AI and GenAI were all the buzz at Dell Technologies World 2024. But between the AI glitz of the mainstage and showroom floor, there were some intriguing discussions about data protection, cybersecurity and Zero Trust that underscore the criticality of building a strong data protection foundation on your journey to an AI automated future.
#1 – Don’t Let Data Protection Take a Back Seat on Your AI Journey
Jeff Clarke highlighted in his keynote address that with the AI revolution in full swing, data protection can’t be an afterthought. Clarke is right on the money as only 11% of organizations are protecting more than 75% of their GenAI data, according to ESG Research. Considering the substantial investment organizations are making in server computation, high-speed storage, low-latency networking infrastructure and developer time to generate GenAI output, letting this data go unprotected is a major gamble—even by Las Vegas standards.
And then there’s the security side to consider. GenAI training data is essentially a big game target for bad actors to contaminate. Manipulating or “poisoning” the data that feeds GenAI training workloads can result in all sorts of distortions that can produce inaccurate or biased results that could discredit an organization and damage their brand. This makes it essential for organizations to implement Zero Trust security measures around their data repositories and critical systems to keep cyber attackers at bay. In the event of a breach, the ability to isolate and contain the attack, minimize its impact and restore data from a trusted source like a digital vault, becomes crucial.
#2 – In the GenAI Data Tsunami, Efficiency is King
One of the main points emphasized at Dell Technologies World is that AI and GenAI will significantly accelerate data growth. With GenAI set to double the amount of data it trains on, organizations must have data protection solutions that can efficiently scale across on-premises environments, at the edge and across multicloud infrastructure.
In this new GenAI-driven world, managing an ever-growing data footprint while keeping storage costs down will become the new gold standard. Achieving this will require solutions that offer consistent data protection operations wherever GenAI workloads reside, incorporating automation and high levels of efficiency to handle the vast amounts of data generated by AI factories.
#3 – You’re Only as Strong as Your Weakest Link
During his standing-room-only breakout session, University of Barcelona CIO Goncal Badenes delivered remarks that illuminated the potential cybersecurity vulnerabilities lurking within the depths of any organization’s IT infrastructure. Few would expect that a minimally privileged student account would serve as the entry point for cyber criminals to launch a devastating ransomware attack, crippling every critical system at the University of Barcelona. “Utter panic” was how Badenes described the reaction of IT stakeholders once they fully grasped the scale and scope of the attack. With all core services offline—including the university website, research, faculty, student, billing and payment systems—it was a seemingly worst-case scenario.
“Legally, we cannot negotiate with cyber criminals over ransomware payments,” Badenes explained to the audience. The only option available to IT personnel was to restore data from an uninfected backup copy. Fortunately for Badenes and his team, they found a clean backup copy, and with the assistance of Dell engineering support, they were able to bring all their systems back online without any data loss. Despite Badenes’ assertion that “we got lucky,” the university endured two weeks of systems downtime, during which classrooms reverted to blackboard instruction.
Lessons Learned
It turned out that, in addition to the student not practicing good password hygiene (using a strong password, changing passwords periodically, etc.), the VPN hosting this user account did not have multi-factor authentication (MFA) deployed. Additionally, the attackers exploited a critical security vulnerability on a university server to deploy the ransomware.
In response, Badenes and his staff:
- Educated users on strong password practices and enforced mandatory password changes.
- Mandated MFA across the network.
- Implemented role-based access control and network segmentation.
- Enhanced detection and response capabilities to identify anomalies and counter cyber threats.
In addition, this experience convinced Badenes and the university board of the need for an isolated cyber vault, completely off the attack surface, to ensure a clean backup copy is always available for recovery. Although the university managed to recover from a second backup copy, Badenes noted that they were “lucky” this copy had not been infected like the primary backup. He emphasized that a cyber vault would help guarantee a clean backup for future cyberattacks. He also highlighted their investment in analytics within the vault to quickly identify the most recent clean backup, thus accelerating recovery time. With these capabilities in place, Badenes expressed greater confidence in their resiliency and ability to withstand future attacks.
Protecting and Securing Data in the Age of AI
In the age of AI and GenAI, building a strong foundation to protect and secure data is more critical than ever. To address this need, we announced the Dell Solution for AI Data Protection. This comprehensive solution, encompassing backup, recovery and cyber resilience, helps organizations safeguard crucial components such as training data, models and output data. Additionally, we are developing a Dell Reference Design for AI Data Protection using the previously announced, Dell Scalable Architecture for Retrieval-Augmented Generation (RAG) with NVIDIA Microservices, which is set to be published this quarter.
This solution will deliver consistent data protection operations across on-premises, edge and multicloud environments, providing the efficiencies and automation organizations need to manage the vast amounts of data that will be generated by AI workloads, ensuring valuable information is secure and recoverable.
Learn more about how to build a cyber resilient multicloud data protection foundation here.