Veeam Software, the #1 leader by market share in Data Protection and Ransom Recovery, recently unveiled key insights from its fifth annual Veeam Data Protection Trends Report in January.

An independent research firm surveyed 1,200 IT leaders and implementers across 10 countries in EMEA, APJ, and the Americas to assess their IT data protection challenges and strategies for 2024–all of whom were enterprises with at least 1,000 employees. This broad-based market study is conducted annually on Veeam’s behalf to understand how the data protection market continues to evolve, so that Veeam can ensure product strategies and market initiatives align with where the market is going.

Despite companies expressing intentions to increase spending to fortify defenses against cyber-attacks, the survey paints a worrisome picture for IT leaders who find themselves increasingly uneasy and less confident in their ability to safeguard and restore mission-critical data. For the fourth consecutive year, cyber-attacks remain the top cause of outages, and a large percentage of respondents expressed doubt about being able to recover from even a small crisis in under a week.

“The findings in this year’s Veeam Data Protection Trends Report highlight the need for continued cyber vigilance, and the importance of every organization to ensure they have the right protection and recovery capabilities. It’s why Veeam’s mission in 2024 is to keep businesses running,” said Dave Russell, acting CTO at Veeam.

Let’s take a closer look at the results of the report.

• Causes of Outages: In addition to cyber-attacks, other common outages include infrastructure/networking, storage hardware, application software, public cloud resources, and server hardware. These outages illustrate the growing need for modernized backup strategies.
• 76% of Organizations were Attacked by Ransomware: Ransomware remains an inevitable threat. Although the percentage has decreased from 85% in 2023, 26% reported experiencing at least four attacks in the past year. Notably, 25% claimed no attacks, which should be noted with caution since many security firms warn that the attacker can be lurking in your environment for 60 to 200 days prior to incurring damage or asking for the ransom. If true, then a high percentage of those respondents may simply have not discovered the breach yet. Thus, more organizations were hit quarterly than those who believe they were not attacked at all. Recovery remains a significant concern, with only 13% of respondents expressing confidence in their ability to orchestrate recovery during a disaster recovery (DR) situation.
• Digital Transformation is Being Hampered by Cyber-Attacks: The survey identified safeguarding against cyber threats and addressing environmental, social, and governmental goals as the primary obstacles to IT, modernization and digital transformation initiatives. These challenges received higher priority than typical struggles related to skills, economic concerns, and organizational issues. This prioritization was attributed to the substantial diversion of effort and resources away from digital transformation or IT modernization investments.
• Only 32% of organizations believe they can recover from a small attack, crisis or outage within a week: The preparedness in business continuity and disaster recovery (BC/DR) falls short of meeting SLA expectations for many organizations. In the latest large-scale cyber/disaster test, only 58% of servers were recoverable, with just 32% expressing confidence in their IT staff's ability to recover 50 servers within five business days. These results underscore a growing disparity that organizations must address to align their envisioned resiliency with the operational realities of data protection and recovery in today's dynamic landscape.
• 92% of organizations expect to increase their data protection budgets for 2024: Data protection budgets are expected to grow by 6.6% in 2024. Two years in a row the survey revealed that data protection spending growth will outpace IT spending growth.
• Increased Integration of Data Protection and IT Security: For the second consecutive year, survey respondents consider the most common and most important aspect of a modern data protection solution to be one that integrates with cyber security tools. Two out of five (41%) consider some aspect of mobility in cloud scenarios as the most important characteristic of a modern solution. This includes functionalities such as seamlessly transferring workloads from one cloud to another and establishing standardized protection measures across on-premises workloads and IaaS/SaaS (News - Alert) platforms.
• Most Organizations Use Containers But Don’t Back Them All Up: Container usage continues to rise, as 59% of enterprises have them in production, and an additional 37% are either in the process of rolling them out or planning to do so. However, the drawback is that merely 25% of organizations employ a backup solution specifically designed for containers. The majority opt for a partial approach, backing up only specific components like storage repositories or database contents. Unfortunately, neither approach guarantees the resumability of applications and services post-crisis, or even after a simple import/configuration error that may require undoing.
• 2024 Will See Significant Job Changes Outside the Organization: The intention of 47% of respondents to explore new job opportunities beyond their current organization in the next twelve months poses both a challenge and a chance for data protection initiatives. Although the potential loss of skilled data protection professionals may disadvantage organizations during crises, the shift in the job market also provides an opportunity to bring in expertise to safeguard contemporary production workloads in cloud environments, including Microsoft (News - Alert) 365, Kubernetes containers, or other IaaS/PaaS deployments.
• Hybrid Production Architectures are Forcing Reconsideration of ‘Backup’: The top priorities for "enterprise backup" solutions are reliability and safeguarding cloud-hosted workloads (IaaS and SaaS). This poses challenges for organizations dependent on outdated datacenter-centric data protection solutions. As businesses transition workloads between platforms or clouds, IT teams relying on legacy backup solutions face difficulties in maintaining Service Level Agreements (SLAs), especially with the adoption of cloud-native services such as Microsoft 365/Salesforce (SaaS) or containers.

If you would like to read the full report, visit https://vee.am/DPR24, and for more information, go to www.veeam.com.