IT Brief UK - Technology news for CIOs & IT decision-makers
United Kingdom

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Secure night ops command center ai cyber defense incident response
#
Malware
#
Data Protection
#
DR

Commvault predicts ResOps to redefine cyber resilience

Wed, 7th Jan 2026
Author image
By Mark Tarre, News Chief

Commvault executive Martin Gittins has forecast that a new discipline called resilience operations, or ResOps, will emerge as a defining feature of cyber security strategies in 2026 as organisations respond to growing risks from artificial intelligence and identity-based attacks.

Gittins is Area Vice President for North Europe at data management firm Commvault. He said organisations face a shift in how they structure protection and recovery in complex digital environments.

"Traditional approaches to resilience are no longer enough in the age of AI. With data being generated at unprecedented rates and agents making decisions with little human oversight, security, identity and recovery - too often treated as separate issues and split between teams - must be brought together. This approach creates a new category called resilience operations (ResOps), which will define 2026 as a new discipline that rearchitects resilience for the modern enterprise, managing it across increasingly complex and emerging AI environments," said Martin Gittins, Area Vice President for North Europe, Commvault.

ResOps groups security, identity and recovery into a single operational focus. The approach reflects growing use of AI agents, which act on data with limited human intervention and increase the potential impact of compromised systems or credentials.

Identity under pressure

Gittins highlighted identity infrastructure as a central risk area. He said attackers have stepped up efforts to abuse directory services that underpin access and authentication inside organisations.

"One of the biggest trends we've seen in 2025 is the exploitation of Active Directory by cybercriminals to gain access to all data, systems, and applications - it is the lifeblood of businesses, and therefore an obvious target. It is for this reason that identity plays an important role in ResOps. It is critical that in 2026, businesses take the steps necessary to protect their Active Directory, often known as the 'keys to the kingdom'. The latest solutions deliver greater automation that makes this more achievable than ever before. From detecting weaknesses and threats across Active Directory and logging any changes automatically, to rolling back any unwanted changes at speed before they can impact the whole system, today's solutions can provide the automated support that IT leaders need to keep their organisations safe and accessible," said Gittins.

Active Directory remains a core tool for user management and access control across many enterprises. Its compromise can give attackers broad reach across systems and data, which security specialists see as a driver for tighter monitoring and rapid remediation tools.

Backups in attackers' sights

The Commvault executive also pointed to backup systems as a growing battleground in ransomware incidents. He said adversaries now routinely aim at recovery infrastructure as part of their campaigns.

"But it is important to recognise that, as cyberattacks are now inevitable, there must be equal focus on the recovery process and making it as clean and complete as possible. Research shows that 94% of ransomware attacks attempt to compromise backup storage, meaning that businesses are at risk of restoring affected backups, re-injecting malware into their environment, and simply prolonging the disruption. There needs to be a greater focus in the next 12 months on deploying tactics that both prevent backups being compromised and prevent organisations accidentally restoring them if they have. AI has a vital role to play in this, enabling IT teams to quickly identify and analyse suspicious files, and even automatically detect threats in backups during the recovery process and remove them without damaging the 'good' data," said Gittins.

Security vendors and corporate IT teams have increased investment in immutable storage, network segmentation and automated scanning around backup environments. The focus aims to ensure that recovery does not reintroduce malicious code into production systems.

AI reshaping resilience

Gittins framed AI as both a source of risk and a tool for response. Automated systems generate and process larger data volumes and create new attack surfaces. AI tools inside security operations centres are also taking on more detection and analysis tasks that previously relied on manual review.

He said this shift required an integrated view of resilience that spans prevention, identity assurance and recovery. That view underpins the ResOps concept, which positions recovery quality and speed alongside traditional perimeter and endpoint controls.

"As technology advances enable us to make smarter decisions about our data, let 2026 be the year that we fight back against the cybercriminals - and win," said Gittins.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Percona launches fixed-scope packages for open databases
LambdaTest rebrands as TestMu AI with agentic testing shift
Self-employed brace for digital tax as deadline looms
AI, geopolitics & supply chains reshape cyber risk
Unit4 hits 100th ERPx go-live & boosts AI investment

Top stories

Kubernetes accelerates large-scale phishing operations
Firewalla adds enterprise Wi‑Fi tools in App 1.67 update
CloudBolt deepens AWS deal to boost cloud & Kubernetes
Vector unveils AI tool tying safety incidents to training
New heat sinks cool NVIDIA Jetson Thor edge modules