Together, Veeam and CrowdStrike enhance data security by combining Veeam’s industry-leading data resilience capabilities with the AI-native CrowdStrike Falcon cybersecurity platform. The result is end-to-end visibility into security threats—minimizing and even preventing the business impact of cyber incidents. The partnership launches with two new fully supported integrations:

1. Veeam App for CrowdStrike Falcon LogScale
2. Veeam Data Connector for CrowdStrike Falcon Next-Gen SIEM

These integrations allow organizations to view Veeam Data Platform events directly within the CrowdStrike Falcon platform, creating a unified solution that improves insights into system activity and security events. This empowers IT and security teams to detect, prevent, and respond to cyber incidents more effectively.

“We know that 89% of threat actors specifically target an organization’s backups, putting critical data recovery at risk,” said John Jester, chief revenue officer at Veeam. “Delivering comprehensive protection against these attacks requires strategic partnerships. That’s why we’re building strong integrations with industry leaders like CrowdStrike to ensure customers take a connected approach to cybersecurity and data resilience. We continue to enhance Veeam Data Platform security capabilities and integrations to ensure that an organization’s backups are clean and secure to recover from a ransomware attack. By combining Veeam Data Platform’s industry-leading malware detection, indicators of compromise (IoC) detection and proactive threat assessments with CrowdStrike’s AI-powered capabilities, we help customers ensure their backups are secure and their data resilient.”

“The surge in cyber threats and ransomware attacks continues to put enterprise data at risk,” said Daniel Bernard, chief business officer at CrowdStrike. “Our partnership with Veeam brings together best-in-class cybersecurity with industry-leading data resilience, giving joint customers a unified defense to reduce risk and ensure rapid recovery. By bringing Veeam Data Platform events into Falcon Next-Gen SIEM, we’re delivering centralized visibility that empowers security and IT teams to respond faster and more effectively across the entire attack surface.”

The integration brings Veeam Data Platform event data into Falcon LogScale and Falcon Next-Gen SIEM, delivering deeper visibility and accelerated threat analysis. By combining Veeam’s backup insights with CrowdStrike’s industry-leading threat intelligence and real-time visibility across the enterprise, organizations can eliminate blind spots and reduce risk across their data and backup environments.
The Veeam App for Falcon LogScale includes pre-built dashboards, automated data parsing and proactive alerting to improve detection and response across the enterprise. It also adds support for Veeam Backup for Microsoft Entra ID, enhancing visibility into identity-based threats and data infrastructure activity.

Security teams can leverage predefined searches and scheduled alerts to quickly surface relevant security events, enhancing threat-hunting and response efforts. Real-time, low-impact scans during backups—powered by advanced AI and machine learning—detect even the most subtle anomalies and malware. These proactive alerts equip Security Operations Center (SOC) analysts with the intelligence needed to accelerate incident response and stay ahead of evolving threats.

Veeam Data Platform delivers comprehensive end-to-end cyber resilience, supporting organizations before, during and after a cyber incident. It features proactive threat detection with the patent-pending Recon Scanner, which identifies potential ransomware threats before backups are created. During the backup process, inline entropy analysis, signature-based malware scanning and IoC detection tools provide a defense-in-depth approach to identifying malicious activity.

The platform also supports incident response by assessing the scope of an attack and quickly identifying the last known good restore point through Veeam Threat Hunter. Additionally, Veeam Cyber Secure offers expert support from Coveware by Veeam to assist with ransomware assessment, negotiation and recovery. This proactive and comprehensive approach helps reduce cyber risks, minimize business disruption and is now available for CrowdStrike users—providing complete protection across cloud, virtual, physical, enterprise applications and unstructured data. Available to Advanced and Premium Veeam Data Platform users, these integrations are now accessible to CrowdStrike customers via the CrowdStrike Marketplace.

Recent research conducted by Veeam and McKinsey reveals a concerning disconnect in organizational preparedness. While 30% of CIOs rate their data resilience as above average, fewer than 10% actually meet that standard. This misalignment carries significant consequences, with IT downtime costing Global 2000 companies more than
400 billion annually – averaging 200 million in losses per enterprise due to operational disruptions, recovery expenses, and reputational harm.

“Data resilience is critical to survival—and most companies are operating in the dark,” said Anand Eswaran, CEO of Veeam. “The new Veeam DRMM is more than just a model; it’s a wake-up call that equips leaders with the tools and insights necessary to transform wishful thinking into actionable, radical resilience, enabling them to start protecting their data with the same urgency as they protect their revenue, employees, customers, and brand.”

The Veeam DRMM provides organizations with a structured methodology to assess and enhance their resilience across three core dimensions: data strategy, people and processes, and technology. As the only industry framework developed by a consortium of experts, it offers a complete view of cyber resilience, disaster recovery, and operational continuity.

The study highlights that 74% of organizations operate at the two lowest maturity levels, leaving them vulnerable to extended outages and data loss. In contrast, companies achieving the highest maturity level recover from incidents seven times faster, experience three times less downtime, and suffer four times less data loss than their peers. Alarmingly, the research also found that 30% of CIOs at the least resilient organizations incorrectly believe their capabilities are stronger than they actually are, creating dangerous blind spots.

“Data resilience isn’t just about protecting data, it’s about protecting the entire business,” Eswaran continued. “This is the difference between shutting down operations during an outage or keeping the business running. It’s the difference between paying a ransom or not. It provides the foundation for AI innovation, compliance, trust, and long-term performance – including competitive advantage.”

Developed in collaboration with McKinsey & Company and validated by insights from more than 500 IT and security leaders, the DRMM has already delivered measurable results. Implementations include a healthcare network that reduced outage costs by $5 million per incident and a multinational bank that eliminated cyber incidents entirely after adopting the framework alongside Veeam’s platform.

Investments in data resilience yield substantial returns, according to the research. For every dollar spent on resilience measures, organizations typically see $3 to $5 in benefits—with some achieving returns as high as $10 through improved uptime, reduced incident costs, and greater operational agility. These tangible benefits have propelled data resilience to become the second-highest priority for IT leaders, surpassed only by cost optimization.

”As organizations increasingly recognize the growing risks associated with data outages and cyber threats, the report underscores the importance of a collective commitment from executives beyond the IT department, to data resilience,” said George Westerman, Principal Research Scientist at the MIT Sloan School of Management. “Data outages can severely impact customer-facing capabilities and erode shareholder trust of an organization. But even more, they can be a signal of immature IT management processes that have led to overly complex, hard to manage, IT infrastructure. The Digital Resilience Maturity Model highlights ways that businesses can equip themselves to handle today’s challenges while being ready for tomorrow’s opportunities.”

The DRMM categorizes organizational resilience into four progressive stages. At the Basic level, companies rely on reactive, manual processes with high exposure to risk. Intermediate organizations demonstrate reliability but struggle with fragmented systems lacking automation. Advanced enterprises take a strategic, proactive approach but may lack full integration. The pinnacle Best-in-Class tier represents fully resilient organizations leveraging autonomous operations and AI optimization.

Despite the benefits of cloud storage, including simplified security and the ability to accommodate growing volumes of data, many organizations still face obstacles. These include understanding and forecasting costs, improved efficiency, and acquiring the necessary expertise for effective configuration and management.

Veeam Data Cloud Vault addresses all of these. Veeam collaborated closely with Microsoft to develop this enhanced offering integrated with Azure Blob Cool Storage. It simplifies data storage management for backups and eliminates unpredictable cloud cost models, providing users with the confidence to securely store backup data in a Veeam-managed, logically air-gapped, always-immutable and encrypted offsite location for enhanced protection and reliable recovery, when needed. Veeam Vault also helps organizations minimize the duration of downtime through fast restores to both on-premises and Azure VMs.

“Given the value of data in a digital world and the growing risks to that data including cyber-attacks, organizations need a reliable and cost-effective path to data resilience,” said Niraj Tolia, Chief Technology Officer (CTO) at Veeam. “Veeam Data Cloud Vault provides secure and hassle-free cloud storage, eliminating management challenges and unpredictable pricing, and reinforces our strategic partnership with Microsoft. Our commitment to easy, secure, and predictable cloud storage for backups, further solidifies Veeam as the #1 global leader in Data Resilience. Veeam Data Cloud Vault introduces a new groundbreaking feature – predictable, low-cost cloud storage pricing – catering to the needs of Veeam users. With two new editions and seamless integration with Veeam Data Platform, this release further strengthens the partnership between Veeam and Microsoft by leveraging the power, scale and durability of Microsoft Azure.”

Aung Oo, Vice President, Azure Storage at Microsoft added, “Integrating Veeam’s Vault offering with the Veeam Data Platform simplifies the process for customers to safeguard their data and infrastructure. Given the increasing threats that customers must defend against, making data protection more accessible is crucial. By building Veeam Data Cloud Vault on Azure, with its diverse regional options, customers can meet their data residency and compliance needs. The combination of Azure’s secure cloud foundation and Veeam’s strengths in business continuity and disaster recovery (BCDR) provides an excellent end-to-end, anti-ransomware solution for customers.”

Veeam Data Cloud Vault follows a Zero Trust Data Resilience (ZDTR) approach that expands Zero Trust principles to include an organization’s backup environment. With Veeam Data Cloud Vault, organizations can align to the 3-2-1-1-0 rule and protect against cyber threats. This philosophy forms the foundation of a solid data protection strategy and data resilience initiatives, ensuring the integrity and availability of backups.

New key benefits of Veeam Data Cloud Vault include:

1. Security and Durability: Veeam Data Cloud Vault storage-as-a-service (STaaS) ensures data confidentiality, integrity and availability through Zero Trust storage architecture that is always immutable, encrypted, and air-gapped. With the new release, Veeam Data Cloud Vault now offers up to 12 nines of durability that protect against entire data centre failure. Veeam applies best-in-class security measures to protect organizations against cyber threats, and in particular threats against their backup repositories.
2. Predictability: Veeam Data Cloud Vault offers predictable, flat, per-TB pricing on two editions of cloud storage, inclusive of read/write requests, and egress fees. This enables organizations of all sizes to more predictably manage and control costs while receiving all the benefits of secure, cloud-based storage.
3. Simplified: Veeam Data Cloud Vault minimizes cloud and security skills gaps with on-demand, pre-configured and fully managed cloud storage built on Azure, directly integrated with the Veeam Data Platform interface. This includes the ability to procure, provision, and monitor Veeam Vaults directly from the Veeam Data Platform, as well as the ability to directly restore to on-premises and Azure VMs.

“Businesses face constant security threats, along with a need to balance their cyber resiliency goals with budgeting realities. In speaking with clients and based upon our own experience, one of the biggest challenges with using Public Cloud infrastructure is the unpredictable billing that can result,” said Russ Fellows, Head of Labs for The Futurum Group. “Veeam’s Data Cloud Vault helps companies enhance their security posture while also providing them with simple, all-inclusive, consumption-based pricing, making it a great option for businesses of all sizes.”

Veeam Data Cloud Vault brings predictable cloud storage pricing to the market across two new editions: Foundation and Advanced. Starting at $14 per TB, these editions align closely with customer use cases for cloud storage backup, offering a cost-effective and secure-by-default alternative to DIY solutions.

The survey results, which encompass the views of 500+ IT decision-makers from Belgium, France, Germany, the Netherlands, and the UK, revealed the state of play less than a month before this directive takes effect on Oct. 18. Although nearly 80% of businesses are confident in their ability to eventually comply with NIS2 guidelines, up to two-thirds state they will miss this imminent deadline.

Barriers to NIS2 Compliance
Achieving NIS2 compliance requires businesses to implement essential measures, such as defining incident response plans, securing supply chains, assessing vulnerabilities, and evaluating overall security levels. This includes all affiliated organizations, partners, and supply chains. However, several barriers to compliance persist. Key challenges cited by IT decision-makers include technical debt (24%), lack of leadership understanding (23%), and insufficient budget/investments (21%).

Notably, 40% of respondents reported decreased IT budgets since the political agreement for NIS2 was proclaimed effective in January 2023, despite its stringent penalties, which are comparable to those of the EU’s flagship data privacy legislation, the General Data Protection Regulation (GDPR). 63% of respondents view the GDPR as strict, and 62% express the same sentiment about NIS2.

Competitive Pressures Amid Cyberthreats
The slow pace of NIS2 adoption is likely due to the multitude of competing priorities and business pressures that face these organizations. Respondents rank NIS2 lower in urgency than ten other issues, including the skills gap, profitability, and digital transformation. Worryingly, 42% of respondents who consider NIS2 insignificant for EU cybersecurity improvements attribute this to inadequate consequences of non-compliance, which has led to widespread apathy towards the directive.

Additional key findings from the survey include:

1. 74% of respondents see NIS2 as beneficial, but 57% doubt it will have any substantial impact on the overall EU cybersecurity posture.
2. Sceptics cite additional concerns such as NIS2’s lack of comprehensiveness (35%), the belief that compliance doesn’t guarantee security (34%), and overlap with existing regulations (25%).
3. Other barriers include a lack of focus on NIS2 compliance (20%), tight timelines (19%), cybersecurity skills shortage (19%), directive complexity (19%), and organizational silos (19%).
4. Despite conflicting views, most respondents perceive NIS2 positively in the context of their organization’s regulatory obligations, feeling optimistic (33%), confident (32%), and encouraged (27%).

Andre Troskie, EMEA Field CISO at Veeam, stated, “NIS2 brings responsibility for cybersecurity beyond IT teams into the boardroom. While many businesses recognize the importance of this directive, the struggle to comply found in the survey highlights significant systemic issues. The combined pressures of other business priorities and IT challenges can explain the delays, but this does not lessen the urgency. Given the rising frequency and severity of cyber threats, the potential benefits of NIS2 in preventing critical incidents and bolstering data resilience can’t be overstated. Leadership teams must act swiftly to bridge these gaps and ensure compliance, not just for regulatory sake but to genuinely enhance organizational robustness and safeguard critical data.”

“Cyber threats are a reality for every single organization. It takes teamwork to fight this escalating battle against ransomware. We are excited to integrate with Palo Alto Networks to provide customers with capabilities to further strengthen their data resilience,” said Dave Russell, SVP of Strategy at Veeam. “This powerful integration enables our 550,000 customers to better protect their backups and respond to cyberattacks faster, tightening their security posture and helping to ensure reliable, rapid and trusted recovery.”

In today’s digital landscape, ransomware attacks are on the rise, with 96% specifically targeting an organization’s backups according to the Veeam 2024 Ransomware Trends Report. This alarming reality poses a significant challenge for IT and security leaders worldwide. Traditional tools struggle to scale for large enterprises, resulting in a high volume of alerts and overwhelming manual processes for security teams.

To combat these challenges and fulfil customer demand, Veeam and Palo Alto Networks have integrated technology to centralize, scale, and automate data monitoring and incident response. By integrating Palo Alto Networks AI-driven security operations centre (SOC) platform with Veeam’s industry-leading recovery capabilities, organizations can identify and respond to cyberattacks faster, helping to ensure the resilience of their business-critical backup data.

“We are thrilled to collaborate with Veeam, empowering organizations to respond and react more quickly to threats facing their critical data,” said Pamela Cyr, VP of Technical Partnerships at Palo Alto Networks. “By combining the power of Palo Alto Networks industry-leading AI-driven SOC platform with data resilience capabilities from Veeam we can help customers identify and respond to threats, ensuring the resilience of business-critical data. The new integration demonstrates our shared commitment to providing organizations with tools and technologies that help them proactively combat evolving cyber threats and strengthen their security posture.”

The integration introduces two new applications – the Veeam apps integrated with Cortex XSIAM and Cortex XSOAR that leverage a bi-directional API connection to monitor, detect, and respond to security incidents impacting critical business data and data backups. The Veeam app integrated with Cortex XSIAM brings data from Veeam Backup & Replication and VeeamONE environments into Cortex XSIAM, providing a centralized view of data and backup security-related activity. The Veeam App integrated with Cortex XSOAR enables regular API queries against Veeam Backup & Replication and Veeam ONE, monitoring for significant security events or alerts. Both applications are included at no charge to Veeam Data Platform Advanced and Premium customers.

Key customer benefits of the Veeam and Palo Alto Networks integrations include:

1. Centralize security operations: Obtain a comprehensive view of security operations across the entire environment, including the Veeam environment, to stop threats and improve situational awareness.
2. Easily configure critical security systems: Simplify setup and installation of Veeam apps with pre-configured monitoring and security dashboards, helping to ensure smooth and efficient onboarding.
3. Automate incident investigation and response: Eliminate alert fatigue and speed up incident response with AI-powered automation to deliver real-time, automated response to potential security threats in Veeam environments.
4. Scale security strategy with automation and AI: Monitor enterprise-scale environments without overwhelming security teams with burdensome alerts and manual processes.
5. Help maintain compliance and regulatory requirements: Ensure efficient and effective incident management while meeting recovery time objectives (RTO), recovery point objectives (RPO), and supporting industry compliance regulations with automated ransomware recovery.

“Many enterprises have over 100 security products, creating the necessary but very unwanted job of being a cybersecurity systems integrator. Veeam and Palo Alto Networks are looking to alleviate the integration burden with their new strategic partnership,” said Frank Dickson, Group Vice President IDC’s Security & Trust Practice. “The pairing of Palo Alto Networks’ platforms with Veeam’s data resilience capabilities enables the proactive identification of cyber threats and the centralization and automation of data monitoring and incident response, thus comprehensively protecting business-critical data across the entirety of the NIST Cybersecurity Framework: Identify, Protect, Detect, Respond, and Recover.”

As a launch partner for Microsoft 365 Backup Storage, Veeam is leveraging the latest Microsoft technology with Veeam Data Cloud for Microsoft 365 to deliver lightning-fast backup and recovery capabilities for large Microsoft 365 environments, ensuring organizations protect critical data against cyber-attacks and data loss scenarios, further enabling complete data resiliency. This solution further strengthens Veeam’s position in protecting Microsoft 365 users, with over 21 million users already under Veeam’s protection.

“One of the benefits of our multi-year strategic partnership with Microsoft is rapidly bringing new advances to our joint customers and partners. This new release combines the benefits of Veeam’s industry-leading technology – in both data protection and ransomware recovery – with the latest Microsoft 365 data resilience capabilities introduced by Microsoft, and extends them to even more customers using Microsoft 365. In addition, we’re making great progress in our joint innovation bringing the power and insights of Microsoft Copilot to the Veeam product family,” said John Jester, Chief Revenue Officer (CRO) at Veeam.

Microsoft’s new backup technology is seamlessly embedded inside Veeam’s backup service for Microsoft 365, combining the new high-speed backup and recovery capabilities with Veeam’s established and unmatched restore and eDiscovery options tailored to meet any potential data loss and compliance scenario. This powerful fusion, where speed and scale meet control and flexibility, empowers organizations with the best of both worlds. “The collaboration with Veeam is an advancement in assisting our shared clients with quick recovery after cyber incidents. We look forward to deepening our collaboration to improve data protection for users,” said Zach Rosenfield, Director of PM for Collaborative Apps and Platforms at Microsoft.

Veeam Data Cloud for Microsoft 365 with Microsoft 365 Backup Storage delivers:

1. Speed and Scale: This latest offering from Veeam and Microsoft is designed to manage large volumes of data seamlessly, with the ability to protect and restore 100+ TBs of data or 10,000+ objects. With this advanced solution, what used to take weeks or months is now accomplished within hours.
2. Disaster Recovery: This new solution offers bulk restores at scale, ensuring increased resilience to ransomware or malware attacks and minimizing downtime. Veeam Data Cloud for Microsoft 365 with Microsoft 365 Backup Storage empowers organizations to bounce back quickly from any data loss scenario. Organizations no longer have to choose between paying a ransom or enduring weeks or months of data restoration.
3. Future Readiness: As part of a new 5-year strategic partnership, Veeam is developing future solutions with Microsoft integrating Microsoft Copilot and Azure AI services to enhance data protection for Microsoft 365 and Azure. These solutions will simplify operations, automate administrative tasks, and allow organizations to allocate resources to business-critical initiatives, ensuring they stay ahead in a rapidly changing digital landscape.

“As adoption of Microsoft 365 increases, the volume and criticality of their associated data sets is also growing,” said Krista Macomber, Research Director at The Futurum Group. “Without the proper data protection solution, this can lead to highly time-consuming, cumbersome backup processes – ultimately resulting in delayed, missed, or incomplete backups. Equally an issue, it can also lead to slow and incomplete recovery processes. This cannot be afforded, especially given the need for resiliency against the onslaught of cyber-attacks. Veeam is directly addressing these challenges with the most recent update to its Microsoft 365 backup capabilities.”

“Businesses already have enough challenges when scaling their infrastructure quickly. TruScale Backup with Veeam brings them simplicity, not only in reducing IT complexity but also helps ensure their data is protected and under their governance no matter where it is located. With Veeam’s #1 data protection and ransomware recovery, our joint customers can spend their time focused on running their business,” said John Jester, Chief Revenue Officer (CRO) at Veeam.

Businesses need reliable backup and data recovery due to IT complexity and ever-evolving cyberthreats. According to Gartner, “By 2028, 75% of large enterprises will adopt BaaS compared to 15% in 2024”. A January 2023 survey by IDC indicated that 47% of respondents used on-premises Storage as a Service (STaaS), and another 32% planned to use it in 2023. The primary reasons they cited were the need to burst storage capacity on demand and speed storage deployment.

“Lenovo’s TruScale Backup with Veeam is a strong choice for Backup as a Service for several reasons. Not only does it give customers the tactical advantage of ransomware protection with immutability by default, but TruScale provides the right-sizing of the solution from the start, with cloud-like economics to scale up and down on demand. We’re happy to collaborate with Veeam to bring these benefits and more to our customers,” said Dale Aultman, Vice President & General Manager, Hybrid Cloud Services at Lenovo.

TruScale Backup with Veeam helps customers efficiently protect critical data and safely restore it in the event of a cyberattack. The service also helps customers easily follow the 3-2-1-1-0 best practice of securely storing data. Customers can easily create multiple copies of backed-up data at no additional cost to follow best practices and work towards meeting desired Recovery Point Objectives (RPOs) with zero errors in their backups.

Other key benefits of TruScale Backup with Veeam:

• Offers a cloud-like experience and economics on-premises.
• Helps improve backup reliability with granular, self-service virtual machine (VM) and file recovery.
• Relieves customer IT teams of day-to-day lifecycle tasks and capacity planning with on-demand scalability.

TruScale Backup with Veeam is available now.

Around 18 months ago, I was writing about the “endless journey” to Zero Trust. I used the word “endless” because Zero Trust is a mindset rather than a product or a destination – it’s a target to aim towards. Like many things in cyber, it’s a matter of constant evolution. You have to adapt to survive and thrive in your environment. Even the idea of Zero Trust has had to evolve with the times.

Changing with the times
A cat and mouse game, an arms race – call it what you want – security has always been about adapting and evolving to stay ahead of threats. Bad actors constantly experiment and move the needle to get ahead of their targets. This is exactly what has driven so much innovation across the industry since the first-ever cyber-attack took place. The security tools considered the benchmark, when I started my career 35 years ago, would be a paper shield against a modern cyber gang. It’s not just the tools that have had to evolve, but also the mindset – how we think about security and use the tools at our disposal has had to change.

Zero Trust is a prime example of this. Once, security was just around the perimeter, it was a moat around the castle, but once you were in, you were in. As more and more enterprises worldwide have adopted Zero Trust as a best practice, this has shifted. Security measures now need to be inside and outside – doors are locked, proof of identity is required, and people aren’t allowed access to parts of the castle if they don’t need to be there.

But the thing about evolution is that it never really stops.

Introducing Zero Trust Data Resilience
Even the most broadly used zero-trust models have a few fatal flaws in the modern environment. Namely, they lack any kind of guidance in pivotal areas like data backup and recovery. This gap is significant as recent attacks often attempt to target backup repositories. For example, according to the Veeam Ransomware Trends 2023 Report, ransomware attacks targeted backup repositories in at least 93% of attacks in 2022.

Data backup and recovery systems are critical parts of enterprise IT and must be considered as part of the security picture. They have read access to everything, they can write data into the production environment and contain full copies of the business’s mission-critical data. Simply put, following modern Zero Trust principles to the letter makes you fairly water-tight when it comes to ‘traditional’ security, but leaves a huge gap in the armour regarding backup and recovery.

But this is where we are. Zero Trust has become too limited in scope as threats have evolved, which is why the concept of ‘Zero Trust Data Resilience’ has been born. An evolution of Zero Trust, which essentially broadens the scope to ensure backup and recovery follow the same principles.

Bringing backup and recovery into the fold
The core concepts are the same. The principle of least privilege and assume breach mentality are still key. For example, backup management systems must be isolated on the network so that no unauthenticated users can access it. Likewise, the backup storage system itself must be isolated. Immutability is also key. Having backup data that cannot be changed or tampered with means if repositories are reached by attacks like ransomware, they cannot be affected by its malware.

Assuming a breach also means businesses shouldn’t implicitly ‘trust’ their backups after an attack. Having processes to properly validate the backup or ‘clean’ it before attempting system recovery is vital to ensure you aren’t simply restoring a still-compromised environment. The final layer of distrust is to have multiple copies of your backups – fail-safes in case one (or more) are compromised. The best practice is to have three copies of your backup, two stored on different media types, one stored onsite, and one kept offline. With these layers of resilience, you can start to consider your backup as Zero Trust.

Taking the first steps
With Zero Trust Data Resilience, just like Zero Trust, it’s a journey. You can’t implement it all at once. Instead, follow a maturity model where you gradually implement new practices and refine and evolve these over time. For example, if you don’t currently validate your backup data, start doing so manually and over time implement technology to automate and schedule routine validation processes.

The other key thing you need is buy-in – everyone in the organization must be on the journey together. Senior leadership is key to implementing any broad changes across an organisation, but so is educating across the business on new processes and their need. Finally, for Zero Trust Data Resilience especially, the security and wider IT operations teams must be aligned. Backup often falls under the responsibility of the latter, but as this becomes more and more crucial for security posture, the two need to work together to prevent security siloes or gaps.

The journey to Zero Trust is endless. So much so that the exact destination evolves. My advice to businesses is that while Rome wasn’t built in a day, it is better to start taking steps today, no matter how small, instead of postponing and being left behind.

Highlights of the Veeam Data Protection Trends Report 2024:

Cyber-Attacks are the #1 Cause of Outages: For the fourth straight year, cyber-attacks were listed as the most common and most impactful causes of business outages across organizations. The fact that other types of outages followed closely behind – infrastructure/networking, storage hardware, application software, public cloud resources, and server hardware – illustrated the growing need for modernized backup strategies.

Ransomware Continues to be a ‘When’ Not an ‘If’: 76% of organizations were attacked at least once in the past 12 months. While this number is down from 85% in 2023, 26% reported being attacked at least four times this past year. So according to the report, more organizations were hit quarterly than those who believe they were not attacked at all. Recovery is still a major concern, as only 13% said they can successfully orchestrate recovery during a DR situation.

Digital Transformation is Being Hampered by Cyber-Attacks: The survey ranked protecting against cyber threats and addressing environmental, social, and governmental goals as the biggest inhibitors to IT modernization and digital transformation initiatives. These factors scored higher than usual struggles related to skills, economic concerns and organizational issues, due to the amount of effort and resources that were being diverted from digital transformation or IT modernization investments.

Only 32% of organizations believe they can recover from a small attack, crisis or outage within a week: While most organizations consider cyber resiliency a foundational aspect of their broader business continuity or disaster recovery (BC/DR) strategy, BC/DR preparedness is not yet “passing” most SLA expectations. When asked how long IT would need to recover 50 servers, only 32% believed their IT staff could recover the servers within five business days. Other supporting statistics reflect the growing gap between what data protection business units expect and what IT services can deliver is increasing. When asked about their latest large-scale cyber/disaster test, less than 3 out of 5 (58%) servers were recoverable within expectations.

Data Protection Budget Increases are Accelerating: Data protection budgets are expected to grow by 6.6% in 2024. This is the second straight year the survey revealed that data protection spending growth will outpace IT spending growth.[ Gartner Forecast Alert: IT Spending, Worldwide, 2Q23 Update; Published: 06 September 2023 ID: G00795167; Analyst(s): John-David Lovelock, Linglan Wang] Overall, 92% of organizations expect to spend more on data protection in 2024 to continue to prepare against cyber-attacks as well as the changing production landscape that requires different approaches to data protection.

Data Protection and IT Security are becoming more integrated: For the second straight year, survey respondents consider the most common and most important aspect of a modern data protection solution to be one that integrates with cyber security tools. Two out of five (41%) consider some aspect of mobility in cloud scenarios as the most important characteristic of a modern solution, including the ability to move a workload from one cloud to another and the standardization of protection between on-premises workloads and IaaS/SaaS.

“Ransomware continues to be the biggest threat to business continuity,” said Dave Russell, VP of Enterprise Strategy at Veeam. “It’s the number one cause of outages today, and protecting against it is hampering digital transformation efforts. Furthermore, although companies are increasing their spending on protection, less than a third of companies believe they can recover quickly from a small attack. The findings in this year’s Veeam Data Protection Trends Report highlight the need for continued cyber vigilance, and the importance of every organization to ensure they have the right protection and recovery capabilities. It’s why Veeam’s mission in 2024 is to keep businesses running.”

Other notable insights from the report include:

• Most Organizations Are Using Containers But Not Backing Them All Up: Container usage continues to rise, with 59% of enterprises running them in production, and another 37% either rolling them out or planning to. Unfortunately, only 25% of organizations use a backup solution that is purpose-built for containers, while the rest of organisations back up only some of the underlying components – e.g., storage repositories or database contents. Neither tactic ensures that the applications and services will be resumable after a crisis, or even a simple import/configuration error that needs to be undone.

• 2024 Will See Significant Job Changes Outside the Organization: The fact that 47% of respondents expressed an intent to seek a new job outside of their current organization within the next twelve months represents both a challenge and an opportunity for data protection initiatives. While losing valuable data protection talent puts organizations at a significant disadvantage when crises inevitably strike, the market shift presents an opportunity to add knowledge to protect modern production workloads that reside in clouds, such as Microsoft 365, Kubernetes containers, or other IaaS/PaaS deployments.

• Hybrid Production Architectures are Forcing Reconsideration of ‘Backup ’: For the second straight year, the two most important considerations for “enterprise backup” solutions are reliability and the protection of cloud-hosted workloads (IaaS and SaaS). This is problematic for organizations relying on older datacenter-centric data protection solutions. As organizations move workloads from one platform or cloud to another, IT teams relying on legacy backup solutions that do not offer equitable protection of cloud-hosted workloads will struggle to maintain SLAs, particularly those that embrace cloud-native offerings like Microsoft 365/Salesforce (SaaS) or containers.

“The report shows that the sophisticated and ever-evolving cyber-threat landscape is impeding digital transformation initiatives that leadership teams are accountable for, and which are critical to the success of organizations today. With ransomware attacks on the rise in the Middle East, most organizations now consider cyber-resiliency (CR) as a foundational aspect of their broader business continuity/disaster recovery (BC/DR) strategy. Unfortunately, BC/DR preparedness is not yet ‘passing’ most SLA expectations. As organizations move workloads from one platform or cloud to another, IT teams are still relying on legacy backup solutions that do not offer equitable protection of cloud-hosted workloads. Here, increasing data protection budgets is only one part of the puzzle. The other part is investing budgets into data protection solutions that offer radical resilience through data security, data recovery, and data freedom purpose-built for today’s hybrid cloud demands” said Mohamad Rizk, Regional Director, Middle East & CIS at Veeam.

\Working alongside Veeam, ZainTECH will be able to offer its customers a comprehensive and cost-effective way to scale their backup requirements and data management systems. Veeam’s solutions are provided through strong alliance partnerships and seamless technology integrations with leading cloud providers, including Amazon Web Services (AWS), Microsoft Cloud, and Google Cloud. The company, which was founded in 2006, offers a complete solution that is simple, flexible, reliable, and powerful to help businesses transform the way they manage data and applications to help ensure availability across cloud, virtual, physical, SaaS, and Kubernetes environments.

Commenting on the agreement, Andrew Hanna, CEO of ZainTECH said, “This agreement underscores ZainTECH’s commitment to partnering with the best technology providers in the business to provide our clients with the most advanced array of products and solutions. With Veeam’s remarkable technology portfolio in data backup and recovery, we are confident that this collaboration will not only enrich but elevate our clients’ access to their invaluable digital assets and information.”

Mohamad Rizk, Regional Director of Veeam Solutions commented, “The market for Data Protection as a Service (DPaaS) is growing fast; projected to be worth 21$B in 2026. Furthermore, according to the 2023 Veeam Data Protection Trends Report, organizations want to achieve the goal of having 52% of their workloads in the cloud by 2024. This agreement reinforces our commitment to partner with the largest cloud providers in the region. With ZainTech, we will provide our customers with the best DPaaS services in the market while maintaining our promise for Data Security, Data Recovery, and Data Freedom for their Hybrid Cloud environment.”