Lessons from Enterprise Storage Leaders – 2026 Trends, Threats & Transformations

Storage used to be about capacity and performance, but today it’s about resilience, security, and intelligence – a shift that became clear during a recent Storage Leaders Virtual Panel with enterprise storage leaders.

1. Industry Trends

What do you see as the single biggest disruptor in enterprise storage & backup today?

For David Brown, Storage Architect at State of Michigan, the biggest disruptor is unambiguous:

“If you’d asked me this question 20 years ago, I would have said virtualization.
Today, the elephant in the room is artificial intelligence.”

David contrasted the early days of SAN:

“One of the first SANs I ever put in was a whopping 5.5 terabytes. We thought, we’ll never outgrow this. Virtualization came along and we were doubling and tripling capacity almost every year.”

Now, AI and machine learning are driving a similar – but even more intense – disruption:

• New workloads (e.g., autonomous vehicles) are discussing yottabytes in capacity planning.
• AI requires instant performance, low latency, and massive parallelism.
• Storage becomes a core dependency for AI’s success, not just a downstream consumer.

2. Security

How are storage systems adapting to the rise in ransomware attacks?

Julian Topley, Senior Delivery Manager – Storage & Backup at Lloyds Banking Group, framed the shift starkly:

“We’ve invested for years in perimeter security. But the real vulnerability is the destination – the data. That’s where ransomware now goes, and increasingly backups as well.”

Julian outlined two guiding principles:

1. Protection must be layered

“Snapshots and replication are the frontline for fast recovery. Backup and vaulting are the last bastion for recovery and forensics.”

2. Storage must get “cyber-smart”

“Storage has to offer immutability, anomaly detection, and clean recovery points.
Storage needs to be smart.”

Are immutability and air-gapped backups becoming table stakes?

David Brown’s answer was unequivocal:

“Both immutable backups and air-gapped backups have become table stakes for a true cyber-resilient strategy. They used to be advanced features. Today they’re mandatory requirements.”

He explained why traditional backup rules are no longer enough:

“The old 3-2-1 rule – three copies, two media, one offsite – isn’t enough. Attackers can still corrupt those locations.”

His team is moving toward an enhanced rule:

“We’re looking at a 3-2-1-1-0 rule: three copies of data, two different media types, one copy stored offline, one copy immutable or vaulted, and zero errors after verification when you restore.”

On cloud and air gapping:

“In my opinion, cloud-written backups do not constitute an air gap.
There’s still access to the cloud, and as we’ve seen, the cloud is not a guaranteed safe harbor.”

What challenges do you foresee with evolving data sovereignty laws?

Naresh Kattel, VP Storage Management from AllianceBernstein pointed out that global enterprises face a patchwork of regulations:

“Every large enterprise operates in different markets, and every market has a regulator.
These regulators are unleashed on you to make sure you understand the rules.”

He outlined three practical needs: know your inventory, understand regulatory impact, and partner with legal & compliance.

Should InfoSec teams build deeper storage-security expertise?

Kevin Battle strongly believes in deeper cross-team understanding:

“Absolutely. Right now everything is segmented – separate security teams, separate backup teams, separate storage teams. But with new AI-aware software, everyone has to coordinate and be aware.”

He highlighted the role of storage-security tooling:

“That’s what I appreciate about solutions like StorageGuard, which I’ve used for three years. It gets inside the perimeter to scan storage and SAN. Those are areas other tools just don’t touch.”

Julian Topley agreed on shared responsibility – but warned against blurring it:

“The security and storage teams must share the problem, but the key is not to blur responsibility.”

He framed it in the following way:

• Security team: owns threat, policy, escalation
• Storage & backup team: own configuration, change, fabrics, protocols

Julian explains how 3^rd party solutions can help:

“Tools like StorageGuard really help here – they continuously discover storage and backup systems and add that contextual security layer, mapping configurations and firmware against live vulnerabilities and good practice.”

3. Technology & Innovation

How is AI changing storage management – is it hype or reality?

David Brown was clear:

“It’s definitely reality. We’re using AI for IT operations – supporting customer support, security, backup and recovery. For storage, it turns systems into active participants in maintaining uptime and data security.”

Examples he gave included:

• Predictive maintenance

“Models continuously analyze logs, sensor readings, and performance to predict failures before they impact production.”

• Intelligent tiering & triage

“We used to write scripts to move data between tiers based on age and activity.
AI can now constantly analyze data and predict when it might be needed, staging it preemptively.”

---

Click here to read the full report: ‘The Storage Leaders Guide’, and watch the on-demand Virtual Panel, click here.