Commvault’s Fady Richmany on cyber resilience in the ‘nonstop confidence’ era

As cyberattacks grow more frequent and complex across the region, Commvault is using GITEX GLOBAL 2025 to spotlight the next frontier in cyber resilience. Fady Richmany, corporate VP and GM for Emerging Markets at Commvault, says the company’s mission this year is to help organisations operate with “nonstop confidence” — even under active threat.

From Cleanroom Recovery and Air Gap Protect to AI-driven threat detection and zero-trust controls, Commvault’s showcase underscores a simple but urgent message: in a higher-risk digital economy, recovery speed and data integrity matter as much as prevention.

In this interview with Gulf Business, Richmany explains how Commvault is redefining business continuity, why resilience has overtaken protection as a boardroom priority, and where the industry is headed next.

What is Commvault showcasing at GITEX GLOBAL?

With rapid digital transformation turning the region into a hotspot for increasingly sophisticated cyber threats, this year, our focus is on empowering organisations with Cleanroom Recovery and advanced cyber resilience, helping to enable nonstop business continuity, rapid recovery, and confident operations even under threat. Visitors to our stand will get hands-on demonstrations of our solutions, for example, Cloud Rewind, designed for faster recovery and business continuity.

We’re also demonstrating our Cleanroom Recovery offering with Air Gap Protect, a truly isolated, on-demand recovery environment that enables secure testing and post-attack analysis. For identity protection, we’ll highlight our Active Directory Recovery capabilities, offering full forest-level restoration to safeguard access controls. And with Clumio for S3, we’re bringing scalable cyber resilience to AWS, protecting vast data lakes, applications, and databases with automated security and rapid recovery.

These technologies are built to support the concept of the minimum viable company (MVC) – helping organisations in the Middle East identify and recover their most critical systems first to resume business operations quickly through AI-driven threat detection, immutable backups, and zero-trust controls. We are also hosting hands-on demos, strategic discussions, and collaborative planning sessions to help partners strengthen their offerings, differentiate their services, and deliver greater long-term value to our joint customers in an evolving threat landscape.

How do you anticipate the security solution market to grow in 2025?

The Middle East and Northern Africa’s cyber security threat landscape has drastically changed in the last year.

Businesses throughout the MENA region continue to rapidly digitalise, however, through 2024, further risks have been brought about by new technologies, while traditional ransomware-as-a-service risks remain due to the economic growth many countries in the region experience.

In Q1 of 2024, the Middle East and Northern Africa (MENA) region experienced a dramatic 183 per cent year-on-year increase in distributed denial-of service (DDoS) attacks, with the main targets being the government and energy sectors. Consequently, both traditional threats and new technologies will remain significant vectors of attack pushing organisations to adopt multi-layered protection and cyber recovery strategies.

This is why data protection has become such a priority for business leaders in the Middle East. In 2025, 40 per cent ranked it as their top concern. This is where our cloud-first innovations like Cleanroom Recovery, Clumio Backtrack, and Cloud Rewind can be transformative solutions. They are designed to not only help companies rapidly recover data and infrastructure but be able to test their recovery plans.

By what percentage are ransomware attacks growing in the Middle East?

Ransomware is escalating rapidly across the Middle East and has evolved into a greater threat to business continuity, critical infrastructure, and public trust.

Between 2020 and 2024, ransom demands surged from an average of $700,000 to as high as $8–9m. In one notable case, a GCC financial institution was paralysed for 11 days, with customer access blocked and recovery delayed for weeks, even after a multimillion-dollar ransom was paid.

By 2025, the Middle East and Africa accounted for approximately 6 per cent of global ransomware incidents, though the actual figure may be higher due to underreporting and limited response infrastructure. Threat actors remain highly active in the region, while ransomware-as-a-service models are expanding into sectors including healthcare, education, and manufacturing.

Financial services are among the most targeted, representing 2121 per cent of cybersecurity incidents in the UAE alone. Yet, the country also reports one of the lowest ransomware rates globally, with fewer than five incidents per 10,000 workloads in H1 2025. Globally, healthcare was the most attacked sector in Q1 2025, accounting for26 per cent of reported cases.

To counter this evolving threat, organisations must prioritise proactive patching, immutable backups, and frequent cyber recovery testing during good times to help ensure enterprises are prepared for the bad times.

How can businesses build resilience without paying ransoms?

True cyber resilience begins with the recognition that no system or network is completely immune to attack. What matters is the ability to keep critical operations running during a cyber incident and to recover quickly afterward. This is a concept simply known as Minimum Viability. It is the practice of identifying which systems, identity services, networks and people are considered as critical to business operation. Once these are identified, they should be prioritised when under an attack, so that the business can continue to operate until full restoration is achieved.

This is why data protection has become such a priority for business leaders in the Middle East. In 2025, 40 per cent ranked it as their top concern, well above the global average. The global ransomware protection market, valued at nearly $30bn, is also expected to double by 2029, which reflects how urgently businesses and governments are investing in defenses.

Smaller businesses remain the most vulnerable, representing almost 80 per cent of global ransomware victims in 2025 and nearly half of all cases in the UAE. These organizations often lack the resources of larger enterprises and leave critical gaps in their defenses.

Even with a clear understanding of the risks, many leaders still see ransom payments as a last resort. A Commvault survey of UK business leaders in 2025 showed that while nearly all supported a ban on private-sector ransom payments, three in four admitted they would still pay a ransom if it meant saving their company. This gap between principle and practice reinforces the importance of readiness and recovery planning. Businesses that invest in resilience will be far less likely to face the impossible choice of paying criminals or shutting down.

Without disclosure laws, how can firms stay transparent with stakeholders?

Transparency is first and foremost about trust. Even without formal disclosure laws, organisations that communicate openly with customers, partners, and regulators build trust with these stakeholders to become integral technology partners, enabling critical partnership in a crisis.

Cyber resilience depends on preparation. A ransomware event cannot be the first time IT, Security, Legal, and other teams work together. With CrowdStrike estimating an 84-minute window before data is exfiltrated or destroyed, firms need rehearsed response plans that include asset mapping, drills, and clear shutdown procedures. The first step would be to rapidly contain the issue, while also moving quickly to secure the systems you have identified as your minimum viable company (MVC), the core systems and infrastructure needed in order for the business to operate, even at half restoration.  Then, assess the damage by quickly assessing what data was exposed, what contractual or regulatory obligations apply, and then begin to utilise a clean, isolated recovery environment, all the while checking that your backup data has not been corrupted.

Throughout this process, communication must be immediate and structured. Employees, customers, and regulators all expect timely, clear updates that explain impact and remediation steps. In the Middle East, where 73 per cent of executives cite customer trust as the top driver of cybersecurity investment, openness is not only good governance, but also a competitive advantage. Extending transparency beyond incidents through regular publication of threat intelligence and independent audit results reinforces that security is treated as a board-level priority and that stakeholder trust is central to long-term growth.

What technologies help businesses face threats without compromise?

The prevalence of cyber activity in today’s digital world has meant that stopping every attack is no longer realistic. Global cybercrime costs are projected to reach $13.82tn by 2028, which makes resilience the real priority. Businesses need to ensure rapid recovery and maintain operational continuity even when compromise occurs.

AI is playing a pivotal role in this shift. On one hand, it lowers the barrier for cybercriminals by enabling phishing, deepfakes, and reconnaissance at scale. On the other, when applied responsibly, it strengthens defenses. Modern data protection platforms now combine AI-driven threat detection, immutable storage, and cleanroom recovery environments so that when ransomware strikes, critical data can be restored quickly and securely without reinfection.

Commvault brings these capabilities together through air-gapped backups, zero-trust access controls, and automated cleanroom recovery. Our Cleanroom Recovery solution provides an isolated environment in the cloud to safely test, validate, and restore clean data, while AI-enabled Cleanpoint Validation can help pinpoint the last clean recovery point. This helps ensure critical systems can be brought back online with speed and integrity.

As well as this, once a breach or a bad actors has been isolated, a Cleanroom can allow key activities that make a solid recovery protocol to take place, such as forensic analysis and rapid containment and recovery.  With this, recovery plans are fortified and strengthened.

However, with the increased sophistication of cyber-attacks and incidents, standard recovery protocols might not be enough. This is because these protocols rely on the assumption that backup data is clean, while it may be corrupted, adding excessive time to recovery attempts. This is why businesses need to approach their recovery process methodically and cautiously, following strict guidelines, that vendors like Commvault help to educate and guide businesses and IT teams on, that consider rapid containment of the issue, ensuring a clean foundation to recover from, data validation and a systematic and safe recovery.

What are your plans to help stabilise the ransom attacks?

At Commvault, our goal is to shift the balance of power away from attackers and back to businesses. For us, stabilizing the impact of ransomware means doing our part to help ensure organisations are equipped to withstand incidents and recover with speed and confidence.

To achieve this, we apply a multilayered security framework built on zero trust principles and aligned with the National Institute of Standards and Technology Cybersecurity Framework. This approach covers the full lifecycle of risk management by helping organisations identify vulnerabilities, protect data, monitor threats, respond to attacks, and recover quickly. Ransomware protection is a central part of this effort. By delivering infrastructure that is designed to offer immutable and indelible storage, we help organisations defend against ransomware and zero-day threats, and help ensure that critical data cannot be deleted, encrypted, or altered.

This advanced protection is powered by the Commvault Cloud, powered by Metallic AI, which provides unified data resilience across on-premises, cloud, and SaaS applications. The platform simplifies visibility and control, and leverages AI to automate processes such as threat prediction, anomaly detection, and clean backup validation. Within Commvault Cloud, Cleanroom Recovery offers an isolated recovery environment to test and restore data safely, while Autonomous Recovery can help accelerate recovery times with forensic analysis, continuous replication, and automated failover. Cloud Rewind, meanwhile, enables businesses to go beyond restoring data to rapidly rewinding and rebuilding dynamic, distributed cloud applications after outages or attacks. Together, these capabilities give enterprises the confidence to face ransomware without compromise, keep operations running, and protect the trust of their stakeholders.

As well as the technology behind the effort to fight ransomware, awareness of how to deal with and respond to these attacks is equally important. Introducing regular tabletop simulation exercises into organisations’ recovery training, testing and planning protocols is a great way to understand the severity of an incident and define roles and responsibilities during crisis management.

At Commvault, we help introduce our customers to these practices with our Minutes to Meltdown and Cyber Recovery Range sessions, where we simulate a live ransomware attack to give those in attendance a clearer understanding of how quickly you must react to an ongoing crisis.

By adopting these solutions, what percentage of attacks can be prevented?

No cybersecurity strategy can guarantee the prevention of every ransomware attack. Threat actors are constantly developing new techniques, which makes complete protection unrealistic. What can be achieved, however, is the ability remain in a state of continuous business if an attack is successful.

By layering key capabilities (like immutable backups, air gapped copies, and Active Directory forest-level recovery) with AI-driven anomaly detection, the likelihood of rapidly recovering from a successful attack can be significantly increased.

What we at Commvault do is we take this a step further by focusing on cyber resilience. Even if an attacker penetrates the perimeter, our Cleanroom Recovery, Autonomous Recovery, and Cloud Rewind technologies offer layered support to help customers restore data and cloud applications, minimize downtime, and continue operations safely. This combination can help businesses prevent complete business failure from occurring and turn ransomware into a risk that can be managed and limited rather than an existential threat.

What are some of the best practices that businesses in the UAE should adopt to manage cybersecurity for their data/ brand?

The prevalence of cyber activity in today’s digital world has meant that stopping every attack is no longer realistic.

Commvault recently ran a consumer survey in UAE which revealed that while 71 per cent of respondents believe businesses are doing enough to protect, secure, and recover data after a breach, 44 per cent would consider no longer doing business with an organisation if it suffered an attack. Half of those who disagreed cited the challenge of protecting data scattered across multiple cloud environments. These results underline how quickly trust can be lost following an incident and reinforce the urgency for enterprises to strengthen cyber resilience and recovery readiness.

AI is playing a pivotal role in this shift. On one hand, it lowers the barrier for cybercriminals by enabling phishing, deepfakes, and reconnaissance at scale. On the other, when applied responsibly, it strengthens defenses. Modern data protection platforms now combine AI-driven threat detection, immutable storage, and cleanroom recovery environments so that when ransomware strikes, critical data can be restored quickly and securely without reinfection.

Commvault brings these capabilities together through air-gapped backups, zero-trust access controls, and automated cleanroom recovery. Our Cleanroom Recovery solution provides an isolated environment in the cloud to safely test, validate, and restore clean data, while AI-enabled Cleanpoint Validation can help pinpoint the last clean recovery point. This helps organisations to bring critical systems back online with speed and integrity. Once a compromised entity has been isolated, a cleanroom can allow key activities that make a solid recovery protocol to take place, such as forensic analysis and rapid containment and recovery. With this, recovery plans can be fortified and strengthened.

However, with the increased sophistication of cyber-attacks and incidents, standard recovery protocols might not be enough. That’s because these protocols rely on the assumption that backup data is clean, while it may be corrupted, adding excessive time to recovery attempts. This is why businesses need to approach their recovery process methodically and cautiously following strict guidelines. Vendors like Commvault help to educate and guide businesses and IT teams on, that consider rapid containment of the issue, ensuring a clean foundation to recover from, data validation and a systematic and safe recovery.

What are your plans for the upcoming months?

First, I’ll say that partnerships have been a key part of our success in FY25. For example, we strengthened our collaborations across hyperscalers including Microsoft, AWS, and Google. We also deepened our alliances with leading technology and security partners such as Pure Storage, CrowdStrike, BeyondTrust, and DataBricks.

In FY26, we will continue to build on this momentum – expanding efforts to protect AI data stored with leading cloud partners and doubling down with cloud marketplaces to make it easy as possible for customers to transact based on their specific needs. These alliances have positioned us as a trusted leader in data security and resilience. Our global strategy continues to focus on evolving the industry’s best partner ecosystem to help customers advance cyber resilience.

In parallel, we will scale our awareness and readiness programs. This focus on awareness is a major driver of our growth and credibility. Introducing regular tabletop simulation exercises into organisations’ recovery training, testing, and planning protocols is a great way to understand the severity of an incident and define roles and responsibilities during crisis management.

At Commvault, we help introduce our customers to these practices with our Minutes to Meltdown and Cyber Recovery Range sessions, where we simulate a live ransomware attack to give those in attendance a clearer understanding of how quickly you must react to an ongoing crisis. These initiatives continue to help organisations of all sizes understand their true cyber posture and close the gaps before it is too late.

How do you anticipate the industry to grow in the next few months?

The industry is entering a pivotal phase of accelerated growth, driven by the convergence of AI, cloud, and the urgent need for cyber resilience. These technologies have transformed how we operate, but they’ve also introduced unprecedented complexity and risk. Cyber resilience has now become the ultimate measure of business survival in a digital-first world. We’re seeing this reflected in the data: in Asia, data volumes grew by 31 per cent in 2023 and surged to 40 per cent in 2024, while 63 per cent of organisations now operate across multi-cloud or hybrid infrastructures (SODR Asia 2025).

As digital adoption deepens across sectors, the UAE is steadily strengthening its role in the regional technology environment, laying a strong foundation for future growth ever-evolving cyber security landscape. Yet, this rapid digital progress brings with it an increasing exposure to cyber threats which demands smarter, faster, and more secure recovery strategies.

At Commvault, we’ve embraced this shift. Cyber resilience has become a boardroom priority, with organizations doubling down on preparedness to ensure continuity in the face of growing threats.