AIonOS and Singapore-based Perpetuuiti Technosoft Services PTE Ltd. recently launched the world’s first certified Business Continuity Management (BCM) AI Agent, leveraging the strengths of AIonOS’s Agentic AI platform and Perpetuuiti’s enterprise resilience expertise. At the launch event, Rohil Sharma, Co-Founder and CEO of Perpetuuiti, spoke to Tech Achieve Media and discussed the growing significance of resiliency and disaster recovery in today’s digital landscape. Sharma emphasized how resiliency extends beyond organizational functionality to become a cornerstone of national security, highlighting its role in safeguarding critical infrastructure, ensuring operational continuity, and maintaining competitive advantage amidst rising global uncertainties.
From regulatory mandates like the Digital Operational Resilience Act (DORA) to real-world success stories in automated disaster recovery, Sharma shared insights on why organizations must prioritize resiliency as a strategic imperative. Drawing on over 14 years of expertise and a proven track record, Rohil Sharma adds that Perpetuuiti’s solutions demonstrate the transformative potential of automation and AI in addressing complex challenges while building trust with regulators and customers alike.
TAM: Yesterday we were speaking about Generative AI, today it’s agentic AI and tomorrow it will be a new technology altogether. Which is the right technology for organisations to invest in?
Rohil Sharma: If I had to put it simply, we’re not just talking about AI here. What we’re really discussing is how you make your AI work effectively. This is about resiliency, which is also a critical national security issue. You get what I’m saying, right? There’s an old Chinese proverb: “death by a thousand cuts.” I don’t need to go to war with a country to defeat it. By systematically disrupting its organizations, the cumulative losses can bring a nation to its knees. That’s why resiliency is crucial—not just in how we work but in how we sustain ourselves.
Now, regarding your question about trust—this is precisely why certification matters. For example, we subjected our AI system, Susan, to the same rigorous exam humans take. It’s a two-and-a-half-hour test with 120 challenging, thought-provoking questions. The best human score globally is 97. Susan scored 116 in just 15 minutes.
Here’s the beauty of AI: machines don’t make mistakes—they get smarter with more data. This was Susan’s first attempt, and it will only improve over time. That’s why you can trust it. But if a bot isn’t certified, how can you trust it? You shouldn’t, and that’s where the CIO’s role becomes vital—to evaluate and ensure you’re adopting the right products.
Take Saudi Telecom as an example. They conducted a proof-of-value test with 14 global vendors over one and a half years. Ultimately, they gave us their endorsement in writing, stating ours was the only product that worked. Every customer we’ve had for 14 years is still with us. That speaks volumes about the value they see in our solutions. Customers stay because they not only use the product but see continuous improvement in AI’s capabilities over time.
However, let me stress again—this isn’t just about technology. It’s a national security issue. Resiliency is a strategic necessity for organizations, not just a compliance checkbox. Consider regulations like DORA (Digital Operational Resilience Act), which impose severe penalties—2% to 7% of global revenue, personal fines of up to half a million pounds, and even prison time for responsible executives. Governments worldwide—be it the United States, UK, Singapore, or Australia—have already classified data centers as critical national security assets.
If you don’t invest in the right technology now, you risk becoming a cautionary tale. Look at cases like HDFC or Kodak Bank, where regulatory bodies stopped them from onboarding customers for months. Meanwhile, competitors like ICICI Bank capitalized on the opportunity, increasing their credit card business by 83%. Resiliency is not just about recovery; it’s about maintaining competitive advantage. Without it, your organization faces multi-dimensional risks.
TAM: While we are on the topic of compliance, we’d like to discuss the DPDP Law. Don’t you think these laws are counterproductive to AI and its true potential?
Rohil Sharma: You’re absolutely right that having more data is critical, but that primarily applies to consumer-facing applications or products. For instance, if I want to predict what shirt color you’ll wear, what you’ll buy, and when you’ll buy it, having more data enables better predictions.
However, in an enterprise setting, it’s a different story. Which bank gives you unrestricted access to its data? None, because compliance regulations prevent that. This is where enterprise AI becomes essential.
Take our experience as an example. Last year, we conducted over 100,000 automated drills. To reach that milestone, we likely performed close to 300,000 drills overall. In disaster recovery, what truly matters isn’t what you’re doing but what you’re not doing. Missing a single critical action can bring down an entire organization. That’s the hard-earned insight we bring to the table from over 14 years of experience. You can trust us because we’ve been doing this successfully for a long time.
TAM: Could you tell us a little more about these automated drills? What were some of the learnings from these drills?
Rohil Sharma: For example, consider the largest bank in India. As per RBI compliance, banks must conduct drills every quarter and submit detailed reports. RBI’s approach has become so stringent that during these drills, they may step in, replace one individual mid-process, and bring in another. This ensures the system isn’t reliant on specific people—because if it is, it’s bound to fail.
Think about it: in a real disaster, if the key person is unavailable, the system won’t function. RBI’s intent is clear—they want resilience and reliability independent of human intervention.
Previously, these drills involved hundreds of people. Take the Bombay Stock Exchange, for instance. Switching over from one data center to another used to take over eight hours, requiring more than 100 personnel. Today, with automation, this entire process takes less than 15 minutes with just one person clicking a button.
The ROI is evident: you save on manpower, planning, and reduce the likelihood of human error. Mistakes during drills might be manageable, but in real scenarios, a single error could bring down the entire business. That’s where we come in. We ensure that what’s been tested and proven works flawlessly, without mistakes, when it matters most.
This gives organizations the confidence to press the “red button” in critical situations, knowing the system will perform as expected.
What lessons have we learned from thousands of drills? These are part of our intellectual property. For instance, let’s talk about patch management. Say you have 10,000 servers and only apply a patch to the primary system but not the disaster recovery (DR) system. If a disaster strikes, the DR system won’t work.
We’ve addressed these challenges. For example, APSA, covering 12 African countries for Barclays, uses our product for patch management. We ensure patches are applied consistently across production and DR environments, following best practices and within stipulated timeframes. This entire process is automated.
Moreover, we’ve embedded this extensive knowledge into our product, powered by agentic AI. The system now proactively alerts users, saying, “This is what needs to be done.” It eliminates human error and ensures consistent performance.
TAM: Do we have any use cases that we can talk about as far as AIonOS and Perpetuuiti’s BCM Agent is concerned?
Rohil Sharma: Consider one of the largest airlines. During the CrowdStrike incident, they faced a significant outage because their systems were entirely reliant on Microsoft. This raises a critical question: how do you address such vulnerabilities?
It’s not about preventing these incidents entirely—because you can’t. Today it’s one issue; tomorrow, it will be something else. The real challenge lies in preparing for the unknown. When something happens, how do you respond? How quickly can you recover?
We’re working with them to ensure two key things:
- Learn from past mistakes and make sure they don’t happen again.
- Recover swiftly when a new issue arises, without descending into chaos.
Let’s move to another example—hotels. Have you ever been unable to check in due to system failures? Or tried using a payment machine, like a SeaPass, only to find it’s not working? The queue grows longer, and frustration sets in.
Buying or checking in is often an emotional, in-the-moment decision. When delays occur, the experience turns sour, and customers may walk away. This is where rapid recovery becomes crucial. For instance, applications that previously took over four hours to recover can now be restored in 15 minutes or less. While we don’t want to overpromise, we’ve seen an approximate 80% reduction in recovery time and a 95% reduction in the reliance on human intervention. Crisis management isn’t your team’s core job. Yet, in emergencies, they’re often pulled away from their actual responsibilities. By automating these processes, we ensure smoother, faster recovery and allow your team to focus on what truly matters.
TAM: Is there any resistance amongst organisations in adopting Agentic AI?
Rohil Sharma: What I often hear from customers – especially banks, not just in India but globally – is that our solution seems like the eighth wonder of the world. It feels too good to be true. They often say, “We want to see this in action because it doesn’t seem possible.” But once they see it, they realize the value. Today, we are market leaders across the Middle East, Africa, and Asia-Pacific. We’ve also partnered globally with Dell. Think about it – why would a company like Dell partner with us? It’s because they see the value we bring and recognize the significant gap in the market that we address.
This is not an easy market to operate in – it’s like walking into fire. You can’t commit to a solution and then fail, especially when organizations like RBI or SEBI are your customers. These regulators demand proven reliability, and there’s no room for error. For instance, SEBI uses our product. You can’t fool compliance teams like theirs – they’ve already tested it thoroughly. Once customers see the solution in action, they trust it and adopt it.
We’ve rarely lost a customer. Financial constraints might delay a purchase, but once they experience our product, they don’t turn to anything else. That’s because, globally, it’s the most comprehensive solution available today. Over the past 14 years, we’ve built this product with immense dedication. To be transparent, our customers have collectively invested over $100 million into our development. That level of investment from customers themselves should instill confidence – it’s a testament to the trust and value they see in what we offer.
