Exclusive: AI drives new cyber threats & resilience strategies in APJ

Techday NZ

2 days ago

There is both opportunity and risk, as artificial intelligence (AI) is adopted at enterprises across the region, according to Ben Young, Field CTO for APJ at Veeam.
He also sees businesses are under pressure not only to adopt new technologies but also to shore up their defences as adversarial groups increasingly harness the same innovations for malicious purposes.
"Every single vertical can benefit from some form of AI adoption," Young asserts. "But it's a double-edged sword. Just as we're trying to innovate, the threat groups-cyber adversaries-are leveraging AI as well." He points to the growing accessibility of AI-powered toolkits that lower the bar for launching attacks: "There are tools you can buy for a few hundred USD a month as a subscription, and they allow non-experts to write malware or deploy very convincing phishing campaigns. Large language models can push spear phishing click-through rates from industry averages of 12% up to 54%."
This sharp escalation in the sophistication and volume of threats comes at a pivotal time when organisations are also accelerating their AI strategies.
Veeam, which originally established its brand in backup and disaster recovery, is rapidly expanding its portfolio to address an evolving landscape, protecting hybrid environments, SaaS platforms, and even providing storage for backup workloads. Young notes that the company's partnerships, especially with Microsoft on Azure, have enabled it to offer backup-as-a-service while leveraging global economies of scale-critically, with "no egress and no API transaction fees." However, he's quick to add that adaptability is part of its core: "It's on the roadmap for other clouds to run these things, because not everyone's an Azure shop."
The broadening definition of business resilience now brings backup and security disciplines much closer together. 90% of cyber attacks focus on backup repositories, which has resulted in disaster recovery and cybersecurity being intertwined. "Backups are the last resort, and threat actors know it. If they take out your backups, your only options are to pay the ransom and hope for the best," Young explains. Veeam's acquisition of CoveWare, an incident response firm, enables the direct integration of real-world telemetry and threat intelligence into Veeam's product development and customer education initiatives.
Changing regulations are also playing a critical part. The recently enacted Japanese cyber defence bill mandates the reporting of ransomware incidents and the development of regular response plans. Young applauds this direction, noting, "It's critical we talk about incidents-otherwise these are not board-level discussions and security teams struggle for budget."
He points out that cyber extortion is no longer a niche risk. Financial institutions and public sector organisations, in particular, are contending with increasingly sophisticated AI-enabled attacks while balancing compliance, governance, and privacy regulations across diverse national boundaries.
The surge in 'shadow IT'-where departments launch unsanctioned SaaS, AI applications or cloud projects-presents new blind spots. "We're seeing lots of little shadow IT projects, especially as people rush to experiment with AI. When that gets to production, who is looking after that system? It's the same shadow IT problem we've seen for years, now amplified by the ease of consuming AI services," Young says.
This requires a step change in visibility. Veeam is responding by mapping and analysing customers' data footprints and building automated support, monitoring, and reporting features through its observability platform. The company's AI-powered 'Veeam Intelligence Engine' is designed to suggest remediations, generate code samples, and flag risks in natural language-"making support and reporting far more accessible," says Young.
The complexity of emerging architectures compounds the challenge of AI adoption. "We're really good at protecting databases and webservers because we know what they are and how to back them up. But with the introduction of vector databases, AI agents, and model training checkpoints, we need new strategies," Young explains. The potential cost and risk of a failed AI project, such as losing weeks of model training due to corrupted data, is prompting enterprises to consider backup and recovery for infrastructure previously outside the IT remit. "Agents are going to be central to the future, especially with more reliable, reflective AI systems. The good news is, most of these platforms run on environments-Kubernetes, cloud infrastructure-that we already protect."
Young identifies security lapses as a persistent oversight in the current rush to implement AI: "It's the shiny new thing, and the basics can be forgotten. If we can get people thinking about security as part of their DNA while deploying AI, they'll be better off." He cautions that most SaaS providers operate a shared responsibility model: "Microsoft or Salesforce take care of the platform, not your data. If it's deleted from the cloud, it's gone-vendors won't provide a full backup. Your data is your responsibility."
Against this backdrop, keeping pace with threats requires organisation-wide preparation. Veeam's customer workshops and regular incident simulations demonstrate a commitment to education as a proactive defence. "Preparation is the key: practice and plan. Use your tools, test your backups, scan for vulnerabilities, and have a response plan. Yara signature rules, for example, can be imported to scan for specific attack strains in backup archives," Young says, emphasising the importance of practical readiness over theoretical robustness.
Young notes that Veeam's AI and resilience roadmap is anchored in five pillars: infrastructure resilience, intelligence, security pre- and post-attack, and business value extraction from archived data. The company's long-standing data integration API, for instance, enables the surfacing of unstructured data, ranging from images to documents, for AI applications, analytics, or compliance. "AI applications require fuel, and that fuel is data. Unlocking value from our organisations means thinking beyond expensive, monolithic data lakes, and instead focusing on the ability to extract insight from all data sources, structured or not."
"Our role is to assist with growing compliance, governance, and regulatory requirements, but also to bring responsible, opt-in AI features to our customers and to help make data protection, cybersecurity, and digital transformation board-level priorities," Young concludes.
"It's critical we talk about incidents-it raises awareness across all organisations. If we don't, it's not going to be a board-level discussion, and teams will struggle to get budget for this stuff."