9 in 10 firms to spend more on data protection as attacks rise

IT leaders are feeling even less protected and more concerned about their ability to recover and restore mission-critical data, even if companies say they will spend more trying to fend off cyberattacks, according to finds of a Veaam survey.

Veeam commissioned the survey in late 2023, covering 1,200 unbiased IT leaders and implementors from all over the world. 

Respondents shared that cyber-attacks remain the top cause of outages and that while organisations are putting more emphasis on using the cloud for major recoveries, only a small percentage believe they’d be able to recover from even a small crisis in under a week.

Results show that 76% of organisations were attacked at least once in the past 12 months. Recovery is still a major concern, as only 13% said they can successfully orchestrate recovery during a DR situation.

Only 32% of organisations believe they can recover from a small attack, crisis or outage within a week. When asked how long IT would need to recover 50 servers, only 32% believed their IT staffs could recover the servers within five business days. 

When asked about their latest large scale cyber/disaster test, less than three out of five (58%) servers were recoverable within expectations.

Also, data protection budgets are expected to grow by 6.6% in 2024. This is the second straight year the survey revealed that data protection spending growth will outpace IT spending growth.

Overall, 92% of organisations expect to spend more on data protection in 2024 to continue to prepare against cyber-attacks as well as the changing production landscape that requires different approaches to data protection.

Further, two out of five (41%) consider some aspect of mobility in cloud scenarios as most important characteristic of a modern solution, including the ability to move a workload from one cloud to another and the standardisation of protection between on-premises workloads and IaaS/SaaS.

Dave Russell, VP of enterprise strategy at Veeam, said that the findings in this year’s report highlight the need for continued cyber vigilance, and the importance of every organisation to ensure they have the right protection and recovery capabilities. 

Findings also showed that container usage continues to rise, with 59% of enterprises running them in production, and another 37% either rolling them out or planning to. 

Unfortunately, only 25% use a backup solution that is purpose-built for containers, while the rest of organisations back up only some of the underlying components – such as storage repositories or the database contents. 

Veeam says neither tactic ensures that the applications and services will be resumable after a crisis, or even a simple import/configuration error that needs to be undone.

For the second straight year, the two most important considerations for “enterprise backup” solutions are reliability and the protection of cloud-hosted workloads (IaaS and SaaS). This is problematic for organisations relying on older data centre-centric data protection solutions. 

Veeam says that as organisations move workloads from one platform or cloud to another, IT teams relying on legacy backup solutions that do not offer equitable protection of cloud-hosted workloads will struggle to maintain SLAs, particularly those that embrace cloud-native offerings like Microsoft 365/Salesforce (SaaS) or containers.