Veeam® Software, the leader in modern data protection, today released the results of the company’s fourth annual Data Protection Trends Report to better understand how data protection is evolving in a digital world. The survey found that organizations with more complex hybrid IT environments are being challenged and increasing their budgets to mitigate cyberattacks and keep up with the ongoing diversification of production environments across different clouds. The result is that IT leaders feel under-protected. One of the top priorities for organizations this year is improving the reliability and success of backups, followed by ensuring infrastructure as a service (IaaS) and software as a service (SaaS) protection matches the level of protection targeted at they rely on for data center-centric workloads.
Highlights of the 2023 Veeam Data Protection Trends Report:
Modern data protection is required to keep businesses running: Four out of five companies believe they have a gap or a sense of dissatisfaction or concern between what their business units expect and what IT services can deliver. 82% have an “availability gap” between the time they need to recover systems and the time IT can recover them. 79% cite a “protection gap” between the amount of data they can lose and the frequency with which IT protects their data. These gaps are one reason 57% of organizations expect to change their primary data protection in 2023 and justify increased data protection budgets.
Soaring Privacy Budgets: Globally, organizations expect to increase their privacy budgets by 5% in 2023, significantly higher than overall spending plans in other IT areas. Of the 85% of organizations planning to increase their privacy budgets, their average planned increase is 8.3% and often comes with higher investments in cybersecurity tools.
Despite awareness and rising readiness, ransomware is winning: According to the report, cyberattacks caused the most consequential outages for organizations in 2020, 2021, and 2022. 85% of organizations were attacked at least once in the last 12 months; versus 76% in last year’s report. Recovery in particular is a major concern as companies reported that only 55% of their encrypted/destroyed data could be recovered after attacks. According to the survey, the most important aspect organizations look for in a modern data protection solution is “integrating data protection into a cyber preparedness strategy”.
Ransomware is the number one obstacle to digital transformation: Due to its drain on budgets and manpower, ransomware and the current volatile cybersecurity landscape are a priority for IT teams. This results in IT resources and budgets originally allocated to digital transformation initiatives being shifted towards cyber prevention. Cyberattacks not only eat up operational budgets from ransomware to recovery efforts but also reduce the ability of organizations to modernize for their future success; Instead, they have to pay to prevent and mitigate the status quo.
Container-centric workloads are growing in popularity: Containers, and especially Kubernetes, have all the hallmarks of a mainstream production platform, with the same differences in data protection strategy seen in the early adopters of SaaS five years ago or virtualization 15 years ago. 52% of respondents are currently running containers, while 40% of organizations plan to deploy containers—yet most organizations only protect the underlying storage rather than holistically protecting the workloads themselves. This is typical when new production platforms become mainstream, followed by a realization that traditional methods are inadequate, creating an opportunity for third-party backup tools to provide comprehensive protection.
“IT leaders face a double challenge. They are creating and supporting increasingly complex hybrid environments as cyberattacks increase in scope and sophistication,” said Danny Allan, CTO and senior vice president of product strategy at Veeam. “This is a major concern as business leaders consider how to mitigate and recover from any type of disruption to business operations. Legacy backup approaches fall short of modern workloads—from IaaS and SaaS to containers—and result in an unreliable and slow recovery for the business when it’s needed most. This is what IT leaders’ minds focus on as they reconsider their cyber resiliency plan. They need modern data protection.”
Notable findings from the report include:
Reliability and consistency (by protecting IaaS and SaaS alongside data center servers) are the key drivers for improving data protection in 2023. For organizations struggling to protect cloud-hosted data with legacy backup solutions, they will likely complement their data center backup solution with IaaS/PaaS and/or SaaS capabilities.
Ransomware is the most common and most serious cause of failures, along with natural disasters (fire, flood, etc.) and user error (overwriting, deleting, etc.). Enterprises should implement backup and recovery solutions that support a holistic approach to data protection and that integrate with other cyber detection and remediation technologies to ensure comprehensive cyber resiliency.
Cloud-based services seem almost inevitable for companies of all sizes. But much like there isn’t just one type of production cloud, there isn’t just one protection cloud scenario. Enterprises should consider cloud tiers for retention, backup as a service (BaaS), and ultimately disaster recovery as a service (DRaaS).
