Intelligent CIO Middle East Issue 113 | Page 48

CIO OPINION
AI has changed how business operate. In giving the world a powerful productivity tool, it is simultaneously created a difficult problem, how to prove something as true when anything can be fabricated at a moment’ s notice?
How can authorised users gain access to data while keeping unwanted actors out – all while ensuring the technology complies with the myriad of regulations from states and countries? The key is finding a singular source, or Ministry, of Truth. For businesses, that source is data resiliency.
As a result, organisations must now consider the resiliency of their data to ensure that they can manage AI risks and opportunities while staying compliant. Here, two key pillars of data resilience will come into play: data freedom and data backup.
Data Freedom
Every bank and financial institution that falls under DORA is going to have to renegotiate Service Level Agreement with existing and new third-party partners.
With disparate regulations, data freedom becomes more challenging. Data freedom lets you move and store data wherever it is needed – and is critical for businesses. You need to find a way to let everyone in who needs to get in, while keeping security in mind.
Data Freedom supports AI initiatives by ensuring that the right data is available, in the right location, as sources for Artificial Intelligence and Machine Learning activities, many of which utilise cloudbased services, or require access to a wide range of data sets.
But this does not mean that compliance should be an afterthought. For financial services organisations to achieve compliance with DORA and secure their third parties, they will need to dedicate around-theclock attention. It is not a one-and-done deal, it will be a reiterative and continual process to achieve compliance consistently across all providers.
That is if they want to avoid the chaos that 11,000 Starbucks stores dealt with when their third-party cloud provider was taken out by a ransomware attack last winter.
Ministry of Truth = Data Resiliency
“ As this new frontier of AI continues to proliferate and improve, it will be the onus of businesses and individuals to prove their word against that of AI. Immutable, timestamped data backups are the only way to validate truthful information, and hence safeguard an organisation’ s integrity,” says Dave Russell, SVP and Head of Strategy, Veeam.
Giving access to corporate data but protecting your company’ s most valuable assets is key. Much of security these days is about assuming reasonable risk. That is, what can we accept while maintaining safety standards – and AI is set to change this. Regulations suggest that what was a reasonable effort in the past may not be a reasonable effort in the future. Trying to secure data to ensure only authorised users can access it will place more pressure on security teams.
Data Backup
With it being so easy to create deepfakes or falsify information, and it is worrisome for businesses because AI has made it harder to discern truth from fiction. That is why data resiliency – in the form of immutable backups – is now the only Ministry of Truth for AI.
Without data backup, there would be no way to prove the business took appropriate preventative measures to recover from attacks. After all, it is not a case of if they will be impacted but when. p
48 INTELLIGENTCIO MIDDLE EAST www. intelligentcio. com