Original source: Helen Yu
This article is an editorial summary and interpretation of that content. The ideas belong to the original authors; the selection and writing are by Streamed.News.
This video from Helen Yu covered a lot of ground. 6 segments stood out as worth your time. Everything below links directly to the timestamp in the original video.
Discover how the fusion of quantum, AI, and classical computing promises both groundbreaking progress and unprecedented cybersecurity challenges, reshaping our technological future.
Quantum, AI, and Classical Computing Form 'Trifecta' Bringing Both Advances and Complex Cyber Threats
The convergence of quantum, artificial intelligence (AI), and classical computing is poised to create a powerful "trifecta" within the next two years, driving significant advancements across fields like chemistry, logistics, and banking. However, this same combination will also introduce a new level of complex cyber threats that organizations must prepare to tackle.
To counter these evolving risks, security expert Michael Fosulo emphasizes the critical need for robust crypto agility frameworks and continuous iteration on security protocols. He highlights the ongoing efforts by bodies like NIST (National Institute of Standards and Technology) in developing post-quantum cryptography standards and stresses that constant communication and collaboration among security leaders are vital to stay ahead of the rapidly changing threat landscape.
"There's certainly an intersection between quantum, AI, and classical computing, creating a trifecta that will provide huge advancement in several key areas and problem spaces like chemistry, logistics, and banking. But indirectly, that same trifecta brings very complex new threats."
Cyber Readiness Focuses on 'Minimum Viability' for Core Business Survival
Organizations should define "minimum viability" (MV) for cyber readiness as the first achievable state where core business functions can operate even if infrastructure is destroyed. Michael Fosulo illustrates this with a hospital analogy, where keeping patients alive is the MV priority during an outage, while less critical functions like patient intake can be handled manually and digitized later.
This framework underscores that MV encompasses not only technology assets but also the people and processes essential for maintaining critical operations. By establishing this foundational level of resilience, companies can prioritize resources to ensure their most vital services can resume quickly, providing a clear roadmap for recovery efforts beyond immediate crisis response.
"MV is that first achievable state in which a company, if it was destroyed, would be able to conduct their core business functions. And for me, I think the easiest way to describe that is like a hospital."
Generative AI Reshapes Cyber Readiness with Dual Impact on Data and Security Teams
Generative AI is transforming cyber readiness strategies by fundamentally refocusing attention on data handling and classification, areas often deprioritized in the past. Michael Fosulo explains that because AI models rely heavily on data for their effectiveness, mishandling or misclassifying data now carries significant risks, including potential information leaks that can erode brand trust and user willingness to engage with AI-powered systems.
While generative AI introduces new vulnerabilities, it simultaneously serves as a powerful enabler for security teams. AI can help security operations center (SOC) teams by cleaning up low-fidelity signals and uncovering complex patterns that human analysts might miss. This dual nature means organizations must embrace AI as both a source of potential threats and a crucial tool for enhancing their defensive capabilities.
"Generative AI has allowed folks to refocus on data as a core component, since data is really powering the effectiveness of these models. It's super important that people look at that as something they are handling and classifying correctly."
Continuous Testing and Validation Crucial for Proving Cyber Readiness
Organizations must move beyond theoretical plans and continuously test and validate their cyber readiness to strengthen response capabilities. Michael Fosulo highlights Commvault's solutions, including "clean room recovery," which provides an isolated environment for safe recovery testing without impacting production systems, and workload transformation capabilities that reduce friction in testing across different cloud platforms like VMware to Azure.
Commvault further offers "recovery ranges" — guided, simulated attack experiences in a live environment, allowing security teams to practice recovery under realistic conditions and build essential muscle memory. The speaker also points to AWS's fault injection tooling as another method for proactively testing system resilience, emphasizing that frequent, practical testing is paramount for effective cyber defense.
"I'm a huge proponent of testing, and I honestly don't think there's a better exercise to really strengthen cyber response. Everyone should be testing as frequently as possible."
Best Practices for Securing Backup Data Against Evolving Cyber Threats
To safeguard backup data and ensure reliable recovery, organizations must adhere to fundamental cybersecurity practices. Michael Fosulo recommends implementing least privilege access, continuous auditing of both virtual and physical controls, and embracing a zero-trust model. Staying current with encryption standards for data at rest and in transit, including new Post-Quantum Cryptography (PQC) implementations, is also crucial as threats evolve.
For highly sensitive data, confidential computing solutions like Nitro Enclaves can protect data even while in use. Essential to this strategy is immutable, air-gapped storage; one Commvault customer successfully recovered all data after their Google Cloud Platform (GCP) subscription was inadvertently deleted, thanks to their Air Gap Protect solution. These layers of defense help protect against both anticipated and unforeseen threats.
"These data repositories should still be least privilege, no access. The accounts that do have access should have auditing on all the time... I subscribe to zero trust, so people should constantly be re-evaluating and frequently auditing permissions and controls."
Cyber Threats Evolve from Data Silos to Quantum Computing Risks
Organizations confront a dynamic range of cyber threats, from present-day vulnerabilities to looming quantum risks. Today's most significant challenges often stem from fragmented data silos and outdated security practices, making data the weakest link that ransomware attackers frequently exploit.
Looking ahead, emerging threats include security weaknesses within newer technologies like MCP servers and agentic protocols, which, despite their novelty, present significant vulnerabilities requiring urgent standardization. Further into the future, quantum computing poses an increasingly urgent concern, with its potential to undermine current encryption methods and create entirely new attack vectors.
"I could probably answer that in three different stages: a today's state, a tomorrow state, and a future state. Today, data is still kind of that weak link, which is why ransomware continues to work. For tomorrow, the security around MCP servers and agentic protocols is relatively weak."
Also mentioned in this video
- Strategies for organizations to improve cyber incident recovery speed and… (3:37)
- The limitations of traditional security frameworks like CIA triad and NIST,… (10:14)
- Readiness assessments and real-world recovery exercises are the only roles in… (23:39)
- The key takeaways (30:40)
Summarised from Helen Yu · 33:27. All credit belongs to the original creators. Streamed.News summarises publicly available video content.
Streamed.News
This publication is generated automatically from YouTube.
Convert your full video library into a digital newspaper.
Get this for your newsroom →
