Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

ResOps and cyber recovery: what IAM teams should rethink


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 9924
Topic starter  

TL;DR: Resilience operations, or ResOps, reframes cyber resilience as evidence-based recoverability rather than tool ownership or uptime targets, according to Commvault. The shift matters because AI-driven complexity, fragmented dependencies, and regulatory pressure are exposing how often organisations can detect incidents without proving clean restoration.

NHIMG editorial — based on content published by Commvault: How Does ResOps Drive the Next Evolution of Enterprise Resilience?

By the numbers:

Questions worth separating out

Q: How should organisations test recovery when identities and dependencies are part of the service path?

A: Test the entire recovery chain, not just the backup artifact.

Q: Why do traditional backup metrics miss the real resilience problem?

A: Traditional metrics such as uptime and RTO measure speed and availability, but not whether restored systems are clean, trusted, and usable.

Q: What should security teams get wrong about zero trust and recovery?

A: Zero trust reduces implicit trust before an incident, but it does not prove the environment can be restored after one.

Practitioner guidance

  • Map identity dependencies into recovery runbooks Document which service accounts, tokens, certificates, and federation paths must exist for each critical service to return cleanly.
  • Measure clean recovery instead of restore speed alone Add metrics that confirm restored data is verified, uncompromised, and usable before cutover.
  • Include identity and secrets teams in resilience governance Make IAM, PAM, NHI, infrastructure, and recovery owners jointly accountable for restoration outcomes.

What's in the full article

Commvault's full article covers the operational detail this post intentionally leaves for the source:

  • The five integrated ResOps functions that the vendor maps to its operating model for protection, detection, validation, and recovery.
  • The vendor's explanation of Mean Time to Clean Recovery and Service Resilience Indicators in the context of cyber recovery.
  • The recovery workflows described for clean restore points, validation, and production cutover.
  • The article's examples of how regulatory expectations such as NIS2 and DORA are being interpreted for resilience evidence.

👉 Read Commvault's analysis of ResOps and enterprise cyber resilience →

ResOps and cyber recovery: what IAM teams should rethink?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 9408
 

ResOps is really a recovery governance model, not a tooling category. The article is right to frame resilience as an operating discipline because resilience failures usually come from coordination gaps, not isolated product failure. For identity practitioners, that means recovery ownership must include who can re-establish access, who can revoke and reissue secrets, and who can prove trust in restored services. The practitioner implication is that recovery governance now sits alongside access governance.

A few things that frame the scale:

  • 91% of former employee tokens remain active after offboarding, leaving organisations vulnerable to potential security breaches, according to The 2025 State of NHIs and Secrets in Cybersecurity.
  • 62% of all secrets are duplicated and stored in multiple locations, causing unnecessary redundancy and increasing the risk of accidental exposure.

A question worth separating out:

Q: Who should be accountable for proving clean recovery across identity and infrastructure?

A: Accountability should sit with the teams that own access, secrets, infrastructure, and recovery operations together. If those functions are separated, recovery can fail in the handoff even when each team believes its own control worked. Clean recovery requires shared ownership of the outcome.

👉 Read our full editorial: ResOps exposes the recovery gap in AI-driven enterprise resilience



   
ReplyQuote
Share: