AI is shrinking attack windows, and it’s forcing a complete rethink of cyber resilience – here’s how organizations can prepare
Commvault has urged companies to improve their business continuity and resilience plans in the face of flaws spotted by AI
The rapid rise of flaw-spotting AI means companies need to bolster resilience plans to avoid becoming victims.
That's according to Commvault, which pointed to two key changes in security. Notably, advanced models are spotting a huge number of vulnerabilities — notably with the rise of frontier models like Anthropic Mythos and OpenAI's GPT-5.5 Cyber.
This increased level of automation is enabling threat actors to take advantage of exploits near-instantly, researchers warned. That collapse in the remediation window means resilience is no longer part of recovery, but an "operating requirement".
“AI models will continue to evolve that accelerate remediation timelines and require a new approach to readiness,” said Bill O’Connell, chief security officer (CSO) at Commvault.
O’Connell noted that resilience operations (ResOps) are now vital and an area that cannot be overlooked by IT leaders.
"ResOps gives organizations a way to continuously validate readiness, advance clean recoveries, restore systems with confidence, and build resilience into the way they operate."
CrowdStrike said earlier this year that AI is speeding up the pace of attacks, while Forescout said enterprises should be ready for an explosion in vulnerabilities. All of that means companies need to do more than simply patch in order to stay secure.
"Frontier models change the economics of vulnerability discovery. AI models will reveal exploitable vulnerabilities at such a fast pace, remediation programs must evolve,” said Nick Patience, VP and AI Practice Lead, Futurum Group.
"While a rigorous patching strategy remains critical, the key now is also making sure readiness, resilience, and clean recoveries are top priorities."
Cyber resilience in the AI era
To help enterprises stay ahead amid these challenges, Commvault recommended four key steps to set up a resilience operations framework, ensuring they can maintain business continuity through an attack, outage or AI driven disruption.
Risk evaluation
The first step is to evaluate the recovery risks, with IT and security assessing how well their current plans will hold up against faster flaw spotting and exploitation cycles caused by AI.
Commvault advised looking beyond backups and asking "harder questions", such as whether critical systems can be restored cleanly and if recovery environments are isolated from compromised production systems.
Similarly, IT and security teams are advised to ensure recovery plans have been mapped to key dependencies.
Isolation is key
After that audit, Commvault said the second step was to isolate recovery to ensure critical data remains secure and backed up to support remediation efforts.
"Maintain immutable, isolated copies of critical data and workloads, separated from production identity, network, and management planes," the company advised.
"These copies help provide a clean fallback when patching or when remediation cannot keep pace."
Beyond that, enterprises should assume that recovery time objectives set before the advent of AI will no longer hold true, and reconsider them against new attack scenarios.
Identify priorities
The third step is to prioritize any systems that are business critical, identifying those that are required for the business to function, be it identity platforms, billing systems, or cloud services.
Then, set out which order they should be recovered. Don't forget to include new dependencies such as data pipelines, model repositories, and agentic workflows.
Automation can bridge gaps
Lastly, organizations should automate where they can, according to Commvault. This could include automated threat scanning or recovery orchestration and restoration.
Regular testing of recovery plans is also critical, the company noted, which can be supported through automation. This is a vital area, researchers warned, largely due to the pace of change brought about by AI.
"Organizations that embrace this four-step process will be better suited to take advantage of rapidly evolving AI models while also mitigating the risks,” Patience added.
FOLLOW US ON SOCIAL MEDIA
Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.
You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.
-
Cato Networks opens new London hub in regional R&D driveNews The new R&D site aims to capitalize on the UK’s tech ecosystem to drive AI and security innovation
-
Ransomware group profits are rising faster than FTSE 350 firmsNews Sophisticated infrastructure allows servers, leak sites, and negotiation portals to be quickly rebuilt after disruption
-
Wasabi ramps up EMEA channel push with focus on cyber resilienceNews The cloud storage vendor is expanding partner tools and integrations as AI-driven data growth and ransomware threats continue to rise
-
Why cyber resilience isn’t just a defence mechanism: How to create a secure foundation for innovation, tooSponsored Investing in a solid enterprise system that incorporates security by design lets you ensure business continuity while encouraging innovation at pace
-
UK government calls on firms to sign Cyber Resilience Pledge as security sector boomsNews With new figures showing a boom in the country's cybersecurity sector, the government calling on businesses to make the most of the industry’s expertise
-
Google says AI is now being used to build zero-days – and we just narrowly avoided a 'mass exploitation event'News Google cyber researchers think they’ve found the first AI-generated zero-day exploit
-
Anthropic targets vulnerability detection gains with Claude Security public beta — here's what users can expectNews The Claude Mythos developer is aiming for a more limited approach to cyber tooling for public consumption
-
Researchers warn millions of RDP and VNC servers are wide open to exploitationNews Researchers at Forescout spotted millions of RDP and VNC servers exposed online
-
UK firms left in the dark over what workers are sharing with AINews Security teams can’t keep track of what workers are sharing with AI applications, regardless of whether they’re approved or unauthorized
