Melbourne, Australia – 3 March 2026 – Commvault, a leader in unified resilience at enterprise scale, has concluded its flagship SHIFT event in Melbourne, reinforcing the message that as AI adoption accelerates across Australia and New Zealand, organisations must strengthen identity protection and validate recovery capabilities as foundational elements of cyber resilience.

The event convened enterprise, government and channel leaders to examine the growing complexity of protecting, governing and recovering data across hybrid and multi-cloud environments amid expanding AI use and heightened regulatory oversight.

Research from Gartner indicates that by 2027, 40 per cent of AI data breaches will be linked to the improper use of generative AI across borders. At the same time, compromised credentials continue to represent one of the most common initial attack vectors in ransomware incidents, underscoring the need to treat identity security as a core resilience discipline.

“The AI era is not simply increasing risk — it is reshaping it,” said Martin Creighan, Vice President, Asia Pacific, Commvault. “Organisations are scaling intelligence, automation and access at unprecedented speed. Identity integrity and validated recovery are no longer optional safeguards — they are operational imperatives.”

Identity Resilience as Critical Infrastructure

Throughout SHIFT Melbourne, speakers and panellists emphasised that identity has become critical infrastructure in increasingly autonomous digital environments.

Gartner estimates that by 2026, more than 80 per cent of enterprises will have deployed generative AI-enabled applications or APIs. Each deployment introduces new privileged access pathways to sensitive data and systems.

During discussions, leaders explored how AI-driven automation amplifies identity exposure and accelerates the potential for disruption across complex cloud estates. In large-scale transformation programs, organisations may deploy thousands of AI agents, each requiring system and data access comparable to human users — significantly expanding governance and security requirements.

The consensus across the forum was clear: digital risk is now systemic rather than episodic, and identity governance must evolve accordingly.

Recovery Validation Under Increasing Scrutiny

SHIFT Melbourne also addressed the evolving expectations around recoverability. As ransomware actors increasingly target backup systems and AI initiatives depend on trusted production data, recovery capability is moving from a technical control to a board-level accountability.

Commvault demonstrated its Synthetic Recovery capabilities, designed to create clean, production-like environments for recovery testing, incident response and AI development without exposing sensitive information.

Through its interactive “Minutes to Meltdown” ransomware simulation, participants were immersed in a live cyber crisis scenario, testing decision-making under pressure. A dedicated Cyber Resilience Workshop further challenged attendees to evaluate whether their existing recovery strategies would withstand modern attack techniques.

The forum was supported by ecosystem partners including Amazon Web Services, ExaGrid, Hitachi Vantara, Hewlett Packard Enterprise, Kyndryl, Pure Storage and Wasabi Technologies, reflecting the coordinated approach required to deliver resilience at scale.

“AI is reshaping not just customer environments, but the role of the channel,” said Jo Dean, Vice President, Channel and Alliances, APAC, Commvault. “Partners are evolving into resilience advisors, helping organisations simplify complexity across cloud, data and identity while ensuring recoverability and trust remain intact.”

As regulatory scrutiny intensifies and digital ecosystems expand, organisations are increasingly expected to demonstrate operational continuity — not simply document preventative controls.

By bringing together cross-sector leaders and ecosystem partners in a forward-looking dialogue, SHIFT Melbourne reinforced that in the AI-powered decade ahead, resilience must be measurable, validated and built around identity integrity and clean recovery.