Getty Images
Cyber resilience now a top priority for backup platforms
The latest updates to backup platforms such as HYCU, Commvault, Cohesity, Rubrik and Keepit bolster cyber resilience in both technology and customer readiness.
Backup platforms are evolving to improve cyber resilience, ranging from SaaS application data protection to AI data security and even attack simulations.
Many enterprises cannot tolerate much downtime, said Krista Case, an analyst at The Futurum Group. SaaS applications such as Microsoft 365, Google Workspace and others are just as vital for day-to-day operations as databases or other enterprise applications, though many customers might not realize that their data is not protected by the provider.
Cyberattacks continue to evolve to attack not only the data itself, but services that are interconnected to backups like networking and security, she said. Backup vendors will likely see a receptive market even as IT spending grows more cautious.
"We're living in a world where the acceptable level of downtime is getting smaller and smaller," Case said. "Every IT dollar is still scrutinized, [but] cyberattacks have made backup a very prevalent executive board discussion, so there is more of a willingness to spend where necessary."
SaaS backup
Many SaaS application buyers assume that application data is protected by the vendor, but this is not the case, Case said.
As the importance of SaaS applications has grown, enterprises are looking for SaaS backup products. While more popular SaaS apps are protected by major platforms, such as Microsoft 365 or Salesforce, there are likely hundreds of smaller or industry-specific SaaS apps lacking protection, according to Case.
SaaS defense specialists such as HYCU and Keepit are two backup vendors focused on expanding that SaaS coverage specifically to tackle cyberattacks through capabilities like anomaly detection.
"It's the convergence of two trends: a rise in SaaS applications [in the enterprise] and the need to fold [SaaS data] into the data protection infrastructure and strategy," Case said.
Today, HYCU released R-Shield, a new service available to all R-Cloud customers, to provide more comprehensive cyber-resilience capabilities to SaaS backup data. Capabilities available at launch include anomaly detection with security information and event management integration, immutable backups and clean copy validation, according to HYCU.
Other new capabilities in R-Shield that aren't often seen in SaaS backup services include accessing read-only data stored within HYCU backups should a SaaS app go offline and data isolation to limit resource visibility only to credentialed users, Case said.
HYCU's R-Cloud platform provides backup services for popular SaaS applications, but also offers a common API and data discovery capabilities to connect with less popular SaaS applications to back up data in a common object format.
Keepit, another SaaS backup service, also plans to offer new anomaly detection capabilities by May 2025.
Keepit aims to expand into hundreds of applications, each with specific configurations, within the next three years, according to the vendor. It plans to add seven new SaaS applications in 2025, including Jira, Bamboo, Okta, Confluence, DocuSign, Miro and Slack.
Adding anomaly detection into SaaS backup platforms shows that these vendors are taking evolving cybersecurity threats seriously, said Jerome Wendt, founder and CEO at the Data Center Intelligence Group.
Anomaly detection, however, is still a relatively nascent technology for finding issues, Wendt said. Those services need to survey the data estate of customers for a while before understanding what constitutes a proper attack, where the attack might be coming from and what's causing the issue.
"Anomaly detection is still within its infancy, and it varies from provider to provider," Wendt said. "[But SaaS data] is a target-rich environment for hackers and insider threats."
Traditional backup
More comprehensive and traditional enterprise backup platforms, including those offered by Cohesity, Commvault and Rubrik, are adding capabilities or seeking new partnerships to improve cyber resilience.
SaaS data is often exposed to traditional cyberattacks, but backup data is still vulnerable even when protected by the latest updates or defensive platforms, Wendt said. Enterprises should keep abreast of evolving threats with the rise of generative AI and quantum computing.
"There's a cat-and-mouse game going on," Wendt said. "Companies should not oversimplify these attacks. These ransomware attacks have become so sophisticated that you have to think through all the loopholes of your infrastructure."
Traditional backup platforms that specialize in on-premises and cloud data protection are also leaning in to AI to harden their products from attacks.
Cohesity will debut the new RecoveryAgent, an agentic AI capability for the Cohesity Data Cloud platform, to general availability in the second half of this year. The capability will be available to all Cohesity enterprise customers, according to the vendor.
RecoveryAgent, Cohesity's first new product since acquiring Veritas last year, is built on a combination of Veritas' NetBackup Recovery Blueprints and Cohesity DataProtect technology.
Customers can create blueprints, or collections of automated actions and workflows that the software follows to expedite recovery after an incident. Some of the capabilities included in blueprints are threat hunting, malware scanning and restores across various backup environments.
Cohesity also added cyber-resilient capabilities to NetBackup 11, Veritas' former backup platform offering, in late March with user behavior monitoring, risk scoring and new support for additional cloud workloads.
Rubrik, another data backup vendor, debuted new capabilities for Google Cloud to its Rubrik Security Cloud earlier in April as part of the Google Cloud Next 2025 conference.
Rubrik Annapurna, the vendor's generative AI connective API, now operates with Google Agentspace, Google's multimodal AI service, enabling Agentspace customers to build AI models of data stored in Rubrik.
Rubrik Security Cloud now supports additional capabilities for Google Cloud customers, including isolated recovery environments, backup for Google Workspace data, and threat detection within Google Cloud Engine and Google Cloud SQL data.
Commvault expects to get more hands-on experience with threats through its partnership with SimSpace for crisis simulation training on the Commvault platform.
The Commvault Recovery Range, a new offering from the two companies, creates a cyberattack testing and simulation environment using the Commvault platform and a copy of the customer's environment. Customers can simulate how attacks would specifically affect their own workloads and data.
All these new security-focused additions point to how backup and security teams are no longer considered separate IT specializations in the enterprise, Case said. Specialists of both disciplines should expect to share techniques, tools and labor to tackle these threats.
"At a minimum, backups are going to complement something like a CrowdStrike [platform] or what security [teams] are doing with their platforms," Case said. "We'll continue to see more incident and threat detection connectivity with backups moving forward."
Tim McCarthy is a news writer for Informa TechTarget covering cloud and data storage.
