CommVault - Experts & Thought Leaders

Commvault has introduced Data Rooms, a secure environment that enables enterprises to safely connect their trusted backup data to the AI platforms they rely on, or to their own AI initiatives, such as internal data lakes. By combining governed, self-service access with built-in classification and compliance controls, Data Rooms bridges the gap between data protection and data activation, helping organisations transform backup data into AI-ready assets without adding new risk or complexity.  By integrating directly with Commvault Cloud, Data Rooms gives authorised users governed access to files, emails, and objects across environments. It automates data discovery, and classification, simplifying the creation of curated, AI-ready datasets. Data trust and compliance As enterprises move from data protection to data utilisation, Commvault preserves data trust, and supports compliance and readiness throughout the activation process.   Most enterprises don’t need yet another AI platform to manage - Commvault’s Data Rooms offering is designed to address these challenges. The Commvault Data Rooms offering is currently available in early access and is targeted for general availability in early 2026, with pricing details to be shared at that time.

Commvault, a major provider of cyber resilience and data protection solutions for the hybrid cloud, has announced two new appointments for North Europe, as Martin Gittins moves into the Area Vice President (AVP) role for the region and Mark Molyneux joins the company as Field CTO.  As AVP of North Europe, Gittins will be responsible for growth, leadership, and strategy within this key market for Commvault. He joined the company in February of this year, leading the charge for Strategic Accounts in EMEA, with a focus on Commvault's top 100 EMEA enterprise accounts. Expanded role Prior to this, Gittins headed up Strategic Accounts for EMEA at Cohesity. He also previously worked closely with enterprise accounts at Hitachi Vantara, Dell EMC, and HPE.     “I’m delighted to step into this expanded role at such a critical time for our customers and partners in North Europe,” said Martin Gittins, AVP North Europe, Commvault, adding “The threat landscape is evolving and the pressure on business leaders is growing. Commvault plays a pivotal role in helping customers advance resilience, achieve minimum viability, and remain in a state of continuous business. Resilience is no longer a nice-to-have, it’s a business priority.” Proven track record “I’m pleased that Martin is taking on this new position in the company,” said Richard Gadd, Senior Vice President, EMEA, Commvault, adding “His proven track record, deep understanding of the region, and commitment to empowering teams will be instrumental as we continue to expand our impact across North Europe and deliver outstanding outcomes for our customers.”  New Field CTO Commvault also welcomes Mark Molyneux as Field CTO, North Europe. Molyneux spent the past three years at Cohesity as EMEA CTO, is a certified DORA compliance specialist, and is a certified digital operational resilience officer. He also previously advised major IT and financial institutions in the UK on technology, while at Dell and also held various leadership roles in storage, data protection, virtualisation, and cloud at Barclays. Molyneux brings a blend of consumer and enterprise viewpoints to the role from his 35 years working across the industry.  Cyber resilience “Cyber resilience is a critical element of the modern business,” said Mark Molyneux, Field CTO, North Europe, Commvault, adding “I look forward to working closely with the wider team to help our customers and partners strengthen their resilience posture, advance recoveries, and stay a step ahead of evolving threats.”  “We’re thrilled to have Mark join our team as we continue to help our customers in the region strengthen their cyber resilience posture,” said Darren Thomson, Field CTO EMEAI, Commvault, adding “His expertise and passion for cyber resilience and preparedness will be invaluable in helping our customers navigate today’s complex security landscape and drive innovation throughout North Europe.” 

Commvault, a pioneering provider of cyber resilience and data protection solutions for the hybrid cloud, has now announced two powerful additions to its HyperScale portfolio: HyperScale Edge and HyperScale Flex. As modern enterprises generate more data from remote offices and edge locations, these environments have become lucrative and vulnerable targets for cyberattacks. Exploitation of edge devices To help clients address this challenge and improve their resilience, Commvault has developed HyperScale Edge The 2024 Verizon Data Breach Investigations Report reveals a startling trend: breaches from the exploitation of edge devices and VPNs surged to 22%, an eightfold increase from the previous year.   To help customers address this challenge and improve their resilience, Commvault has developed HyperScale Edge and HyperScale Flex. Commvault’s HyperScale X solution Complementing Commvault’s HyperScale X solution, which serves as its flagship scale-out integrated appliance, these new on-premises offerings provide customers with exceptional flexibility, performance, and resilience for protecting workloads running in various environments.  Like HyperScale X, both HyperScale Edge and Flex models are delivered as a software image that can easily be installed on validated hardware. Modern retailers “No two enterprises are the same. Modern retailers often manage mission-critical data across dozens of sites, while large organisations may want to leverage existing storage investments. But regardless of infrastructure, every enterprise is striving for one thing: cyber resilience,” said Pranay Ahlawat, Chief Technology and AI Officer, Commvault. Pranay Ahlawat adds, “With the launch of HyperScale Edge and HyperScale Flex, we’re delivering the best of both worlds — flexibility and choice, combined with industry-pioneering cyber resilience.”  Data protection and recovery HyperScale Edge enables localised data protection and recovery for remote sites, edge locations HyperScale Edge enables localised data protection and recovery for remote sites, edge locations, and small and medium-sized businesses where space and IT resources are limited.  This could include retail stores, branch offices, and distribution centres. Customers can utilise this offering in combination with validated hardware from Dell, HPE, and Lenovo.   Requirements of modern applications and AI/ML workloads For large, data-intensive, and AI workloads, such as those generated by technology, telecom, and healthcare industries, HyperScale Flex delivers high-performance backup and recovery with a flexible architecture that connects to external flash storage pools.  Supporting certified storage offerings from Pure Storage, VAST Data, and in the near future, HPE, it enables organisations to meet the extreme performance demands and multi-petabyte capacity requirements of modern applications and AI/ML workloads.   Supporting quotes  “Commvault's HyperScale Edge was crucial in creating a cost-effective data management and cyber resilience solution across our many data centres,” said Lee Lindstrom, Principal Infrastructure Architect, Fortune Brands, adding “With Commvault’s HyperScale Edge, we were able to implement a cost-effective, repeatable, and easily deployable solution. The built-in resiliency and advanced ransomware protection have given us the peace of mind that our critical data is always protected and recoverable.”  “As cyber threats increase in sophistication and the pace of business operations accelerate, current data protection approaches and architectures are not adequate,” said Jim O'Dorisio, Senior Vice President and GM for Storage, HPE, adding “In the coming quarters, Commvault HyperScale Flex with HPE Alletra Storage MP X10000 and our full-stack infrastructure will deliver a truly differentiated, holistic approach to cyber resilience and data protection that meets the extraordinary speed, scale and simplicity required by modern enterprises.”  “An all-flash architecture with the Pure Storage platform combined with Commvault HyperScale software will provide a massively scalable, high-performance, and cost-effective platform for protecting petabyte-scale data, giving organisations the confidence to manage and secure their largest and most critical data assets from a single centralised plane,” said Maciej Kranz, General Manager, Enterprise, Pure Storage.  George Axberg, Vice President, Data Protection, VAST Data said, “The performance demands of modern AI and data-intensive workloads require a new approach to data architecture. By combining the high-throughput and low-latency infrastructure of the VAST AI Operating System with Commvault's HyperScale Flex, we are delivering a solution that can keep pace with these critical applications. Customers will be able to protect massive datasets at unprecedented speed, minimising application impact and accelerating recovery when it matters most.”  Availability and pricing  Commvault HyperScale Edge is generally available now. The software is available via a subscription model with pricing per node/per month or as a perpetual licence plus support costs. Customers are responsible for purchasing an approved server based on the HyperScale Reference Architecture.  Commvault HyperScale Flex is available now for early adopter customers, who can contact Commvault Sales to request access to the EA program. Pricing is configured based on the specific server and storage options selected for the solution.

Every day, millions of people worldwide use their personal credentials to prove their identity and access a range of services, from databases in their workplace to the banking app on their smartphone. But while this ensures only authorised people have access to certain systems, the use of this personal data opens users up to cyber risks, primarily in the form of identity theft. On Identity Management Day, Source Security spoke to seven IT and cybersecurity experts to discuss their experiences and advice on identity management, including James Brodhurst, Principal Consultant at Resistant AI, who reinforces that: “Securing identities is more important than ever, as fraud and identity theft has impacts for businesses as much as for individuals.” Effective identity management He recommends that businesses and other organisations that use consumer identities as an integral part of operations must address the significant challenges of managing identities and recognise that there is no single solution to all possible cyber threats. Effective identity management is only achieved through a broad range of technologies and data. Businesses have a critical role to play in mitigating cyber threats, as does society as a whole" This is an important first step for organisations to know who they are interacting with, and subsequently distinguish between genuine or illicit actions. “Businesses have a critical role to play in mitigating cyber threats, as does society as a whole. Initiatives such as Identity Management Day serve to increase our collective awareness of the issues and threats we’re facing, and also safeguard sensitive data.” External cyber defences “Why is identity theft so common?” ponders Andy Swift, Technical Director of Offensive Security at Six Degrees. “Well, the simple answer is stealing account credentials is big business. There is a massive industry out there of people stealing and selling credentials on the dark web. I don't suggest you venture to the marketplaces through which stolen credentials are sold on the dark web, but if you did you'd find lists of credentials with different attributes – whether they've been tested, whether they have access to financial data – that dictate price.” “Most stolen credentials are sold to people looking to launch phishing and onward phishing attacks, giving them access to compromised mailboxes to send emails from. Secondly, there are hackers who want to launch attacks – ransomware, more than likely – from within a network without having to navigate its external cyber defences while also evading the long wait for brute force attacks, phishing attacks and other noisy activities to pay off.” Access sensitive data Credential stuffing is one of the most common forms of attack and corporate credentials are usually the target" “And thirdly, there are people who want to simply target external administration interfaces they have identified (RDP for example) which they can in turn use to pivot through to internal networks, or even just target the external host directly.” Gregg Mearing, Chief Technology Officer at Node4, adds: “Credential stuffing is one of the most common forms of attack and corporate credentials are usually the target. In 2020 alone there were 193 billion credential stuffing attacks globally. Attacks commonly start with a database of stolen credentials, usually with usernames, emails and passwords – although phishing emails and suspicious websites are also used to steal corporate credentials. Once they have gained entry into the organisation's system, the attacker can move laterally, completely unnoticed, to access sensitive data, remove files or plant malware.” Most common threats “Despite the ubiquity of this style of attack and a wide understanding of the importance of password hygiene, 65% of people still reuse passwords across multiple accounts. There can be no doubt that employees are the first line of defence for an organisation against a cyber attack. If trained properly, they can act as a human firewall. However, poor cyber hygiene, a lack of best practice when it comes to managing credentials, and a limited understanding of the most common threats can make an organisation’s employees its greatest weakness.” Despite the ubiquity of this style of attack and a wide understanding of the importance of password hygiene" Alongside credential stuffing and phishing, Liad Bokovsky, Senior Director of Solutions Engineering at Axway, explains how API attacks are yet another way criminals are executing identity theft: “In fact, last year API attacks increased 348%, and companies affected included some of the largest corporations – Facebook, Instagram, and Microsoft.” Protecting customers’ data “Companies need to do a better job at protecting their customers’ data. In a recent survey, 82% of UK consumers confirmed they would stop doing business with a company if it suffered a data breach that exposed their personal information.” “Thriving and surviving in today’s hyper-connected economy increasingly depends on having sufficient API maturity in place to ensure that anything connecting to an organisation’s servers – devices, apps, customers – is managed appropriately to keep APIs, customer data and the company’s reputation safe. This means having technology and processes in place to make sure that API design, implementation, and management are done properly.” Owning smart devices This needs to change and with the UK no longer required to adhere to EU-GDPR legislation" Michael Queenan, CEO, and Co-Founder of Nephos Technologies, explains how the huge volumes of personal data being created every day are putting consumers at risk: “Whether shopping online, setting up a social media account or simply reading a news article, we are regularly being asked for our identifiable information. With 10% of UK homes now owning smart devices – e.g. an Alexa or a Ring doorbell – our data is constantly being collected, even within our own homes. Should it fall into the wrong hands, it could be used for identity theft or fraud.” “This needs to change and with the UK no longer required to adhere to EU-GDPR legislation, it presents an opportunity to rectify how personal data can be shared. Ultimately, I believe individuals should be responsible for their own data and how it is used.” Ensure data privacy “A possible way of achieving this is through identity-centric blockchain, whereby everyone has a national email address associated with their blockchain identity that permits access to their personal data. This would ensure that only you get to decide who has access – your data, your choice!” This would ensure that only you get to decide who has access – your data, your choice" Steve Young, UKI Sales Engineering Director at Commvault also comments on how identity management is vital for meeting data regulations, thereby supporting data management throughout the business: “In the world of data management, you’d be forgiven for thinking that the focus is all on backups and recovery. But while these are absolutely crucial elements, another key aspect of data management is identity management – only through understanding it will businesses be able to drive their data management to the next level. Identity management is necessary to ensure data privacy.” Latest data regulations “Many people will be most familiar with its function as a way to restrict access of employees to certain files and resources that may hold sensitive or classified information. But what is becoming more important today is how identity management also helps prevent cybercriminals entirely outside an organisation from gaining unauthorised access to a system and initiating a ransomware attack, for example. Because of this, identity management helps businesses be compliant with the latest data regulations, as it ensures that any customer data collected and stored is kept secure.” So, what solutions should IT leaders be prioritising to strengthen their identity management measures? Six Degrees’ Andy Swift recommends multi-factor authentication (MFA): “MFA provides great defence against identify theft, but it's also a reactive technology: for it to be effective, an attacker must already have obtained stolen credentials.” Cyber security training Credential-driven attacks are largely exacerbated by a ‘set it and forget it’ approach to identity management" “That's why comprehensive cyber security training and education on best practices is quite possibly more important than any technology could ever be alone. There's no silver bullet when it comes to achieving strong identity management, but the importance of threat awareness and training cannot be overstated.” “We advocate for the best practices that ensure cyber hygiene and protect personal and professional identities and credentials to prevent credential-based attacks from continuing,” concludes Tyler Farrar, CISO at Exabeam. “Credential-driven attacks are largely exacerbated by a ‘set it and forget it’ approach to identity management, but organisations must build a security stack that is consistently monitoring for potential compromise." "Organisations across industries can invest in data-driven behavioural analytics solutions to help detect malicious activity. These analytics tools can immediately flag when a legitimate user account is exhibiting anomalous behaviour indicative of credential theft, providing greater insights to SOC analysts about both the compromised and the malicious user, which results in a faster response time.”