Veeam Study Reveals IT Budgets Shifting to Cyber Prevention from Digital Transformation

News Desk -

Share

Veeam Software, a company in modern data protection, has released its fourth annual Data Protection Trends Report to gain insight into how data protection is changing in the digital age.

According to the survey, businesses are rising resources to combat cyberattacks, keep up with the diversification of production environments across different clouds, and manage more complicated hybrid IT infrastructures. IT executives believe they are not appropriately protected as a result. Improving backup success and reliability is a top priority for enterprises this year, followed by making sure that the protection provided by Infrastructure as a Service (IaaS) and Software as a Service (SaaS) is comparable to the protection they rely on for workloads focused on datacenters.

Highlights of the Veeam Data Protection Trends Report 2023:

  • Ransomware is the biggest hindrance to Digital Transformation: Due to its burden on budgets and manpower, ransomware and the current volatile cybersecurity landscape are taking priority for IT teams. This is causing IT resources and budgets to originally

allocated towards Digital Transformation initiatives to pivot to cyber prevention.

  • Data protection budgets are increasing: According to the report, globally, organizations anticipate a 6.5% increase in their data protection budget in 2023, which is higher than the budget planned for other IT areas. Among the 85% of organizations that plan to increase their data protection budget, the average planned increase is 8.3%. Additionally, these organizations tend to also invest more in cybersecurity tools.
  • Container-centric workloads are growing in popularity: Containers, and more specifically Kubernetes, show all the characteristics of a mainstream production platform, with the same kinds of data protection strategy disparities as seen in early adopters of SaaS five years ago or virtualization 15 years ago. 52% of respondents are currently running containers, while 40% of organizations are planning to deploy containers – and yet, most organizations are merely protecting the underlying storage, instead of holistically protecting the workloads themselves.

Danny Allan, CTO and Senior Vice President of Product Strategy at Veeam said “IT leaders are facing a dual challenge. They are building and supporting increasingly complex hybrid environments, while the volume and sophistication of cyberattacks is increasing.”

Allan added “This is a major concern as leaders think through how they mitigate and recover business operations from any type of disruption. Legacy backup approaches won’t address modern workloads – from IaaS and SaaS to containers – and result in an unreliable and slow recovery for the business when it’s needed most. This is what’s focusing the minds of IT leaders as they consider their cyber resiliency plan. They need Modern Data Protection.”

The Middle East & African market throw up some interesting findings:

The IT landscape and sentiment in 2023 in the MEA region

Hybrid IT continues to be the norm, with a relatively even balance between servers within the data centre and those that are cloud hosted

  • This year, organizations in the Middle East & Africa reported:
  • 29% of physical servers within data centres
  • 25% virtual machines within data centres
  • 46% of cloud-hosted server instances
  • Serverless or container-centric workloads continue to grow in popularity, with 49% of respondents running containers in production in 2022

Mohamad Rizk, Regional Director, Middle East & CIS at Veeam said “Following the adage of, ‘When you modernize production, you must modernize protection’, data protection strategies must be equally inclusive of physical, virtual, and cloud-hosted workloads. In addition, one should plan for workloads moving across clouds and even back on premises; and again, the data protection strategy should accommodate that fluidity.”

Protection and Availability Gap in the MEA region

  • 78% have an “Availability Gap” between how quickly they need systems to be recoverable and how quickly IT can bring them back
  • 79% have a “Protection Gap” between how much data they can lose and how frequently IT protects their data

Rizk added “The MEA findings of the Veeam Data Protection Trends Report 2023 largely mimics the global results, which find that there is a big chasm between business expectations and IT delivery when it comes to data protection. In an era of hybrid cloud, it is important to recognize that some cloud-hosted offerings are natively durable; implying that in certain circumstances, the availability gap might be closing. Meanwhile, the protection gap still exists as much, if not more in cloud services as it does within the data centre because most cloud providers do not back up their ‘subscribers’ data.”

He continued “To be fully transformative, enterprises in Middle East & Africa need to optimize every dollar of their IT budgets and make sure the right workloads and applications are prioritized and protected, and a simple, flexible, reliable and powerful modern data protection solution is in place – one that protects all environments – Cloud, Virtual, Physical, SaaS and Kubernetes. Only then can enterprises ensure they’re sufficiently protected and ready for turbulent times ahead.”

Ransomware in the MEA region

Ransomware attacks continue to be more frequent

  • Only 14% experienced no ransomware attacks in 2022
  • 18% experienced only one attack
  • 48% experienced two or three attacks
  • And 21% experienced four or more attacks in 2022
  • 45% of organizations stated that ransomware (including both prevention and remediation) was their biggest hindrance to Digital Transformation or IT modernization initiatives, due to its burden on budgets and manpower
  • When organizations were asked about their most significant attacks suffered in 2022:
  • 39% of their entire production data set was successfully encrypted or destroyed
  • Only 55% of the encrypted/destroyed data was recoverable

Finally, Rizk concluded “Ransomware is indiscriminatory – every business is a target. Rather than be gripped with fear at the prospect of being attacked, organizations must focus on what they can control – their defence. The fundamental principles of how to prepare defences against even the most sophisticated and powerful ransomware stay relatively the same. The first is the practice of impeccable digital hygiene. All employees must be trained to identify suspicious content and be warned of the impact that malpractice using work devices can lead to. Secondly, all businesses must prepare for their defences to fail. Concepts such as zero trust and deploying techniques such as two-factor authentication can be useful for restricting the access an attacker has to data. The best way to protect data is to ensure that it has been securely backed up and is fully recoverable before an incident takes place with the 3-2-1-1-0 backup rule – there should always be at least three copies of data, on at least two different types of media, at least one off-site and one immutable or offline, with zero unverified backups or errors.”


Leave a reply