Cyber resilience has become a strategic priority for organizations in a context marked by the massive adoption of artificial intelligence, the complexity of multicloud environments and the increase in automated threats. This was one of the main conclusions of SHIFT Madrid 2026, Commvault’s reference event, which brought together IT, security, cloud and data management professionals in Madrid to analyze current challenges and new strategies to protect business continuity.
The event started with a reflection by Commvault’s Country Manager for Iberia, Sergio López Chicheri, who placed artificial intelligence at the center of the debate: “We experience AI as spectators, as users, as victims and as protagonists. We are actively participating in a technological revolution that is going to change everything,” said the manager. In this context, he highlighted that business resilience can no longer be considered solely a technical issue: “resilience is a strategic business decision.”
From passive security to operational cyber resilience
During her speech, Anna Griffin, Chief Marketing Officer of Commvault, analyzed the evolution of the threat landscape and the impact of artificial intelligence on business security. “The question is no longer whether your organization will suffer an incident. The question is whether it will be prepared to recover and how long it will take to do so,” he said.
Griffin explained that traditional passive security models are becoming obsolete in the face of increasingly automated and sophisticated attacks. In fact, nearly half of companies consider AI-powered attack chains to be the top threat in the ransomware space.
Faced with this new scenario, the board presented the ResOps concept, an operating model that integrates cybersecurity, identity resilience, data protection and recovery capabilities in a continuous resilience approach.
A unified platform for multicloud resilience
One of the key moments of the event was the presentation of Commvault Cloud Unity, a platform designed to deliver unified resilience at scale in hybrid and multicloud environments.
David Sanz, Senior Director Sales Engineering Europe South & LATAM at Commvault, explained that the exponential growth of data driven by artificial intelligence is increasing the complexity of technological environments. “Three out of four Spanish companies already operate in hybrid or multicloud environments. Commvault Cloud Unity is our answer to help organizations navigate this complexity,” he noted.
The platform integrates security by design, advanced anomaly detection capabilities and identity protection, one of the most critical attack vectors today. According to the manager, 70% of breaches in the cloud will be related to poorly managed non-human identities. He also indicated that, as of today, there are already more than 24 billion compromised identities circulating on the dark web. Commvault Cloud Unity incorporates anomaly detection and real-time active directory auditing to stay ahead of these attacks.
BBVA, AWS and Commvault: a real success story in big banking
The presentation of the success story starring BBVA, Amazon Web Services (AWS) and Commvault was another highlight of the day. Here it was explained how the collaboration between the three companies has allowed us to build a resilient data-oriented cloud architecture.
BBVA shared its experience in migrating its technological infrastructure to AWS and its commitment to becoming a data-driven organization, with the aim of taking advantage of the potential of artificial intelligence to improve internal productivity, risk analysis and customer relationships. “Commvault’s Clumio solution has allowed us to significantly improve the efficiency of our operations by unifying the different backup solutions in a single tool. In addition, we have managed to multiply the speed of copy recovery approximately fourfold, something key for us,” commented Luis Antonio Méndez Cristóbal, Public Cloud AWS Team Lead at BBVA Holding Architecture.
Among the main challenges addressed in this process are the management of multicloud and multisite environments, as well as the need for solutions capable of scaling both in functionality and costs. Thanks to the adoption of Commvault solutions, the entity has managed to significantly improve recovery times, complying with regulations and ensuring the immutability of data.
Data sovereignty, a global challenge
In the “The Vision of Our Leaders” panel, Commvault executives such as Anna Griffin, Richard Gadd, César Cid de Rivera, Jamie Farrelly and Mauro Palmigiani analyzed the major challenges organizations face in terms of data protection.
During the discussion, Richard Gadd, Senior Vice President EMEA at Commvault, highlighted that data sovereignty has become a growing concern for businesses and governments around the world. “Today more than ever, data sovereignty is a real concern for organizations around the world,” he said.
For his part, César Cid de Rivera, Chief Customer Officer EMEA, addressed the concept of ResOps from the customer’s perspective: the need to close the gap between security and IT, and to unify not only security, identity and resilience, but also on-premise and cloud environments under the same operational logic.
Griffin complemented this vision with a resounding conclusion: “We have unified resilience and that gives us a new message and a new goal that I think is really important, both for Commvault and for our customers. “True resilience needs to be able to scale, it needs to protect identities, and it needs to recover cleanly and quickly, across different clouds.”
Experts agreed that modern resilience must be able to protect data, identities and operations in distributed environments, while ensuring regulatory compliance and incident recovery capacity.
Also notable was the presentation by Mauro Palmigiani, Corporate Vice President for Latin America and Southern Europe at Commvault, who highlighted the similarities between the markets on both sides of the ocean and specified that Commvault has more than 1,000 clients on both continents.
The challenges of the CISO
Another of the most notable moments of the day brought together several CISOs from important organizations, who began by listing their main fears, from the drop in service to the constant fear of suffering an attack, to the difficulty of retaining talent in the area of security.
Various conclusions were drawn from the talk, such as that the digital transformation of the public sector is now a strategic necessity. Administrations often work on consolidated technological infrastructures that are difficult to modify, but events such as the pandemic demonstrated that public services must be able to operate in a digital and resilient way. In this context, cybersecurity takes on a central role, since any failure or attack can have a significant social and institutional impact and affect citizens’ trust in institutions.
Another key message was that today’s security is increasingly focused on identity and access management. Therefore, the importance of strengthening access controls, sharing threat information between the public and private sectors and adopting preventive strategies that reduce the attack surface was highlighted.
Finally, CISOs agree that technology alone is not enough: the human factor is decisive. Creating a security culture within organizations, training users and clearly explaining the risks is essential for protection measures to be effective. The need to promote technological talent and encourage vocations from an early age was also mentioned, including greater diversity in the sector, to be able to face the challenges of security and digitalization in the future.
The value of technological alliances
The event also highlighted the key role of collaboration between technology companies to build solid cyber resilience strategies. Something that was already advanced by Jamie Farrelly, VP Channel Sales, at Commvault, who emphasized the importance of a strong ecosystem of partners and alliances to support the client.
In the “Innovation that drives resilience” panel, representatives from Everpure, HPE and Lenovo analyzed how the integration of their solutions with the Commvault platform allows them to offer organizations an effective response to increasingly sophisticated threats.
The experts agreed that business resilience requires a joint vision between infrastructures, cloud platforms and data protection tools. “Cyber resilience is a team game,” was one of the conclusions shared during the debate.
ResOps: the evolution of business continuity
Ricardo J. Garrido, Principal Security Technologist at Commvault, closed the technical block with a session on ResOps as a natural evolution of business continuity. Garrido emphasized the need to protect identities, which have become the gateway and one of the main vectors of attack on organizations. In line with the central message of the event, the specialist stressed that cyber resilience requires a continuous, non-reactive operational approach that integrates security, recovery and identity in a single management model. He also highlighted the importance of cooperation between teams – infrastructure and security – within the same organization in order to ensure the appropriate response to an attack.
The day concluded with an idea shared by all participants: cyber resilience can no longer be limited to the technological field. In an environment where artificial intelligence accelerates innovation and amplifies risks, organizations must take a comprehensive approach that combines technology, strategy and collaboration.
