According to data backup and recovery company HYCU, it's worth a listen, and that data could be exactly what this new age of AI needs. HYCU today released aiR (AI Resilience), a new AI-native capability for the HYCU R-Cloud that uses natural language to query backup data across dozens of applications.
By backing up data regularly, organizations essentially create a time-stamped record of every changed file and who has accessed what. However, accessing that data and getting actionable information is not a simple task.
Against risks like ransomware attacks and natural disasters, historically, the best course for backup admins has been to disperse copies across multiple environments and locations. The 3-2-1 rule, a longstanding data protection strategy, recommends that organizations maintain at least three copies of data, stored on at least two types of media, with at least one copy kept in the cloud. This strategy of spreading out copies physically and digitally has kept data safe, but the divided state of this data has left some organizations in the dark about what they have.
In addition to cloud and on-premises data storage locations, the rise of SaaS applications further splits organizational data, making it difficult to protect and even harder to access.
"All of a sudden the data is really fragmenting, and the problem is that backup and recovery is not keeping pace with the level of fragmentation in the environment," said HYCU founder and CEO Simon Taylor.
As organizations implement AI tools, the backup data stored across environments is more valuable than ever. Not only does AI require clean, quality data to deliver accurate outputs, but that knowledge is also critical to maintaining resilience.
The definition of IT resilience has shifted over the years. Previously, resilient was synonymous with secure and recoverable. Resilient organizations were prepared for a crisis and empowered with the business continuity capabilities to get operations back up and running as soon as possible.
With the rise of agentic AI, risks have moved beyond external disruptions. Now, risks include dozens of ongoing internal, autonomous processes that rely on good information to run correctly.
"Resilience now means knowing what you had, what changed, who changed it, what data was impacted, and recovering immediately," said Taylor.
According to Jason Buffington, founder and principal analyst at Data Protection Matters, HYCU's new tool provides customers with critical information they already have, but would otherwise not be able to access as easily.
Historically, backups have been like life insurance: You use them when you want to recover data.
Simon TaylorFounder and CEO, HYCU
"What HYCU's doing is they're tracking the metadata of who did what," said Buffington, "They're unlocking all this metadata that has always been in their backup products."
Taylor founded HYCU in 2018, targeting backup and recovery for SaaS workloads. The vendor now protects over 100 different workloads across on-prem, cloud and SaaS environments.
Going beyond backup
HYCU aiR turns an organization's backup data into a live intelligence layer that users can search using plain language to discover changes, patterns or anomalies across the IT environment. Because it runs on backup data the organization has already collected, customers don't have to pay to gather data for answers.
"Historically, backups have been like life insurance: You use them when you want to recover data. They're required, but they're not that useful beyond the recovery itself," said Taylor. When speaking with customers, some expressed interest in getting more from their backup data than just saving it for a rainy day or ransomware breach.
Johnny Yu, Research Manager at IDC, agrees that simply having backups on hand doesn't cut it anymore. The data contained in those backups provides valuable insights that organizations are looking for to understand and protect their data.
"As more organizations are treating their backups as a queryable record of what happened inside their applications and not just a static safety copy sitting in cold storage, it's important that data protection tools can inform as well as they protect," said Yu.
Data protection vendors such as Veeam and Rubrik have released tools that provide visibility and monitoring of sensitive data in backups, as more organizations realize the value of the data they already store in their systems.
With aiR, customers can make plain-language requests such as, "Flag every permission change in our Okta environment over the last 90 days," and "Identify which AI agents accessed customer records in the past month." If the data is backed up by HYCU R-Cloud, an agent will surface it.
Yu acknowledged that organizations would benefit from these capabilities but said it seems unlikely that aiR will outright replace tools like DSPM that security teams have already allocated resources for. "Tools that provide data classification, visibility, and monitoring tools are generally the purview of security and not data protection," said Yu.
"Use cases lean more toward bolstering overall compliance and security, so I'd say it's in line with what the CISO's and CIO's goals are," said Yu.
Six new agents added to the roster
HYCU aiR adds six purpose-built agents to the HYCU R-Cloud: Regulated Data and IP, Insider Risk, Configuration Drift, IAM Posture Management, Anomaly Detection, and Agent Governance. These agents can read backup data and target the following types of queries:
Regulated Data and IP searches sensitive data such as personally identifiable information, financial records and intellectual property across protected applications.
Insider Risk looks for unusual access patterns and anomalies in the data.
Configuration Drift compares snapshots over time to identify unauthorized changes to data and settings.
IAM Posture Managementtracks identity drift and violations of access policies.
Anomaly Detection spots unusual data patterns.
Agent Governance monitors AI agent activity across the environment.
Users can also build and publish templates to create their own custom agents that can answer queries specific to the organization.
More than the built-in agents, Buffington thinks what users create with the ability to use natural language could end up shaping the future of the tool and the use cases it solves.
"I'm actually more excited to see what early adopter users and the general community are going to do with this," said Buffington. "Unlocking potential for others to find their own ways to harvest data from it, I think that's going to be the thing that unfolds naturally."
An early access waitlist for aiR is now open. Organizations that join the waitlist enter the early adopter program, where existing HYCU customers are currently testing the capability.
Erin Sullivan is a senior site editor at Informa TechTarget covering data technologies.
