IT leaders feel unprotected from cyber attacks and disasters, Veeam reveals

Danny Allan, Chief Technology Officer and Senior Vice President of Product Strategy at Veeam

Veeam Data Protection Trends Report 2023 shows that company data backup budgets will continue to rise to align with the increasing importance of consistency and reliability for hybrid cloud data protection and as organisations continue their spirited fight against ransomware.

Veeam® Software, the leader in Modern Data Protection, recently released findings of the company’s fourth annual Data Protection Trends Report to better understand how data protection is evolving in a digital world. The survey found that companies are challenged with more complex hybrid IT environments and are raising budgets to fend off cyberattacks as well as keep up as production environments continue to diversify across various clouds.

The result is that IT leaders feel that they are not sufficiently protected. A top priority of organisations and companies this year is improving reliability and success of backups, followed by ensuring that Infrastructure as a Service (IaaS) and Software as a Service (SaaS) protection is equitable to the protection they rely on for datacenter-centric workloads.

What are the highlights of the Veeam Software report?

  • Modern Data Protection is needed to keep businesses running: four out of five companies believe they have a gap, or a sense of dissatisfaction or anxiety, between what their business units expect and what IT services can deliver. 82% have an ‘Availability Gap’ between how quick they need systems to be recoverable and how quick IT can do that.

79% cite a “Protection Gap” between how much data they can lose and how frequently IT protects their data. These gaps are why that 57% of organisations expect to change their primary data protection, as well as the justification for increased data protection budgets.

  • Data protection budgets are steadily increasing: Around the world, organisations expect to increase their data protection budgets in the year 2023 by 6.5%, which is notably higher than overall spending plans in other areas of IT. Of the 85% of organisations and companies planning on increasing their data protection budgets, their average planned increase is 8.3% and often in concert with increased investments in several cybersecurity tools available.

  • Despite the awareness and increase in preparedness, ransomware is winning: Cyberattacks caused the most impactful outages for organisations in 2020, 2021 and 2022, according to the data report. 85% of organisations were attacked at least once in the past 12 months; up from 76% in last year’s report. Specifically, recovery is a main concern as organisations reported that only 55% of their encrypted/destroyed data was recoverable from attacks.

Notably, the single most important aspect that organisations are looking for in a Modern Data Protection solution is the “integration of data protection within a cyber preparedness strategy.”

  • Ransomware is currently the biggest hindrance to Digital Transformation: Due to its burden on budgets and manpower, ransomware and the current volatile cyber security landscape are taking priority for most IT teams. This is causing IT resources and budgets originally allocated towards Digital Transformation initiatives to pivot to intensive cyber prevention.

Not only do cybercriminals and cyberattacks drain operational budgets with for example ransoms to recovery efforts, but they also reduce an organisations’ ability to modernise for their future success; instead, they must pay for prevention and mitigation of the status quo.

  • Container-centric workloads are growing in popularity: Containers, and more specifically Kubernetes, show all the characteristics of a mainstream production platform, with the same kinds of data protection strategy disparities as seen in the early adopters of SaaS five years ago or virtualisation that happened 15 years ago. 52% of respondents are currently running containers, while 40% of organisations are planning to deploy containers.

Most organisations and companies are merely protecting the underlying storage, instead of holistically protecting the workloads themselves. This is typical as new production platforms enter mainstream, followed by recognition that legacy methods are insufficient, thereby creating an opportunity for third-party backup tools to ensure comprehensive protection.

What were the executive remarks on the report?

“IT leaders are facing a dual challenge. Leaders are building and supporting increasingly complex hybrid environments, while the volume and sophistication of cyberattacks is increasing,” said Danny Allan, CTO and Senior Vice President of Product Strategy at Veeam.

“This is a major concern as leaders think through how they mitigate and recover business operations from any type of disruption. It’s never easy. Legacy backup approaches won’t address modern workloads – from IaaS and SaaS to containers – and result in an unreliable and slow recovery for the business when it’s needed most. This is what’s focusing the minds of IT leaders as they consider their cyber resiliency plan. They need modern data protection.”

What were some of the notable insights from the report?

  • Reliability and consistency (of protecting IaaS and SaaS alongside datacenter servers) are the key drivers for improving data protection in 2023. For organisations that are struggling to protect cloud-hosted data with legacy backup solutions, it is likely they will supplement their data centre backup solution with IaaS/PaaS and/or SaaS capabilities.
  • Ransomware is both the most common and most impactful cause of outages, alongside natural disasters (fire, flood, etc.) and user errors (overwrites, deletion, etc.). Organisations should implement backup and recovery solutions that support a holistic approach to data protection, and that can integrate with other cyber detection and remediation technologies to ensure comprehensive cyber resilience.
  • Cloud-based services seem nearly inevitable for organisations of all sizes. But similar to how there isn’t just one type of production cloud, there isn’t just one protection cloud scenario. Organisations should consider cloud tiers for retention, Backup as a Service (BaaS) and ultimately, Disaster Recovery as a Service (DRaaS).


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.