In this episode, Infinidat CMO Eric Herzog breaks down how storage can be a frontline player in cybersecurity—automating threat response, integrating with SOC tools, and guaranteeing ultra-fast data recovery. If you’re still treating storage as passive infrastructure, this conversation will change your perspective.
Storage often sits in the background of cybersecurity conversations—but not at Infinidat. In this episode, Eric Herzog, Chief Marketing Officer of Infinidat, joins Sean Martin to challenge the notion that storage is simply infrastructure. With decades of experience at IBM and EMC before joining Infinidat, Herzog explains why storage needs to be both operationally efficient and cyber-aware.
Cyber Resilience, Not Just Storage
According to Herzog, today’s enterprise buyers—especially those in the Global Fortune 2000—aren’t just asking how to store data. They’re asking how to protect it when things go wrong. That’s why Infinidat integrates automated cyber protection directly into its storage platforms, working with tools like Splunk, Microsoft Sentinel, and IBM QRadar. The goal: remove the silos between infrastructure and cybersecurity teams and eliminate the need for manual intervention during an attack or compromise.
Built-In Defense and Blazing-Fast Recovery
The integration isn’t cosmetic. Infinidat offers immutable snapshots, forensic environments, and logical air gaps as part of its storage operating system—no additional hardware or third-party tools required. When a threat is detected, the system can automatically trigger actions and even guarantee data recovery in under one minute for primary storage and under 20 minutes for backups—regardless of the dataset size. And yes, those guarantees are provided in writing.
Real-World Scenarios, Real Business Outcomes
Herzog shares examples from finance, healthcare, and manufacturing customers—one of which performs immutable snapshots every 15 minutes and scans data twice a week to proactively detect threats. Another customer reduced from 288 all-flash storage floor tiles to just 61 with Infinidat, freeing up 11 storage admins to address other business needs—not to cut staff, but to solve the IT skills shortage in more strategic ways.
Simplified Operations, Smarter Security
The message is clear: storage can’t be an afterthought in enterprise cybersecurity strategies. Infinidat is proving that security features need to be embedded, not bolted on—and that automation, integration, and performance can all coexist. For organizations juggling compliance requirements, sprawling infrastructure, and lean security teams, this approach delivers both peace of mind and measurable business value.
Learn more about Infinidat: https://itspm.ag/infini3o5d
Note: This story contains promotional content. Learn more.
Guest:
Eric Herzog, Chief Marketing Officer, Infinidat | https://www.linkedin.com/in/erherzog/
Resources
Learn more and catch more stories from Infinidat: https://www.itspmagazine.com/directory/infinidat
Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25
______________________
Keywords:
sean martin, eric herzog, storage, cybersecurity, automation, resilience, ransomware, recovery, enterprise, soc, brand story, brand marketing, marketing podcast, brand story podcast
______________________
Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage
Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf
Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us
When Every Second Counts: Building Cyber Resilience Through A Smarter Approach to Data Protection | A Brand Story with Eric Herzog from Infinidat | An On Location RSAC Conference 2025 Brand Story
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
Sean Martin: . [00:00:00] Eric Zo, here we are. We're
Eric Herzog: together. Great. It's glad to be together. And guess what, we're hanging out at the Infinite. That booth at the RSA show now.
Sean Martin: I love the purple. You can go wrong. You can't go wrong with purpose.
Eric Herzog: And of course you like the wine shirts as usual.
I love the wine
Sean Martin: shirt, which is fantastic. Exactly. It's about the energy. It's about having fun. But being also serious when it matters most, right? Absolutely.
Eric Herzog: Right. As you know, the bulk of our customers are global Fortune 2000. Right? So they need us to be serious, to deliver right. Solutions to help with cyber, to lower their costs and things we do in the AI world as well.
Exactly.
Sean Martin: And to have a sharp mind and a, and a, it's the right word. A uh, a team that cares. Well,
Eric Herzog: we're known for our white glove support and service. Exactly. In fact, um, you know, one of the analyst firms, Gartner. Does an end user survey. Mm-hmm. It's not the analyst, it's them. They make sure it's not me and my kids.
Um, and we have been the enterprise Customer's Choice [00:01:00] award winner seven years in a row. So that's the customers Exactly. Usually supply our supporting not just a great product. Exactly. But our support and service always puts us over the line.
Sean Martin: I love it. So let's, let's talk about the, the, the products.
Well, maybe let's introduce you to our audience. First off, Erica. I dunno, maybe a little bit about you before Infinidat that maybe helped shape your role in Infinidat and where you're up to now.
Eric Herzog: So I'm the CMO here. Uh, for the previous seven and a half years I was the CMO of the IBM storage division and the Vice President Global Channels.
And before that for five years, I was the senior repeat at EMC for what is now called the PowerMax and Power Store. And this is obviously before the acquisition by Dell. You like storage. I've done nothing but storage for 40 years.
Sean Martin: Like, funny enough, storage is an important part of the business, right?
Storage. The data
Eric Herzog: com storage is completely cool. It is completely cool. Totally cool. It's completely, you don't do the right thing by storage. Your data goes away. What happens when [00:02:00] your data goes away? People get fired. People get fired, customers leave.
Sean Martin: You don't make any money. Absolutely. Yeah. So let, let's talk about maybe how things have shifted in the last few years.
Um. Transf for me. Obviously we had a big event, health event that changed the way a lot of businesses ran and where their data was, but kind of gimme a picture of how things have transformed over the last few years that have raised awareness that storage protection, data protection is
Eric Herzog: key,
Sean Martin: top of mind.
Eric Herzog: Well, as you know, in several of the surveys of CIOs. The number one purchase item, even despite some of these economic travails that have been going on the last year and a half, number one purchase item is cybersecurity. So what we've done is imbue inside of our technology, a whole bunch of cybersecurity, so we can do seamless integration, for example, with data center wide cybersecurity packages.
So Sims, so if they've got a [00:03:00] soc, so we can do that right? Level of integration that makes storage part of a comprehensive enterprise. Cybersecurity strategy. We brought storage into the mix instead of being on the outside.
Sean Martin: So tell me, gimme a scenario where things are disparate and siloed and what that does to the teams and their ability to respond, be resilient when things are going wrong.
Eric Herzog: Well, so part of the angle we've done with our, what we call automated cyber protection. Is integrate with data center wide cybersecurity technology, whether it be a software package mm-hmm. Like Microsoft Sentinel or IBM QRadar or Splunk, or whether it be a security operations center, which several of the big companies are doing.
So in the old days it's a silo. They see an attack, oh wait, maybe we should call the storage guys. So we came up with a way where, no, it's automated. So we get a team. What, what are they
Sean Martin: asking or saying? What are they saying? What are they asking? The storage team?
Eric Herzog: Well, they're saying. Have you had a cyber attack?
What do you see? Can you [00:04:00] check it out for us? Blah, blah, blah. And they're not
Sean Martin: security people? No.
Eric Herzog: So in this case, what we've done is integrate with data center wide cybersecurity entities, either a SOC or the software. Mm-hmm. When it sees a threat, we automatically start taking action. There's no pick up the phone and call the storage guy.
We even can set up. So after we will create, for example, an immutable snapshot, which can't be erased, can't be deleted. You can then scan that for malware or ransomware and can do that all in an automated fashion. Okay? So the question isn't if you're gonna be attacked, it's when and how often. In fact, the average enterprise how often suffers 1,653 attacks every week.
So thinking they're never gonna get in is not being realistic. But if they do get in with our next generation data protection, you wanna make sure that A, you can identify what the issue is to get a known good copy. 'cause remember, malware and ransomware is not King Kong. They're not Godzilla yelling and screaming and pounding on their chest.
It's all run surreptitiously. It is the ultimate. James Bo. Is this all low
Sean Martin: and slow?
Eric Herzog: All low and slow? Um, they are now, of course, [00:05:00] the cyber guys are using cyber criminals using AI as well. Mm-hmm. Just like the good guys are. So it's kind of a, a standoff on who's doing what. So you need to make sure that by have this integrated cybersecurity play, which is built into the storage and can interface with non storage technology, you can create a comprehensive strategy and take proactive action.
Not wait, but just get going. So the security software, the sock says, Hey, we think we got an attack going. Boom. Start scanning the storage, check it out, get an own good copy. So if there really is an attack, you're not recovering a data set that has malware, ransomware in it, which is purse doesn't do you any good.
Sean Martin: So I've, funny enough, I've heard we, we hear secure by design all the time. That doesn't necessarily mean there's security built in to the solution. It just may mean that. They actually considered security. We're in the building solution, which it's a very nuanced point I'm gonna make here, which is you're saying security needs to be part of the storage [00:06:00] solution, not just as a storage solution.
Secure. Right. And right.
Eric Herzog: So we secure the storage solution. We could encrypt the data. We have management, um, dual authentication for the storage admins, but I'm saying we integrate cyber technology directly into the storage. It's a software play. The bulk of the software we do not charge for. You don't have to turn it off, you don't want to, but if you do, we can do immutable snapshots, create friends forensic environments, and what the most important thing is since the questions that if you're gonna be attacked, it's when and how often.
Yeah. So what about recovery? Yeah, so we will guarantee in writing recovery of any dataset size on primary storage, any dataset size, which could be 10 petabytes or 20 petabytes, one minute or less recovery. Wow. Where the data's made available. Now you have to have a known good copy. 'cause if you cover a bad copy, you just.
Recovered malware, ransomware. Once you have a known good copy, we guarantee recovery in a minute or less. And on our purpose-built backup appliance, which works all the major backup software guys, we guarantee recovery in under 20 minutes. No one can [00:07:00] match that. And we guaranteed in writing for our enterprise, again, the bulk, our customers are global Fortune 2000.
So that only want that type of guaranteed SLA. They want it in writing and we provide it in writing.
Sean Martin: Yeah. And then so I'm glad you made that point 'cause that's what I'm hearing is people want. That connection. Yeah. They want a level of integration generally. Yes. Level, generally speaking, they want the security inside whatever business process that's functioning.
And here we're talking about data storage. So minute, 20 minutes or less in writing, a minute or less, uh, in some cases. What does that do? So you're automating a lot of this thing. Yeah. How, how do team, well, I guess, let me go back a second. Infrastructure. So how. What changes in terms of deployment of their current solution?
Uh, so for us, integrations, deployment
Eric Herzog: is all the same. Okay. The issue is you talk to our professional services team or our technical advisors. Mm-hmm. We provide technical [00:08:00] advisors to every account at no charge and their job, not textbook. We have a separate textbook team, technical advisor's job is optimizing applications, workloads, and use cases.
Got it. That's what their job is. So you say. You know what? These workloads over here we're very concerned. You know, the most valuable corporate channel. Great. Why don't we do Infinis Safe? Great. What do you wanna do? Okay. Oh, and you're using Microsoft Central. Okay. Microsoft Central can talk to it. You want it not to talk to it.
So we work with them, they tell us what they want. Okay. It's our regular storage, and some people don't turn it on. Quite honestly. We had a customer who had an attack and hadn't turned it on. Mm. We have other customer that had attacked and was turned on and they recovered in a couple minutes. So it's all about, you know, what they want to do.
Um, it is integrated into the storage software operating system, so it's not extra, it's built in and it's more about turning it on and just configuring, deciding what data sets you want to protect, how you want to protect them. You know, how often do you wanna do things like snapshots and all levels of integration with their more comprehensive data [00:09:00] center.
Wide cybersecurity, right? Are they using QRadar? Great. What do you want us to do? Great. And then we program that in. So when something comes through the API, we then take our queue from the data center wide cybersecurity software or a soc, and we start doing stuff automatically. So it's no more pick up the phone, it's all you.
We all configure it. You say, I want these arrays to do snapshots of half of the capacity, and then I want those scanned on this array. We want the entire thing to be a snapshot. We want none of it scanned. And once you're set up, now you can change it later. 'cause if you add more storage, which. Is normal these days, then you want to add that new storage into the, into the configuration.
But it's all done with software. So it's easy to do. Uh, it's not complex. There's no extra hardware involved at all. You know, there's no gateway, there's no third appliance. You just do it in our software that comes on our infin of box platforms. Nice. So talk to me
Sean Martin: about specific scenarios. Maybe, I don't know.
What, what are some, I mean, every, every [00:10:00] company has stores, but I'm looking maybe. Somebody in healthcare. Customer. Sure. In manufacturing, sure, sure. How so? One of our, what are they backing up? How often? How? How do you participate? Yeah. So one of
Eric Herzog: our customers is a global Fortune five, 500, and they do immutable snapshot.
They're in finance. They do immutable snapshots every 15 minutes. Okay. Every 15 minutes. Okay. Those immutable snapshots can't be deleted, can't be chained, can't be all. We create a logical air gap. Those on-prem
Sean Martin: in the cloud, that's, it's
Eric Herzog: on-prem. Okay. We can also do it in the cloud if that's what they want, but in this case it's on-prem.
We have a, a logical air gap separation of the management plane and the data plane. Okay. And they do that both locally and remotely. 'cause they have disaster recovery sites 'cause they're, you know, a global Fortune 500. Uh, they then do scanning a couple times a week. So they have what we call infinis safe cyber detection.
It's the only part of our software that is extra. So that's the one piece they did buy, and they're scanning every couple days looking for viruses. [00:11:00] Yep. Malware and ransomware. So the, the capability when we do the scanning is twofold. A, just the way Microsoft or Splunk is a warning system across the data center.
We can be a warning center on storage. We can scan the storage. If we see something with our API, we can send a note out to the SOC saying, Hey, on this array we are starting to see it's X, Y, Z. Okay. The other one. This be a,
Sean Martin: a snapshot from last week perhaps, right? Yes, absolutely. That the stuff has been sitting there now.
Now we have a detection, so if
Eric Herzog: we do the detection, if we see something wrong, a, there's a big screen that comes up, the warnings go out over email, but we can integrate it with an API to go out to the larger data center wide comprehensive strategies. Okay. The other thing we can do is since you will get attacked, now you've had an attack.
Mm-hmm. You need to have a known good copy. Right. So you will take. Copies and you use our fin safe cyber detection to scan the copies till you find a good one and [00:12:00] that's the one you recover. Okay. So you've got one infinite safe cyber detection as a warning system, and B, you've got it also during the recovery process to make it more accurate, faster, right.
Otherwise you have to call the app guys and say, okay, you Oracle guys, can you check into this? So with this we can help with that scanning process. So A takes them to go focus on something else. Mm-hmm. When there's an attack. B, it can be set up seamlessly integrated so it automatically sees something. We take the snapshot and then we start scanning it, right?
And we set that up with our technical advisors with our cyber protection and then use cyber detection after to use cyber protection first to integrate with data center wide. And then if there is an issue, use cyber detection to scan. Yeah, makes sense. So that's how we do the integration. So that's all can be completely automated process from an end user perspective.
Yeah,
Sean Martin: so everybody had all their data's in one spot right now. It could be remote sites as well. So I'm, I'm joking a little bit. So give me an idea of what, [00:13:00] so redundant sites of course, but a lot of companies are built back acquisitions, so some have some storage, some places. How do you, how do you give that comprehensive view?
And
Eric Herzog: so our cyber product only works on our own soft, our own system. 'cause part of our. Storage operating system. It's built into the operating system. Okay. However, what we do just generically is because of the power of the Infin Box platform, what we call our neural cache, we can often consolidate tons of other arrays into less.
So for example, we have a global Fortune 500, 288 floor tiles of all flash with someone else. Now they're running all those workloads on 61 floor tiles of us. So you're saving on Watts slots? Mm-hmm. Power floor space. And of course they could run Infinis safe on the Infin box platforms. We have another customer from 27 arrays, from three different vendors to four with us.
Wow. So you've got a bunch of savings there that are, you know, [00:14:00] CapEx, opex. One of our customers, they went from with another vendor, 15 storage admins. Now they run actually 25 extra petabytes. So more than they had before with only four ad. Now, by the way, those 11 guys did not lose their job because as you guys know from the analysts and press community, there's an IT skills gap all over the world.
Exactly. So they just got repurposed into another part of it, but they're not managing the storage anymore. 15 guys down to four. So that is both, uh, an OPEX statement, but in this case it's an IT operation statement. Absolutely independent cost. Because the 11 guys were freed up to work on something else.
Sean Martin: Well, guess what? They, they know the storage, they know its role within the business, so they're probably really good at figuring out. How to fine tune the business operations surrounding that as well.
Eric Herzog: Well, that's partially what we have with our technical advisors. Their job is to help them with SAP, help them with Oracle, help with Mongo, Cassandra, help them with their supply chain applications, whatever they're doing.
That is what our technical advisors do. [00:15:00]
Sean Martin: Uh, talk to me a bit about the initial engagement with a prospect. Sure. What that conversation sounds like. What I'm looking for is. What's, what's the trigger that says, the way we're doing it now isn't working? What, what are the signs that they're, they're coming to you with work down team or you spend too much money?
Yeah.
Eric Herzog: So one is clearly, if you think about it, you know, I've done this for 40 years. I've never been a CIO who used to be a storage admin. So cis know they need storage, but they fricking hate it. Mm-hmm. So we don't engage in a technical conversation. We lead with a business conversation. Okay. How much storage do you have?
Oh, how would you like to cut your capital and operational expenses and free up operational manpower? By the way, what if you could integrate cyber technology or AI directly into the storage and not run extra applications or have extra servers? Oh, okay. Which by the way, is not only a ease of use statement, but also of course ends up being costing.
'cause then they gotta buy other stuff. In this case, the cyber, for example, is built [00:16:00] into the storage, right? You have an AI rag for AI workload. Okay, so instead of getting something extra, we could figure out a way with our AI rag to work with large language models, vector data, small language, which are needed in AI workloads.
Yeah. And do that all OnPrem or can do it out to cloud configurations if they got a cloud configuration. So I both work. Okay. And
Sean Martin: I have to ask the question compliance, and I'm thinking perhaps. Some data sovereignty requirements as well. Yeah, so on the
Eric Herzog: data sovereignty side, we don't do anything from our software perspective.
That's up to the customer. Got it. You know, most of our customers, again, we support that. Of course. Yeah. 'cause we're mostly global Fortune 2000, so we've got current customer who just bought, you know, double tens of millions last quarter, and some of it's going into Europe, some of it's going into Asia, and some of it's going into four different sites in the United States.
So when you're doing that, we make sure that. You know, if they say, Hey, it can't go off site or out of the country, right? [00:17:00] Then we, our technical advisors work with them to make sure they configure the array. So the replica site for disaster, uh, Canada is one of those countries, for example, they have that rule, so does several countries in Europe.
Europe. So that means the data's gotta stay within the. Physical boundaries. So we say, great, your disaster recovery center needs to be a thousand kilometers away still in your country, but over there, and we'll help you do that. And that way they have the compliance on a data sovereignty perspective, but that's more about what our technical advisor and professional services team does.
We don't have the software that literally looks at the compliance characteristics, right? We have the cyber software, the AI software, and clearly all the regular storage enterprise stuff. That's why, again. We have so many of the, I mean, 28% of the Fortune 50 buy from Infin. Yeah. Strong statement. Such as,
Sean Martin: it's very cool.
And, um, what I'm thinking, maybe you can confirm it is so you, you're not doing the compliance, but these teams are probably pulling their hair out, trying to figure out how to manage all these. Data stores. Right. And on. All we do is, and you give them that [00:18:00] control. Well, we simplify
Eric Herzog: dramatic dramatically. If you go from 288 floor tiles to 61 Yeah, you dramatically took out what you need to do compliance on.
'cause now it's 61 boxes, not 288 boxes. Yep. And then obviously you have the savings on CapEx, on opex on the operational management. In the point, it's always easier to manage less than more. Yes. And we have the right performance characters that would put more and more workloads on a single entity system.
Versus having five or six systems from somebody else. Fantastic. And they can do it, but they need 5, 6, 7, 8 systems. We can do it with one. So that's part of that value. Again, not just technical value, but we're all about business value.
Sean Martin: Yeah, that's clear. That's obvious Eric. Great. Great chat with you.
Anything else we didn't touch on that you wanna say?
Eric Herzog: No. Great. Well thank and we want people to come visit our website, of course. Ww dot and fitted.com
Sean Martin: of course. And, uh, we'll include links to, uh. To your sites and uh, any other resources that you have running with us and connect with Eric too. Great. You good?
[00:19:00] Thank you. Pleasure chatting. Thanks for
Eric Herzog: coming by.
Sean Martin: Appreciate it. Yeah, take care everybody.