Commvault executives Ravi Baldev Singh and Hazem Abushaban outline why minimum viability, clean recovery, and air-gapped protection are becoming critical for enterprises navigating cyber risk and operational disruption.
Cyber resilience, recovery readiness, and business continuity have become urgent boardroom priorities for enterprises navigating a more volatile threat landscape.
CPI Media Group in association with Commvault and MDS, recently hosted ‘Save The Day’ webinar where Ravi Baldev Singh, Senior Director Systems Engineering (Emerging Markets), Commvault, and Hazem Abushaban, Cyber Resilience SME and Sr. Systems Engineer (UAE Enterprise), Commvault, outlined why traditional disaster recovery is no longer enough in an environment shaped by ransomware, destructive malware and cloud outages.
The session focused on total resilience, a more comprehensive approach that combines disaster recovery, cyber recovery, clean data restoration, and operational continuity. The discussion made clear that enterprises can no longer afford to view backup as a standalone function. Recovery must now be tied directly to business survival. A key theme running through the webinar was the concept of minimum viability, which raises the ability of an organisation to restore its most critical systems, teams, and processes within a realistic timeframe so it can continue operating, even in a reduced capacity.
Closely linked to this is the concept of survival time objective, which challenges businesses to define how long they can afford to remain disrupted before the operational, financial, and reputational impact becomes unacceptable.
Ravi Baldev Singh, Senior Director Systems Engineering (Emerging Markets), Commvault, said: “Organisations need to move beyond broad conversations around backup and availability and instead define, very clearly, what minimum viability means for their business. Businesses must ask which systems, services, teams, and communication channels must come back first, and within what survival time.”
In today’s environment, resilience is no longer just about disaster recovery; it is about cyber recovery, business continuity, and the ability to recover cleanly under pressure.
“Boards, business leaders, and technology teams must challenge outdated assumptions now, because those who prepare well will not only survive disruption, but emerge stronger and more trusted in the market,” added Singh.
Many organisations are still relying on outdated assumptions about resilience, which include the belief that cloud environments are automatically safe, that backup copies are always clean and recoverable, or that disaster recovery and cyber recovery are effectively the same discipline.
Enterprises now need structured blueprints that align technology recovery with business-critical outcomes. The blueprint-driven approach formed an important part of Commvault’s message during the session. The company positioned resilience as an ongoing operational model rather than an ad hoc emergency response. This includes identifying the applications that matter most, mapping dependencies, understanding where data resides across on-premises and cloud environments, and creating runbooks that can support recovery under real-world pressure.
The webinar also highlighted how resilience architecture must now extend far beyond traditional infrastructure. Organisations increasingly need to protect a broad mix of workloads, including Microsoft 365, Entra ID, Salesforce, Google Workspace, cloud-native services, and on-premises applications, while maintaining flexibility around data location, compliance, and sovereignty requirements.
A major part of the discussion centred on the role of air-gapped, immutable copies of data. Commvault explained that many customers across the region are looking to establish protected secondary and tertiary copies that sit outside the primary production environment, either in-country or out of country, depending on regulatory approvals and organisational policy. This is particularly relevant for businesses seeking to reduce exposure to ransomware, destructive attacks, or cloud-region outages.
Clean recovery
Another major focus area discussed in the Webinar was the need for clean recovery. Commvault stressed that it is no longer enough to ask whether data can be recovered. The more important question is whether it can be recovered in a clean and trustworthy state. Capabilities such as threat scanning, clean room recovery, and cyber recovery testing become crucial, allowing organisations to validate recovery points and restore systems in a controlled and isolated environment before returning to production.
Hazem Abushaban, Cyber Resilience SME and Sr. Systems Engineer (UAE Enterprise), Commvault, said: “What we are seeing across the region is a strong shift from conventional backup thinking towards true operational resilience. Customers want flexibility, speed, and confidence that their data is not only protected, but recoverable in a clean and controlled way. Air-gapped copies, immutable storage, clean room recovery, and extended protection across cloud, SaaS, and on-premises workloads are now essential.
“The challenge today is not just where data sits, but how quickly and safely organisations can recover it when under pressure. Resilience must now be built as a practical, tested architecture rather than treated as a secondary layer.”
Abushaban also underlined the importance of identity recovery as part of any cyber resilience strategy. If Active Directory or Entra ID is compromised, the wider recovery process becomes significantly harder. Identity protection and recovery, therefore, become a foundational requirement rather than a secondary consideration, particularly for enterprises seeking to restore core services quickly after a cyber incident.
Compliance and sovereignty remain major considerations for many sectors, especially regulated industries and public sector organisations. However, recent events have prompted some businesses to re-examine long-held assumptions around where backup copies can reside and what kind of exceptions may be possible in extraordinary circumstances.
Commvault said its software-defined and storage-agnostic approach is designed to support that flexibility across public cloud, sovereign cloud, national repositories, and on-premises environments.
The wider takeaway from the webinar was clear: cyber resilience in 2026 is no longer just a technical safeguard; it is becoming a core business requirement tied to trust, continuity, and competitive strength. For enterprises across the region, the ability to recover minimum viable operations quickly and cleanly may prove just as important as preventing the breach itself.
Related Articles
Commvault, Delinea to boost protection and resilience against credential-based attacks
Commvault unveils conversational AI, data rooms to advance cyber resilience in region
“Women in technology are building a future where trust fuels innovation and resilience drives progress.” – Lena Halbourian, Commvault