well.
05:18Staggering 89% of APEC organizations paid ransom and 40% paying above 1 million US dollars.
05:25Yes.
05:26This is a huge number.
05:27What does this tell us about the current resilience gaps?
05:30How must organizations firstly redesign their data infrastructure and also so ransom payment becomes the exception, not just a norm?
05:40Yeah.
05:41It's a very, very fundamental question.
05:44And if you drill down into why companies pay the ransomware, it is because of two reasons.
05:49One, they are not sure if they can recover themselves quickly.
05:54Right.
05:55Number two, they don't know if the customer data has been stolen.
05:59And ransomware, as the name sounds, like they are holding up for ransom.
06:03Yeah.
06:04And they will say, I have your customer data.
06:05But are you sure they have your customer data?
06:07Yeah.
06:08Even if they do not have the customer data, they can still hold you for ransom.
06:12If you do not know, if you don't have the confidence of knowing what they could be stolen, then you end up paying.
06:18That's really the gap.
06:19What is the opposite case?
06:20Right.
06:21If you do a classification and know where your sensitive data is.
06:25Right.
06:26If you know the blast radius, you can actually call their bluff.
06:29In many cases, the systems affected do not have critical customer data.
06:33And so if I know that the blast radius is so-and-so, and it did not have any customer data, I can call their bluff and not pay.
06:39Similarly, if I have a robust recovery system that will get me back on track, then I don't have to pay.
06:45And so this just exposes the company's lack of confidence, their ability to recover quickly, or also lack of confidence that they have a good understanding of what could be stolen or what's not stolen.
06:57Of course, we are here at reInvent and we talk a lot about AI.
07:01Yes.
07:02Now agent AI.
07:03Yeah.
07:04Yeah.
07:05I remember I talk about AGI in World Map Forum.
07:08There's a lot of terms now.
07:09I, as the normal people try to understand this, but the study also shows that 84% of security leaders, you know, say that generative AI is moving faster than the way they can govern basically.
07:20Yeah.
07:21How should enterprises balance AI innovation with AI safety?
07:25Now this is generative AI.
07:27Now we are talking about agent AI and all that, but how do you see it?
07:31So there are many facets to this, right?
07:34So the facets to this is AI being weaponized to attack.
07:39So the phishing emails these days are better written than what people would write.
07:44Yeah.
07:45Right?
07:46It's no longer that you can look at the grammatical errors and figure out, hey, that must be a, you know, a phishing email.
07:52Yeah.
07:53We need to counter that with better intelligence.
07:55You know, depending on people to decide whether a phishing email is, you know, legit or not, it's no longer going to work.
08:00Yeah.
08:01It needs to be done by AI.
08:03So if you look at it, we need AI is being weaponized to attack us.
08:09We need to, we also need to make sure we use AI to defend ourselves.
08:13So that's one thing.
08:14There's a separate independent concern.
08:16How do you protect data to be used for AI?
08:19Like how does data, how do you prevent data from getting poisoned so that AI will start doing things that it's not supposed to do?
08:25There is increasing, um, incidents where, um, in a document, some malicious attacker will embed a prompt, which will basically gather all your customer data and email it to somebody else.
08:37Yes.
08:38And you would think you're just summarizing on a document and that actually has this malicious prompt in the middle.
08:41Yeah.
08:42Right.
08:43So we have to be, we have to get much better at understanding the data security posture, which means you need to scan and make sure your data is clean.
08:52Because today malware is not just your viruses and, you know, uh, executables, it also is prompts that could be embedded in data.
08:59Right.
09:00And also, which also means that when you're using data for training, you need to have an auditable immutable data.
09:06You can go back and see, you know, that's, you know, it's safe.
09:09And interestingly, the amount that the capabilities you need to secure data for recovery in cyber attacks can also be really leveraged to secure data for AI training and for AI feeding.
09:21And so that is something we've been getting a lot of interest from customers.
09:24The same infrastructure that's going to make your cyber resilience can also make your data resilient for AI as well.
09:29All right.
09:30My final question, because, uh, of course, Cohesity's, uh, uh, findings suggest basically resilience is no longer purely technical.
09:37It affects off-cast revenue, stock price, customer retention, also regulatory aspects of it, and regulatory exposure.
09:44If you could, you know, project forward to 2030, I would say, it's quite near 2030.
09:49What will distinguish the risk-ready organizations from risk-exposed ones?
09:542030 is almost five years from now.
09:57Yeah.
09:58And if some, if customers are not risk-aware, with all the increase in attacks that are happening,
10:06it'd be hard for companies to exist if they are not prepared, right?
10:10It's, it's a, it's a, what do you call survival necessity for us to get better educated on security and to be able to secure.
10:18Um, and there is going to be a maturity curve.
10:21So not all customer companies are going to be like as best as they could be.
10:25The fundamental need for security, if they don't meet, for example, like we have called five steps to cyber resilience.
10:32First, protect data.
10:33Second, make sure it's always recoverable.
10:35Uh, which means that you have a copy of the data somewhere nobody can get to.
10:39If you don't do one or two, a company that doesn't do it cannot survive in 2030.
10:44Yeah.
10:45Wow.
10:46Attacks will be so frequent and, and so, um, vicious that it'd be very hard just to do the pyramid of security to survive.
10:51But the good thing is most organizations are realizing it.
10:54And there's more, more steps to be done to be able to investigate malware better, to be able to practice.
10:59As I said before, it's very important to take cybersecurity seriously and practice cybersecurity recovery and have a better understanding of data security posture.
11:06I expect organizations to be more mature this way in 2030 and, you know, natural selections means people in the organizations that don't realize it will have a pretty hard time surviving.
11:17But do you think in terms of organization, do you think that the medium, small enterprises as well as an organization also have that awareness?
11:24We, they will have to.
11:26The good thing is there are many service providers around the world who are deploying and providing services.
11:31And so, you know, small business, I've worked with many small businesses and they're getting attacked every day as well.
11:36Yeah.
11:37Uh, but I think you'll see a whole maturity in, um, services available for those companies.
11:42So it's not necessary that to be really cyber resilient that somebody has to do it all themselves.
11:47Yeah.
11:48There are very reliable service providers that use our technology and, and very good technology to deliver that and make it affordable for smaller businesses as well.
11:57but awareness.
11:58Now you can tell me like how many small businesses don't backup all their data.
12:01There's probably very less people do backup, but they bought the next level of maturity and be really resilient.
12:06That'll be, if they hire the right service providers, they should be able to leverage.
12:10All right.
12:11Abbasu, thank you so much for joining me at the, uh, AWS, uh, Reinvention 25.
12:16I really appreciate it.
12:17Thank you so much.
12:18Thank you very much.
12:19It's a pleasure.
12:20Thanks for having me.
12:21Okay.
12:22Thank you.
12:23Thank you.
Be the first to comment