What's Up with Tech?
Tech Transformation with Evan Kirstel: A podcast exploring the latest trends and innovations in the tech industry, and how businesses can leverage them for growth, diving into the world of B2B, discussing strategies, trends, and sharing insights from industry leaders!
With over three decades in telecom and IT, I've mastered the art of transforming social media into a dynamic platform for audience engagement, community building, and establishing thought leadership. My approach isn't about personal brand promotion but about delivering educational and informative content to cultivate a sustainable, long-term business presence. I am the leading content creator in areas like Enterprise AI, UCaaS, CPaaS, CCaaS, Cloud, Telecom, 5G and more!
What's Up with Tech?
Revolutionizing Cyber Resilience for Cloud and SaaS
Interested in being a guest? Email us at admin@evankirstel.com
Cyber resilience has evolved from an IT concern to a boardroom priority, and for good reason. As Andy Fernandez, Senior Director of Product Marketing at HYCU explains, while organizations have fortified their on-premises defenses, their cloud and SaaS environments remain dangerously exposed—creating perfect targets for today's sophisticated cyber threats.
This eye-opening conversation reveals a critical shift in the cybersecurity landscape. Five years ago, crippling attacks on critical infrastructure prompted massive security investments, successfully reducing ransomware impacts on traditional workloads. However, this success has merely redirected attackers toward less-protected cloud applications. "Attackers realize that on-prem, organizations have tremendous infrastructure and great backups," Fernandez explains. "But guess what? They have no backups, no recovery options in SaaS and cloud. These are sitting ducks."
Enter HYCU's groundbreaking R-Shield—a comprehensive cyber resilience framework protecting over 86 different workloads. Unlike solutions focusing solely on virtual machines, R-Shield addresses critical protection gaps for essential applications like GitHub, Box, and Jira. Its innovative capabilities include rapid ransomware detection, block-level immutable backups for SaaS workloads, and offline recovery options that ensure access to critical knowledge even during service outages. Real-world examples showcase R-Shield's impact across industries, from financial services responding to new EU regulations to the Boston Red Sox protecting everything from ticketing systems to game-day operations.
Ready to close your organization's cyber resilience gaps? Discover how HYCU's intelligent yet simple approach can have you protecting your complete data estate—not just a fraction—starting today.
More at https://linktr.ee/EvanKirstel
Hey everybody, it's a big week for cybersecurity at Haiku, creating some really innovative technology around cybersecurity and cyber resilience, and excited to get a briefing and update from Andy. Andy, how are you?
Speaker 2:Hi Evan, I'm doing well.
Speaker 1:Very, very happy to be here, very excited about the news very happy to be here, very excited about the news, as am I, and you've been at this game for some time. Maybe introduce yourself a little bit about your journey and background and, for those who may not be familiar, who is Haiku?
Speaker 2:Yeah, absolutely so, evan. My name is Andy Fernandez. For everybody in the audience, I'm the Senior Director of Product Marketing here at Haiku. We're the number one SaaS data protection company in the world. Evan, I could actually say that I was born in data protection. My entire career, my entire focus, for better or for worse, is focused on data protection. I head up product marketing here at Haiku, very, very excited about this. For those who don't know who Haiku is, or maybe are wondering how do you pronounce that? Is it a Japanese poem? It actually stands for Hybrid Cloud U uptime. We are the number one SaaS data protection platform in the world. We focus on making sure that we can protect your entire data estate from one place.
Speaker 1:Yeah, it's an amazing proposition and your approach to cyber resilience is really intriguing. Maybe talk about that to start. You know, when did resilience, particularly cyber resilience, become such a hot topic, not just among us techies, but in the boardroom, in the C-suite and across the media journalist world? What were some of the drivers behind that?
Speaker 2:Yeah, absolutely, evan. Let's go back five years ago. I think that's when we saw the beginning of the massive uptake, the massive investment. That's when you started to see security budgets become a much larger share of IT as well or within the organization, and it started because of simply crippling attacks crippling attacks on critical infrastructure on premises, and what happened was organizations saw extreme disruption, whether that is for-profit cyber attackers accessing critical workloads in the world or cyber criminal syndicates that are state-backed, that are actually going and impacting healthcare, hospitals, even governments as well. That's when it started to become an issue, because it really disrupted experiences. But what we saw, evan, was not only a tremendous response in the data protection and security folks, where you start to see now that ransoms are actually starting to be paid less for certain types of workloads right, because the virtual machines physical file shares. Everyone has a strong data protection strategy and those workloads are very protected, they're mutable, they can be recoverable.
Speaker 2:Where we start to see the new uptick, evan, is addressing all of the data protection and cyber resilience gaps in cloud and SaaS. That's where, 10 years ago, if you owned a data center, all of your critical data was in that data center. Today, you're trusting dozens, if not hundreds, of cloud and SaaS providers to manage your data. What's happening now? Well, attackers are realizing where these folks on-prem. They have tremendous infrastructure, they have great backups, they have the ability to recover rapidly. Have tremendous infrastructure, they have great backups, they have the ability to recover rapidly, but guess what, they have no backups, they have no recovery options, and these are sitting ducks within SaaS and cloud. And so now you're seeing all of these supply chain attacks, You're seeing exploits, you're seeing even insider threats really make a dent in these organizations. So the conversation has shifted from we need to stop ransomware attacks to we need to be able to stop cyber threats across our entire estate, not just a fraction of the virtual environment.
Speaker 1:Fantastic and enter Resilient Shield R-Shield for short your big news of the day of the quarter, maybe. What's the big idea? What are some of the key features and drivers behind R-Shield?
Speaker 2:the most workloads in the world. Right? We protect over 86 workloads today because we said you know it's important to have introduced cyber resilience, but it's worthless if you cannot protect or even provide recovery of some of the most critical applications. Right? Think, for example, Evan, things like GitHub or Box or Jira. It's critical data, it touches production, it has customer information and employee information. It must be protected. So two and a half years ago, we set out to be able to protect all of it. Now, today, we wanted to make sure that we enhance and build even more cyber resilience into this, and I'll give you a couple of examples. And what our shield is is think of it as a fabric of cyber resilience that we built into the platform. One key area is being able to make sure that organizations can rapidly detect ransomware. On-prem. Those attacks are still happening. Ai is helping cyber criminals become much better at their job. You need to be able to detect very quickly.
Speaker 2:But another key area that we introduced is something called RLOC, which is immutable backups, block-level immutable backups for SaaS and cloud workloads that nobody else is able to provide. And the last bit that I'm going to talk about, because R Shield has so many different capabilities. As part of it is offline recovery. So, Evan, imagine if your service goes down, any SaaS service that you think about, if it goes down because of a severe outage or there's a supply chain incident, there's a chance that you could lose your data. Imagine if you had an offline, readable access of some of the most critical knowledge in your organization.
Speaker 2:So what R-Shield is and what we've introduced, that we're so excited about, is a framework, a solution, a fabric to protect against any threat on any workload, not just continue to enhance and focus in a myopic view on virtual workloads, but all threats that are available. So there's so many capabilities but at the end of the day, it's do we make it very difficult for hackers to make sure that they don't find and attack our backup infrastructure? Do we make sure that everything is protected, including SaaS? Do we make sure that everything is recoverable, the way it must be recovered? Can the data be accessed and is the data going to be in customer control? That's all it is at the end of the day.
Speaker 1:Well, that's really compelling, and so this technology is being used effectively in the field. Do you have any anecdotes or stories, case studies, where R-Shield is really making a difference that you can share? I know it's tough to talk about some of these sensitive topics.
Speaker 2:No, absolutely. We have customers all over the world who have been using us to protect their Nutanix workloads, their on-prem workloads, even cloud infrastructure. But so many of these customers have come to us and they've said look, we want to make sure that we protect all of these different SaaS services that are very critical. We're worried about an insider threat to something like GitHub. So we have financial services organizations all over that are trusting us with our luck to have immutable backups for critical development workloads like GitHub and even CICD. I'll give you another example publicly Evan, the Boston Red Sox. So this is an organization that is using so many more SaaS services than you think just to make the game happen Everything from ticketing to the speed of the pitch, and there's so many critical services that they need to be able to protect and recover, and they're using and trusting Haiku to do so. So what we're essentially telling our customers here is look, protecting your virtual and cloud infrastructure is table stakes, but where so many of the new low-hanging threats are are cloud and SaaS.
Speaker 1:That's where we're seeing so Fantastic and talk about the notion, with R Shield, of instant recovery. How do you really facilitate that and mitigate risk associated with that data behind it?
Speaker 2:Yeah, absolutely, and recovery is critical to identifying different segments, because how you recover instantly a virtual workload is so different from a Git repository.
Speaker 2:So one of the things that we do is making sure that you can recover the data as it's meant to be Application-centric type of recovery.
Speaker 2:When it comes to the instance side, though, evan, we have, for example let's grab Nutanix right, we're the number one Nutanix data protection provider in the world, and we leverage Nutanix Snapshot to be able to provide the fastest possible recovery there, obviously after a validated checkpoint with the R Shield scanner that we've just provided or that introduced into our platform as well. But then you also have things like, for example, atlassian. That's a completely different type of recovery, right? You're talking about dozens, if not hundreds, of objects that you have to recover very, very quickly. Everything that we do there is API driven, and, once again, we provide the fastest possible recovery and those types of workloads, and it's all boutique and custom to the specific application. So a lot of these are capabilities that we've had over the last few months that we've started to unveil today, evan. We've really been working on making sure that our customers have adopted it and shown us the value Everything from the R Shield scanner that we've had customers test to things like offline recovery as well that we've just released.
Speaker 1:Wow, congratulations. And you know there's so many organizations playing catch-up and to implement a sort of modern approach like R-Shield. How long does it take and what's the effort involved? What are the steps organizations need to consider in, you know, moving to this new world?
Speaker 2:You know, Evan, when you think about it, the first step that organizations have to take is actually what is your tech stack actually look like? What is your data?
Speaker 2:state look like you would be surprised. When you have conversations with CIOs and you ask them how many workloads are you using? They're going to rattle off Microsoft 365, salesforce. But the longer you stay in conversation and the more they bring in staff, that list becomes larger and larger and larger. So the risk at the beginning is not even knowing that you have a problem. Did you know that in your organization, your marketing team is leveraging DocuSign and there's incredible amounts of private contractual data? There Are those being backed up.
Speaker 2:It's those conversations where organizations have to admit first we have a problem. There's an insane amount of applications that are unprotected. We have to go and triage and then we have to go and start making sure that we can protect. The good news is, evan, as you know, haiku, we're software only. We're storage accounts. Think of us as an express highway that's fully encrypted from the source to the customer storage. Once you make that decision, it's very fast to start protecting your workloads. Customers can start protecting their estate same day. It's because of our architecture, because of the simplicity, but I would rather represent it as intelligent simplicity. We've done a lot of work to make sure that it's a simple experience for the customer.
Speaker 1:Wonderful. So there are so many industries that are playing catch up. We hear news stories every day about health care breaches and challenges just heart wrenching. You know, obviously state local education, and on and on. Where do you see adoption being at the moment? Where does it need to be across industries?
Speaker 2:So where it needs to be is everywhere, especially when you think public sector, especially when you think municipalities and folks who maybe don't have the largest budgets but are still holding so much critical information that will run a city. That's a huge area, but, evan, one of the areas where we've seen very strong adoption, though, is financial services is. The EU released the Digital Operational Resilience Act that essentially dictated that any ICT or SaaS or cloud service that your organization is using that impacts customers or touches productions has to have a backup. That's policy-driven, so it's not just a script on a hard drive. It has to be stored off-site and has to be continuously tested. This has released a frenzy within the EU and also any US company that is doing business in the EU, and they have to go and become DORA compliant, and you're seeing copycat legislation all over the world. You're seeing a version of it in South Africa. You're going to see versions of it in the US.
Speaker 2:So, financial services forefront, just because of the legislation that's driving it. Healthcare, simply because organizations can't afford to lose this data. So that's another critical area and the gap there is folks aren't thinking about all of these healthcare services, our health records, document management, surveying used to be on-prem. Now they're individual SaaS services and it's a bit of a blind spot that nobody's had a conversation about. Where's that data? Am I protecting it? If that service goes down, do I have access to it? So we see healthcare also as a major driver, but I can confidently say financial services has been a massive adopter.
Speaker 1:Absolutely so. Look, your enthusiasm is really infectious. It's almost like you worked in this industry your entire adult life. So congratulations on this, and everyone I talk with at Haiku has such a mission-driven mentality. It must be quite rewarding to be part of that team.
Speaker 2:It is, evan. I think when you work in tech, sometimes it can be easy to think through well, what impact are we actually having? Right, am I working on a widget to help somebody sell another widget, to then document this widget, or am I delivering a product or service that actually can potentially save data and save lives? Right, there's always, for example, the children's hospitals that are getting attacked. These things are happening. There is actual evil, and it's happening in a digital setting. The fact that we can go help and recover this data is very critical, and I think that allows us to kind of have that approach of saying we're actually making a difference.
Speaker 1:And indeed you are. Congratulations on all the great work, onwards and upwards. Thanks, Andy. Thank you so much. Thanks, Evan.