Commvault has announced a cyber resilience simulation that allows organizations to practice their response to AI-driven cyberattacks.
In the exercise, called “Minutes to Recovery,” participants take on the roles of attacker, defender, and recovery specialist. The goal is to test not only security but also organizations’ actual recovery capabilities under time pressure.
According to Commvault, the exercises address a trend in which the time between the discovery of a vulnerability and its first exploitation is becoming increasingly shorter. The company cites research suggesting that by 2025, this period will have shrunk to an average of 29 minutes, leaving organizations with less time to respond adequately.
Three phases
The simulation consists of three consecutive scenarios. In the first phase, participants assume the role of an attacker. They use generative AI and other so-called frontier AI tools to launch a cyberattack. The aim is to provide insight into how AI can, among other things, personalize phishing campaigns and scale up attacks more quickly.
Next, the focus shifts to defense. IT and security teams must make decisions under time pressure regarding detection and incident response, while dealing with limited information and conflicting priorities.
The final phase focuses on recovery. Participants must restore systems and data to a verifiably clean state without reintroducing the original attack. This places the emphasis on recovery, a topic that, according to many security vendors, is becoming increasingly important as attacks grow more sophisticated.
Measurable recovery time
Upon completion, organizations receive a benchmark based on the so-called Mean Time to Clean Recovery (MTCR). This metric is intended to provide insight into the time required to return to a secure operational environment in a controlled manner following a cyber incident. Commvault positions the benchmark as a practical indicator of recovery readiness, based on performance during the simulation rather than solely on existing contingency plans.
The vendor states that organizations are increasingly required to demonstrate their cyber resilience. According to Commvault, this is shifting the focus from simply having recovery plans to being able to prove that recovery is actually feasible even under high pressure.
Also available through partners
“Minutes to Recovery” is available worldwide in six languages and is offered as an in-person session. A full simulation lasts approximately two hours.
Commvault also makes the exercise available through its partner network. Kyndryl, among others, will be deploying the simulation for its customers. According to the company, a hands-on exercise helps organizations identify weaknesses in their incident response and recovery processes before an actual cyber incident occurs.