Month: June 2026

A new term is taking hold in medium and large enterprises – ResOps, short for Resilience Operations. We didn’t come up with it, but we wish we had – because it’s one of those concepts that just makes sense.

ResOps describes a shift that has been happening for a few years now. Resilience is moving from something you plan, to something that is an integral part of how an organisation runs – every day. In the same way that DevOps shifted software releases from big, periodic, high-stakes events into a flow of incremental pushes delivering continuous improvements, ResOps is set to be a game-changer for the way businesses approach Disaster Recovery (DR) and Business Continuity Planning (BCP).

The idea is sound, and it matters. But most of what has been written about ResOps so far stops at the strategy. It tells you resilience should be a continuous operating model, a board-level priority, a culture that breaks down silos between IT, security, and the business. All true. But, none of it tells you how you actually start to make the move to continuous resilience. How can you begin to test your ability to recover – every day, and actually prove it works.

That operational layer is where ResOps either works or quietly fails. It is also where Predatar has been building for years.

What ResOps actually means

Strip away the vendor framing and ResOps comes down to a simple proposition. Disruption is no longer an exceptional event to be planned for. It is a normal operating condition to be managed. Ransomware, outages, cloud complexity, and now AI agents acting on your data at machine speed mean that something will go wrong, and the question that matters is not whether you have a plan, but whether your critical services can keep running, or be restored cleanly, within a pre-defined timeframe the business can tolerate.

This reframes the central question of recovery. For two decades the metrics that mattered were RTO and RPO: how fast can we restore?, and how much data might we lose?. ResOps asks harder questions. When you restore, are you restoring something clean, trusted, and actually usable?, or are you reintroducing the very problem you were trying to recover from? A growing number of teams now track Mean Time to Clean Recovery (MTCR), not just recovery time – precisely because a fast restore of compromised data is not a recovery at all.

That is the real test of ResOps. Not the strategy deck. The clean restore, under pressure, proven in advance.

The gap between the idea and the operation

The reality is that most organisations already believe they can recover. Backups are running. Immutability is in place. The plan is documented. And yet recoveries still fail – often – and expensively, when they are needed most.

There are three reasons, and ResOps as currently described by most vendors does not fully address any of them.

First, recoverability is assumed rather than proven. Backups complete successfully and everyone moves on. But a successful backup is not a successful recovery. The only way to know a system will come back is to actually bring it back and test it, continuously, not once a year in a tabletop exercise or DR test.

Second, malware is already inside the backups. Immutability protects a copy from being changed; it does nothing to verify that copy was clean when it was written. In practice, dormant ransomware and other threats sit in backup data waiting to be restored. Predatar has found previously undetected malware in the backups of more than 90% of its customers, organisations that in most cases had strong, best-in-class security tools in place. Anomaly detection alone does not catch this. You have to recover the workload, scan it properly, and verify it.

Third, real infrastructure is fragmented. Most enterprises run several backup and storage platforms, and the resilience tooling offered by each vendor only validates that vendor’s own data. Veeam’s testing covers Veeam workloads. Cohesity covers Cohesity, Rubrik’s covers Rubrik, Etc. A ResOps model that only works on one vendor’s stack is not operational resilience. It is a partial view that leaves blind spots that can be exploited.

How Predatar operationalises ResOps

Predatar exists to close the gap between believing you can recover and proving it. The approach rests on three things the broader ResOps conversation talks around but rarely operationalises.

Continuous, pre-emptive recovery testing. Instead of waiting for an incident, Predatar automatically and repeatedly restores backups and primary snapshots into an isolated environment and tests whether those systems come back clean and usable. This runs at scale, without manual effort, so that when a crisis hits you already know what recovers and what does not. Continuous validation stops being a phrase in a strategy document and becomes a daily, measurable operation.

Clean recovery, not just detection. Where most tools stop at flagging an anomaly, Predatar goes further. It restores the suspect workload, runs a full malware scan to confirm whether an infection is real, and where necessary cleans the workload before it is ever returned to production. This is the difference between knowing something might be wrong and being able to recover something you know is right. It is the operational meaning of the ‘clean’ in clean recovery.

Vendor-agnostic by design. Predatar’s CleanRoom works across Veeam, Rubrik, Cohesity, IBM Storage Protect, IBM Defender DataProtect, IBM FlashSystem, Pure Storage, and Zerto validating both backups and primary snapshots from one central place under a single subscription. Fragmented storage does not have to mean fragmented resilience. For a ResOps model to be real, it has to span the estate you actually run, not the one a single vendor wishes you ran.

Resilience operations you can start on Monday

There is a perception that resilience operations are an enterprise-scale, capital-heavy undertaking, the kind of thing tied to large hardware estates and big upfront investment. That perception is the single biggest barrier to adoption, and it is no longer true.

Predatar’s CleanRoom is delivered as a virtual appliance that deploys into infrastructure you already have. More than 70% of customers stand it up using existing resources, with no new hardware. The most successful teams do not try to operationalise everything at once. They start with a minimum viable business service, a critical application or a key set of workloads, prove recovery there, and expand. That is what makes ResOps an operation rather than a project: it is something you begin now and run continuously, not a transformation you wait a year to fund.

The point of ResOps

The industry is right that resilience needs to become an operation. Where the current conversation falls short is in treating it as primarily a matter of strategy, culture, and organisational alignment. Those things matter, but they do not restore a single system. Resilience is not proven in a framework. It is proven in a clean, complete, timely restore, on the worst day, across whatever mix of platforms you actually run.

That is the part Predatar has spent years building, and it is the part that turns ResOps from a good idea into something you can rely on.

Learn more about ResOps here:
What is ResOps? & ResOps FAQS

Take the first steps towards making ResOps a reailty.

Predatar delivers continuous, automated recovery assurance across multi-vendor storage and backup environments. Book a demo or contact our friendly team of experts.

Why Verticom’s partnership with Predatar is changing the game for customers.

For some businesses, an hour offline is inconvenient. For most of Verticom’s customers, it‘s the difference between a normal day and a catastrophe. The Finnish IT provider has spent more than 30 years looking after the kind of environments where systems simply cannot stop — production lines, business-critical infrastructure – the systems a company runs on, not just the ones it merely uses.

So, it will come as no big surprise that Verticom has joined forces with Predatar, the Recovery Assurance leaders, to help them move from backing up data to proving it can be recovered, as a direct response to what their customers now expect.

We sat down with Verticom’s CEO, Tiia Pohjanlehto to talk about why backup alone no longer cuts it – and what changes when you can actually prove recovery works.

---

Tiia Pohjanlehto
Chief Executive Officer.
Verticom.

---

Let’s start with your customers. Who relies on Verticom, and what do they have in common?

They range from small and mid-sized companies all the way up to large organisations, but they share one thing: their IT is business-critical. Many of them run production environments where downtime just isn’t an option – if something goes down, recovery has to be fast and effective, not improvised. That’s why we run 24/7 monitoring and on-call services. When the stakes are that high, “we’ll look at it in the morning” isn’t an answer.

Finland isn’t short of IT providers. What makes Verticom different?

We focus on making IT actually work in real life – not just on paper. Our whole strategy is built on staying close to our customers and being genuinely flexible, rather than forcing everyone into the same template. We tailor what we do to what a customer actually needs, and we build long-term relationships off the back of that. We’re a family-owned business with over 30 years managing critical environments, from hardware support to backup architecture and infrastructure design. That history matters – you can’t fake three decades of running systems that can’t fail.

You’ve said that “backup alone is no longer enough.” What do you mean by that?

The uncomfortable truth in our industry is that backups exist, but recovery is often uncertain. A backup job can report success every single night and still let you down on the day you actually need it. For years, the whole industry has been measuring the wrong thing – whether the backup ran, not whether you can get your business back. Our customers have started to feel that gap too. They no longer want to be told “the backups are in place.” They want proof that recovery works. That’s where Predatar comes in.

What does Predatar actually change for you?

It closes exactly that gap. Predatar continuously tests recovery and validates that data can actually be restored – quickly and cleanly, when it’s needed – instead of us assuming it will be. So, we move from hoping to knowing. For a customer who can’t afford downtime, that shift from assumption to evidence is everything.

Did you look at other tools before choosing Predatar?

We did. But most traditional tools are still focused on backup success rather than recovery. Predatar stood out because it’s built specifically to validate recoverability across different environments – and because it’s a European solution, which matters more and more to our customers when it comes to where their data and tooling sit.

How does this fit into where Verticom is heading?

Our vision is to be a true one-stop partner — taking responsibility for the whole IT infrastructure, from hardware through to virtual environments, security and continuous operations. Predatar fits that exactly. It lets us extend from “we manage your backups” to “we can prove your recovery.” That’s a meaningful step toward owning operational resilience for our customers, not just a piece of it.

On a personal level, what excites you most about the partnership?

It removes the guesswork. Instead of assuming things work, we can show it – clearly, and continuously – with a solution that’s both credible and European. There’s something genuinely satisfying about being able to look a customer in the eye and demonstrate it, rather than simply reassure them.

Where do you want this partnership to go?

Over the next year, we want to deepen the partnership, bring the solution to more of our customers, and establish ourselves as the leading Predatar partner in Finland. Longer term, the goal is bigger: we want continuous recovery validation to become a standard part of how IT is run – not a premium add-on, just the way things are done.

---

The message from Verticom is a simple one, and it reflects how the conversation around resilience is shifting. Having a backup is no longer the achievement. Being able to prove you can recover from it is.

For a company whose customers can’t afford downtime, confidence isn’t a nice-to-have. It’s everything.

---

If you are ready to find an IT services provider that you can trust to take ownership of your operational resilience – look no further than Verticom.

Visit www.verticom.fi

No one likes a know-it-all, but we’re not here to make friends. We’re here to make organisations resilient. To make sure they’re prepared for what’s coming, and to make sure they can recover quickly when they need to.

So, that’s why we don’t mind saying it:
We told you so.

As long ago as 2020, we were telling businesses that they needed to be ready for a data breach. That cyber security alone wasn’t enough. That a breach was inevitable. That they needed to shift from a defensive strategy to a resilience one.

More specifically, we’ve been telling them they need to prove they can recover their critical systems before they find themselves trying to do it for the first time in the middle of a crisis.

And, of course, it’s not only us that has been saying it. This is a point of view shared by many industry experts and analysts.

The big question is: Has anyone been listening?

While lots of organisations have taken notice — which is evident from the increasing number of them subscribing to Predatar’s Recovery Assurance platform — the reality is that far too many have chosen to keep their heads in the sand.

Until now.

What’s changed?

It’s not entirely true that Claude Mythos, the latest AI model from Anthropic, hasn’t changed anything. It is shining a huge and unignorable spotlight on the inevitability of data breaches. If you’re not familiar with Mythos, or its alarming potential in the wrong hands, you can learn more here.

Mythos is being discussed in almost every boardroom around the world. If you work in an IT, business continuity, operational resilience, or cyber security department, get ready for some tricky questions coming your way soon. Questions like:

What does Mythos mean for our business?
What are we doing about it?
Are we ready for a breach?

… but do you have the answers?

Patch faster?

The clearest recommendation from Anthropic is: patch faster, and treat CVE-related dependency updates as urgent – highlighting how Mythos-class models can be used defensively to identify and remediate vulnerabilities before hackers do.

If software manufacturers and IT teams continue to use current approaches for patch creation and deployment, they simply won’t keep up with the speed of the AI-powered vulnerability exploits that are coming down the tracks. That’s why the concept of patching at machine-speed is gathering popularity – an approach where AI and automation are deployed to dramatically close the patching window.

While this type of defensive approach will soon be essential, it’s a bit like AI-powered whack-a-mole. If faster patching is your only answer to the Mythos questions, you’re in trouble.

The unavoidable truth

Organisations simply can’t hide from the facts anymore. It isn’t possible to defend against every threat. The ability to execute a rapid, rock-solid recovery is essential.

Don’t be misled by Service Level Agreements (SLAs), untested Recovery Time Objectives (RTOs), or recovery guarantees from your suppliers and technology vendors. The only way to be certain that you can execute a fast, clean, successful recovery is to test it – to actually recover your critical systems and check that they are safe…

Not once a year.
Not once a month.
Every day!

Recovery Assurance with Predatar

Predatar’s Recovery Assurance platform puts AI and automation to work to continually validate that the critical systems your business relies on can be recovered quickly, cleanly, and completely — even if the data they are built on lives across fragmented, multi-vendor storage and backup infrastructure.

Not only is this proactive approach a good idea, it also provides the evidence of resilience that helps board-level executives sleep at night. So, when those big questions come down from the top – answer them with proof of resilience.

Start your journey to proven resilience

Talk to a Recovery Assurance expert or book a Predatar demo.