As enterprises accelerate AI adoption, questions around value realisation, trust, and cyber resilience are becoming central to boardroom discussions. While AI promises speed and scale, its real impact depends on where and how it is applied, and on the strength of the data and governance foundations beneath it. In an in-depth interaction with Tech Achieve Media, Balaji Rao, Area Vice President, India & SAARC, Commvault, shares his perspective on why selective AI deployment delivers stronger outcomes, how human judgment remains critical in risk and recovery decisions, and why cyber resilience has evolved into a core business and leadership priority in an era of intelligent threats.
TAM: AI is often positioned as a universal solution, yet many enterprises struggle with value realisation. From your vantage point, why does AI deliver the greatest impact when applied selectively rather than deployed everywhere at once?
Balaji Rao: AI delivers its greatest impact when it is applied with intent and anchored to moments that matter most to the business. Value emerges when AI intelligence reduces uncertainty during high-risk decisions or when it helps to reduce the workload for IT teams.
From our vantage point, the strongest results appear in areas such as cyber resilience and recovery, where organisations must quickly determine which data is clean, which systems are safe, and how fast operations can be restored especially across complex SaaS and multi-cloud environments where data sprawl increases risk and decision latency.
This perspective guides how Commvault integrates AI across its portfolio. Capabilities such as ThreatWise, Cleanroom Recovery, Cloud Rewind, and Conversational AI embed intelligence directly into the recovery lifecycle. These capabilities operate across cloud, SaaS, and multi-cloud workloads through a unified control plane, ensuring AI decisions are based on consistent, trusted data rather than siloed views. The focus remains on early threat detection, automated data integrity validation, and clean recovery. These functions help organisations respond decisively during cyber incidents, replacing manual assessments and fragmented signals with trusted insights. We have consistently reinforced that in an environment shaped by intelligent threats, recovery capability defines enterprise continuity.
Enterprises that realise sustained value from AI prioritise outcomes over scale. Clear use cases such as clean recovery, resilience testing, and threat validation allow AI to deliver measurable results. Broad deployment without strong data foundations often adds complexity and risk. A selective approach enables organisations to move beyond experimentation and achieve durable value as AI becomes integral to digital operations.
TAM: When AI is applied without context, decision-making risks becoming automated but not necessarily intelligent. In domains like risk, governance, and cyber judgment, why does human intelligence still play an irreplaceable role alongside AI?
Balaji Rao: As automation spreads across cloud, data, and security operations, the central challenge is keeping decisions anchored in context. AI processes large volumes of signals and identifies patterns quickly, yet risk, governance, and cyber response demand an understanding of business impact, regulatory exposure, and operational interdependencies. These factors sit beyond pure computation and require human judgment.
Effective organisations establish a deliberate balance between machine intelligence and human oversight. Unified visibility across environments through Cloud Unity supports informed decision-making, while governed data environments such as Data Rooms ensure AI operates on trusted, policy-controlled information. Identity resilience and clean recovery validation further strengthen this framework by confirming which users, systems, and data can be safely restored after an incident.
AI contributes speed, consistency, and scale, while people provide accountability, oversight and intent. During recovery, leaders determine restoration priorities, timing, and sequencing based on risk tolerance and business continuity needs. As AI assumes greater autonomy, human intelligence becomes even more critical to keep decisions explainable, controlled, and aligned to enterprise priorities. When human judgment defines direction and AI accelerates execution within clear guardrails, organisations achieve resilience that enables continuity and confidence at decisive points of operation.
TAM: You’ve often spoken about the importance of getting the fundamentals right. Why must data readiness, resilience, and governance come before AI adoption, rather than being treated as downstream fixes once AI is deployed?
Balaji Rao: Data readiness, resilience, and governance must come before AI adoption because AI operates at scale on the foundations, enterprises establish today. When data integrity is uncertain, recovery paths are unclear, or governance is fragmented, AI might add another level of complexity and risk rather than insight. Establishing these fundamentals early ensures that intelligence is applied on trusted, verifiable information and within clear operational boundaries.
Across enterprises, many AI initiatives struggle because foundational readiness is treated as a downstream activity. Models are trained before data is validated, automation is introduced before recovery is tested, and governance is applied after deployment. This is especially visible in SaaS and multi-cloud environments, where data sprawl and shared responsibility models increase complexity. Cloud Unity addresses this by unifying governance, protection, and recovery across SaaS, cloud, and on-prem workloads from a single platform.
Resilience and governance also provide accountability. Knowing where data resides, who can access it, and how systems can be restored allows organisations to apply AI with confidence, particularly in regulated environments where proof matters as much as performance. Clean recovery, governed data access for AI and data integrity in general become prerequisites for scale. Identity resilience further strengthens this foundation by ensuring access and authentication services are recoverable alongside data.
Enterprises that build these foundations first are better positioned to move from experimentation to responsible AI adoption, where intelligence enhances decision-making without compromising trust, continuity, or compliance.
TAM: In an era of AI-driven cyber threats, recovery is no longer just a technical milestone. How is the enterprise mindset shifting from ‘can we restore?’ to the more critical question of ‘can we trust what we restore?’
Balaji Rao: As cyber threats become faster, smarter, and increasingly AI-driven, recovery has taken on a very different meaning for enterprises. Bringing systems back online is no longer enough – leaders now need confidence that what they restore is clean, safe, and ready to run the business.
Attackers now target backups, corrupt recovery points, and hide in data long before detection. Restoring quickly without validation can reintroduce risk and trigger repeat incidents, which is why trust has become central to recovery decisions.
Commvault addresses this challenge through innovations designed to make recovery verifiable and reliable. Cloud Rewind enables organizations to roll back cloud environments to a known clean state, while Clumio extends the same assurance to cloud-native and SaaS workloads. ThreatWise AI adds another layer by detecting deception-based threats early and identifying compromised data before recovery begins.
And the latest innovation Synthetic Recovery helps to solve a dilemma in the aftermatch of successful cyberattacks : recover their last known clean backup that may be weeks old – and risk losing significant amounts of “good” data, or utilize the most recent backup – and risk restoring compromised data. Neither option is optimal. With Synthetic Recovery, that dilemma comes to an end. This transformative capability, built with patent-pending technology, uses an AI-enabled process to automatically detect threats and surgically remove them during recovery while keeping the “good” data intact. Customers can then make the most complete recovery possible. All these capabilities are unified through Cloud Unity, ensuring recovery, security, and governance operate together rather than in silos.
Together, these capabilities allow enterprises to recover with confidence rather than speed alone. Recovery becomes a business decision backed by proof, not an act of faith, and resilience becomes something leaders can trust under pressure. Over the next phase of cyber resilience, enterprises will measure success less by how fast systems come back and more by how confidently they can resume operations. Recovery will become a continuous capability, tested, validated, and trusted long before an incident occurs. Organizations that build for that future will move faster under pressure, make better decisions in crisis, and turn resilience into a foundation for growth rather than a response to disruption.
TAM: As attack surfaces expand and threats become more intelligent, how should organisations rethink cyber resilience, not as an IT or security function, but as a core business and leadership priority?
Balaji Rao: The expansion of digital operations has turned cyber risk into a direct business risk. Disruption today impacts revenue, customer trust, regulatory exposure, and brand credibility, which is why resilience can no longer sit solely within IT or security teams. Resilience now belongs to the leadership level, where decisions about downtime tolerance, recovery priorities, and data trust are made. When disruption occurs, the real question leaders face is whether the business can continue operating, serving customers, and meeting obligations – not simply whether systems can be restored.
From Commvault’s perspective, this shift is visible in how organisations are designing for recovery-first operations. This is reflected in ResOps, Commvault’s resilience operations approach that unifies cyber recovery, identity resilience, and data security into a continuous, automated system designed to keep the business running. Capabilities like Minimum Viable Company (MVC) recovery, clean recovery, and continuous resilience testing are being aligned to business priorities rather than infrastructure boundaries. This approach helps leaders focus on what must come back first to keep the business running, even under pressure.
Enterprises that treat resilience as a leadership-owned capability, with clear ownership, tested recovery plans, and measurable outcomes, move through disruption with greater confidence and emerge stronger in an increasingly hostile digital environment.
TAM: Looking ahead, how will conversational intelligence change the way leaders and boards engage with cyber resilience, turning it into an ongoing, outcome-driven dialogue rather than a periodic technical report?
Balaji Rao: Leaders today make resilience decisions continuously, often in moments where speed and clarity matter most. Traditional reports and dashboards were designed for periodic reviews, not for ongoing engagement at the pace modern businesses operate. Natural language interaction is changing that dynamic. Conversational resilience allows leaders to ask simple, everyday questions and receive clear, actionable answers grounded in policy and context. Plain-language prompts are translated into governed, auditable actions, reducing friction and bringing resilience into everyday decision-making rather than static reporting.
Commvault’s approach to conversational intelligence enables secure, role-based interactions with resilience systems, where every action is logged, governed, and aligned to enterprise policies. This creates a shared language between technology teams and leadership, allowing boards to engage with resilience as a living business capability rather than a periodic technical exercise.
Resilience becomes stronger when leaders can interact with it as easily as they discuss risk, growth, or strategy. Continuous dialogue replaces episodic updates, and confidence replaces uncertainty. When resilience is embedded into everyday leadership conversations, it stops being a reaction to crises and becomes a capability that actively supports decision-making, growth, and long-term stability.
