World Backup Day, on March 31, is all about data protection, but industry observers are calling for more.
"Backup and recovery remain critical, but they are no longer enough on their own. As organisations operate across increasingly-distributed environments, protecting critical data requires a broader approach that brings together strong cybersecurity, resilient network architecture, and the ability to restore access quickly and securely," said Nitin Ahuja, VP and GM, Asia Pacific and Japan, Aryaka.
"Taking a more holistic view across data, applications and systems can help organisations strengthen business continuity, reduce operational risk and stay resilient against evolving cyberthreats."
Resilience was one of the dominant themes in comments from industry observers this year.
 |
| Data storage infographic generated by Google Gemini (Nano Banana 2). |
"Trust in data is one of the most valuable assets any organisation has. Backups are the final line of truth when AI can invent information, ransomware can lock it away, and a single misconfiguration can ripple through an entire system in minutes," observed Chee Pin Chua, VP, Southeast Asia and Korea, Veeam Software.
"World Backup Day is a timely reminder for boards and IT leaders to strengthen data resilience and ensure comprehensive backup strategies are in place. It’s no longer just about recovering data — it’s about keeping the business operational and confident in the integrity of the data it relies on. Too many organisations still manage risk reactively, when real progress starts with resilient, trusted data."
The resilience theme also dominated for Cohesity. "True resilience comes from strengthening every layer of defence and the confidence of recovery with speed and scale. That means ensuring data is not only backed up, but also protected, continuously assessed for threats, and recoverable to a clean and secure state. This includes capabilities such as immutable backups, proactive threat detection, incident response readiness, and coordinated recovery processes across IT and security teams," said Lim Hsin Yin, VP of Sales for the ASEAN Region, Cohesity.
"Today, backup must play a more strategic role in enabling secure recovery. In the event of a cyber incident, the priority is not just restoring systems quickly, but restoring them safely, ensuring data is free from compromise and does not reintroduce threats into the environment. This requires the right processes, validation, and cross-team coordination, not just technology alone," noted Lim from Cohesity.
"Ultimately, organisations that treat backup as a standalone IT task risk falling short. Those that embed it as part of a structured, multi-stage approach to cyber resilience are far better positioned to withstand attacks, recover with confidence, and minimise disruption in an increasingly complex threat landscape."
"This World Backup Day is a call for every organisation to recognise that true resilience is not measured in gigabytes, but in the confidence to recover what matters most," said Remus Lim, Senior VP, Asia Pacific, Cloudera.
"As data estates expand across cloud and on-premise systems, many organisations fall into the trap of storing more data rather than more efficient data management, leading to rising costs and unclear recovery priorities. Effective governance allows businesses to classify and prioritise data based on impact, ensuring that critical systems can be restored quickly while avoiding unnecessary overhead."
"Resilience today is less about volume and more about precision. Businesses must shift from backing up everything to protecting what truly matters — the right data at the right level for the right recovery outcomes. Strong data governance offers clarity into the data that exists and how it is being used; clear retention policies and regular recovery testing help ensure that backup investments are aligned to business priorities, while supporting trusted AI adoption," Lim from Cloudera said.
Kumar Mitra, Executive Director & GM, Infrastructure Solutions Group, Central Asia Pacific and ANZ, Lenovo, made the distinction between backup and disaster recovery.
"Backup is often mistaken for disaster recovery, but the two are not interchangeable. As organisations scale AI across business operations, particularly inferencing to extract real-time value from data, resilience strategies must evolve to support always-on, distributed workloads across cloud, core, and edge," Mitra said.
"Organisations should treat resilience as a strategic priority, ensuring data is protected, systems remain continuously available, and infrastructure is optimised for both performance and sustainability in an AI-driven world."
"World Backup Day is an important reminder of the ever-increasing likelihood that your organisation will be the next cyberattack target. While backup remains essential, today’s threat landscape means businesses need to think more broadly about recovery, resilience and what it takes to restore operations with confidence after an attack," said Sean Deuby, Principal Technologist, Semperis.
"Backups matter not simply because they preserve data, but because they enable recovery: a backup does not help you if you cannot recover with it. As cyberthreats continue to evolve, especially through the growing use of AI, organisations need to create a clean recovery environment and restore critical systems quickly, securely and outside the control of threat actors," Deuby elaborated.
"That means broadening recovery strategies to account for the underlying infrastructure that enables the business to function, particularly identity systems, which are central to access, control and trust across the organisation. You cannot assume that threat actors will leave any of your critical systems alone."
Matthew Oostveen, VP & CTO, Asia Pacific & Japan, Everpure, said backup excellence cannot rely on 'set and forget' processing. "World Backup Day 2026 is a timely reminder, but in an era of weaponised AI, "set it and forget it" is a
recipe for disaster. True peace of mind comes from an interconnected ecosystem: a secure data platform,
connected threat detection, and a dynamic response plan that treats data as your most valuable, and
most vulnerable, asset," Oostveen said.
"Ransomware recovery SLAs (service level agreements) have become a new gold standard. In many regulated industries globally, the ability to restore critical services in a matter of hours is no longer a goal—it is a baseline requirement," Oostveen added, listing resilience mandates around the world including DORA in the EU, CPS 230 in Australia and MAS’s TRM guidelines in Singapore.
"Regulators are no longer just asking 'how do you prevent an attack?' but 'how fast can you recover?' For the modern enterprise, an outdated backup strategy isn't just a technical risk, it’s now a major compliance failure. If your primary storage is locked down for a forensic investigation by insurers or law enforcement, you need a strategy that provides an alternative, operational environment immediately."
The top three threats named pose a high risk of data loss and outages. Ransomware and cyberattacks topped the list of threats identified by business leaders, with 67%* citing them as risks they dread most in the year ahead. AI-related risks – including data leaks, algorithm bias and uncontrolled automation – ranked behind at 29%, signalling that emerging AI-driven threats are already a mainstream boardroom concern.
“In today’s AI-powered world, trust in data is every organisation’s most valuable asset. Backups are the last line of truth in a world where AI can fabricate, ransomware can encrypt, and a single misconfiguration can cascade across an entire infrastructure in minutes,” said Dave Russell, Senior VP and Head of Strategy at Veeam.
Veeam said the risk posed by outages has eclipsed even economic recession: more than three quarters (76%) of organisations reported they would not survive more than three days of downtime if their organisation suffered a complete data outage in the next day.
Further, over four in 10 (44%) IT leaders were not confident*** their organisations could recover all critical data within 24 hours of a major cyberattack or data loss event.
The consequences are profound, Veeam said: loss of customer trust, damaged reputation, regulatory fines, compliance failures, and, for many, the threat of total business collapse. The research also found that boards and leadership teams are falling short in governing AI risk and resilience. According to the survey, 38% of boards or leadership teams surveyed have never formally discussed AI-driven or emerging attack types, leaving organisations exposed and undermining trust in their AI capabilities.
Without clear ownership and consistent accountability, organisations risk reactive responses to threats rather than proactive, trust-driven strategies for AI and data resilience, Veeam warned.
The Veeam Data Resilience Survey was conducted by Censuswide, among a sample of 4,283 CISOs, CFOs, CIOs, VPs of IT, IT Directors (natural fallout of exact job role) in companies with a minimum of 250 employees in the UK, US, Germany, France, Australia and New Zealand. The data was collected in November 2025.
*Thirty-five percent of respondents who answered ransomware and other cyberattacks, as well as 32% of respondents who answered cyberattacks (not resulting in an outage)
**Respondents who answered ‘Very likely’ or ‘Somewhat likely’
***Respondents who answered ‘Strongly agree’ or ‘Somewhat agree’
****Respondents who answered ‘Less than 4 hours, please specify’ or ‘4–23 hours’ or ‘Between one day and a week’ or ‘More than a week up to a month’ or ‘More than a month, please specify in months’
Hashtag: #WorldBackupDay
No comments:
Post a Comment