Richard Cassidy CISO, Rubrik

Cybersecurity and data protection specialist Rubrik has entrenched itself as a reliable ally in “digital trench warfare”, representing the last line of defence in an ever-evolving threat landscape, a time of assumed breaches and mission-critical backups. The company has witnessed significant changes in IT security over the years, says James Hughes, Vice President, Systems Engineering & Enterprise CTO at Rubrik. The most significant change has been the intense focus on fault tolerance.

Hughes explains that in the past, organisations were so used to doing backups, it had become routine for businesses to do the backup, write to hardware, then to tape, then have it collected and placed into a data bunker.

Fast forward to 2025, and the prevalence of ransomware has changed the game.

“Everything is fault-tolerant now. It means that when your primary system is encrypted, that encryption is replicated and goes to your secondary site. What you perceived as your ‘get out of jail’ is now encrypted too and so you’ve lost your position,” Hughes says.

He points out that relying on a legacy backup system only exacerbates the problem because ransomware encrypts the backup system and the software on the backup system. If all these interoperable systems are compromised, Hughes adds, and the organisation is effectively locked out, it will then have to retrieve the data bunker and rely on tape – an arduous, time-consuming process.

Hughes says in 2024, the world spent between $220bn and $250bn on preventative measures designed to stop any threats from bypassing security.

“Yet there have never been more successful attacks, more high-profile attacks and more ransoms paid,” he adds, underlining that these payments also encourage actors and heighten threats.

James Hughes Vice President, Systems Engineering & Enterprise CTO, Rubrik.

The vast number of applications that many businesses use also makes them a bigger target.

Rubrik has fine-tuned its architecture to help organisations improve their cyber resilience and help even the score.

“In order to achieve cyber resiliency, you need to know what your critical applications are. So, within Rubrik, you can tell the platform what your critical applications are and that allows you to simulate recoveries, so if you had to do a major recovery, you would know what it would look like and how long it would take. But in order to do a major recovery, you’ve got to know that the data is clean.”

Rubrik continually scans data with its own research and threat labs. “We are also using Mandiant, which means every backup gets scanned against well over a million indicators of compromise.”

Ultimately, the way data your data is protected must be completely immutable, says Hughes. “We call this a bunker in a box, so if your data is with Rubrik, it can never be overwritten. It doesn’t rely on any other security mechanism, and we must always be 100% able to guarantee your recovery position.”

Rubrik is sure of its value proposition and places a $10mn warranty on it. “If you can’t recover your data with Rubrik, we’re in the fight with you,” concludes Hughes.

www.rubrik.com