Organisations must rethink cyber resilience as frontier AI compresses the time between vulnerability discovery and exploitation, according to Commvault, which is urging enterprises to adopt a four-step operational framework to remain secure in an increasingly autonomous threat landscape.
Commvault warns that advanced AI models such as Mythos and GPT-5.5-Cyber are fundamentally reshaping cyber risk. These systems can identify vulnerabilities at unprecedented speed while enabling near-instant exploitation.
Research from Palo Alto Networks indicates AI-driven security tools can uncover more than seven times the typical number of vulnerabilities within a single month of testing, dramatically increasing exposure volumes. At the same time, the window between disclosure and attack has shrunk from weeks to minutes.
“Frontier models change the economics of vulnerability discovery. AI models will reveal exploitable vulnerabilities at such a fast pace, remediation programmes must evolve,” said Nick Patience, VP and AI practice lead at Futurum Group.
From recovery to resilience operations
Commvault argues that resilience can no longer be treated as a post-incident recovery function but must become a continuous operational capability. The company’s proposed four-step approach focuses on preparedness, isolation, prioritisation, and automation.
First, organisations are advised to evaluate recovery risks beyond basic backup availability, including whether systems can be restored cleanly and whether dependencies are fully mapped. Second, isolated recovery environments and air-gapped data should become standard practice to ensure a secure fallback when remediation cannot keep pace.
Third, enterprises must identify “minimum viable company” systems—critical platforms such as identity infrastructure, billing systems, and operational databases—and prioritise their recovery. Increasingly, this also includes AI-specific assets such as data pipelines, model repositories, and agentic workflows.
Finally, Commvault stresses the need to automate resilience processes and continuously test recovery plans in cleanroom environments to ensure readiness under real-world attack conditions.
Industry momentum builds
The emphasis on continuous resilience aligns with broader industry trends. According to IBM’s Cost of a Data Breach Report 2025, the global average cost of a breach reached US$4.45 million, with prolonged recovery times significantly increasing financial impact.
Meanwhile, Gartner has highlighted the growing importance of resilience-focused strategies, noting that organisations adopting continuous exposure and recovery validation can significantly reduce breach impact and downtime.
Operationalising resilience at scale
Commvault positions its Resilience Operations (ResOps) model as the mechanism to embed these principles into daily operations. The approach emphasises continuous testing, validated recovery readiness, and protection across both production and recovery environments.
“AI models will continue to evolve… requiring a new approach to readiness,” said Bill O’Connell, chief security officer at Commvault. “ResOps gives organisations a way to continuously validate readiness, advance clean recoveries, and restore systems with confidence.”
For enterprises navigating the frontier AI era, the message is clear: resilience is no longer a contingency plan—it is a core operational discipline.
