In the past 12 months, the IT industry has witnessed a surge in vendors touting themselves as AI-driven powerhouses, not unlike that of what we saw just a year ago with vendors touting themselves as Zero Trust companies. It’s not that these vendors don’t have any AI or Zero Trust capabilities; however, they seem to market beyond their potential. These marketing strategies often imply that these solutions now include advanced AI-based threat detection and response capabilities that significantly mitigate the risk of cyber threats.
However, the reality often doesn’t match these marketing claims. The fact is, AI and generative AI (GenAI) malware tools are only as effective as the data they are trained on, their accuracy in detecting threats and their ability to enable rapid recovery from cyber-attacks.
IT decision-makers must critically evaluate how data protection and storage vendors have developed the intelligence behind their AI analytics tools or GenAI inference models. It’s crucial to understand how these tools have been trained and what data sources have informed their algorithms because without the right training data, you may be investing in a solution that doesn’t provide the comprehensive protection you need from all the various cyber threats that could be lurking in your environment.
In a recent Power2Protect podcast, we discussed the three key questions to ask your vendors about their AI and GenAI tools:
-
How have your AI tools been trained?
Developing an AI engine capable of detecting cyber threats with high accuracy requires extensive time, experience and fieldwork. This process involves years of collecting, processing and analyzing vast amounts of data to build robust models that can identify threats of all types. For example, cyber threats like the “XORIST” ransomware variant use encryption algorithms that do not alter compression rates. Traditional cyber threat detection systems, which rely on changes in compression rates, metadata changes and other such indicators, might fail to identify the behavioral patterns of these advanced threats. Thus, training machine learning systems to recognize sophisticated variants of threats is essential.
-
What data sources inform your algorithms?
It’s crucial to understand how these tools have been trained and what data sources have informed their algorithms. Without a diverse and comprehensive dataset, AI-powered solutions cannot develop the intelligence necessary for effective threat detection. Moreover, these solutions must continuously evolve and be updated to keep pace with the evolving tactics of sophisticated threat actors.
-
What measures are in place to ensure accurate threat detection and rapid recovery?
Forensic-level intelligence about affected systems is vital for ensuring precise and safe recovery. Without this level of detail, organizations risk reintroducing malware during the recovery process. A recent example is CDK Global, which suffered a devastating ransomware attack that crippled their car dealership customers for two weeks. During the recovery process, they were hit with a second ransomware attack. While unconfirmed, it is possible that the ransomware was reintroduced from backup copies due to a lack of forensic inspection capabilities for their backup data.
CyberSense as A Benchmark in Cyber Resiliency
CyberSense, integrated with the Dell PowerProtect Cyber Recovery platform, represents a sophisticated approach to cyber resiliency. Drawing on decades of software development, it employs advanced machine learning and AI-powered analysis to continuously validate data integrity and provide comprehensive insights throughout the threat lifecycle. This empowers organizations to swiftly recover from critical cyber threats, including ransomware, and dramatically reduces the impact of an attack—minimizing data loss, costly downtime and lost productivity.
The AI engine behind CyberSense has been rigorously trained on over 7,000 sophisticated ransomware variants, ensuring continuous accuracy. It utilizes a combination of over 200 full-content-based analytics and machine learning techniques to detect corruption with up to 99.99% accuracy.1 With more than 1,400 production deployments, CyberSense customers benefit from the collective knowledge and experience gathered from real-world encounters with malware, making it a mature and robust solution for modern cyber resiliency needs. This continuous learning process enhances its ability to detect and respond to emerging threats, ensuring that its defense mechanisms remain up-to-date and effective. Cybersense also employs data forensics to help you quickly identify a clean backup copy to restore from so that you can rapidly recovery from a cyberattack.
Dell commissioned a Forrester TEI report that examined the financial impact on organizations with Dell PowerProtect Cyber Recovery and CyberSense. Forrester found that organizations with PowerProtect Cyber Recovery and CyberSense spend 80% less time locating the data to restore and bringing it back into production and are able to get their systems back online 75% faster.
In contrast to the overhyped claims seen in the industry, where backup companies and storage vendors hastily rebrand themselves as an all-in-one offering with AI-powered cyber detection and response capabilities, CyberSense stands out with its proven track record and depth of experience. The sophistication and maturity of CyberSense offers a stark contrast to the often superficial and speculative capabilities of newer entrants in the market.
By investing in PowerProtect Cyber Recovery with CyberSense, organizations can be confident they are choosing a solution grounded in decades of rigorous development and real-world application, rather than marketing hype.
To learn the cost savings and business benefits enabled by PowerProtect Cyber Recovery with CyberSense, click here.
1 Based on an ESG report commissioned by Index Engines, “Index Engines’ CyberSense Validated 99.99% Effective in Detecting Ransomware Corruption”. June 2024. Actual results may vary.