Backup and disaster recovery solutions came into the market in 1978. At the time, however, the primary concerns were driven by power outages. In some parts of Asia, this remains true today. The Morris worm that hit 10% of internet-connected computers in a span of 24 hours, may have ushered the strategy of wiping systems to get rid of malware – a practice that is still done these days as a last resort.
Today, with more businesses relying on cloud services to conduct business, it is not surprising that the cloud backup market, alone, is expected to grow from US$4.57 billion in 2023 to US$13.85 billion by 2028, growing at a CAGR of 24.84%.
The primary driver for adopting cloud backup across businesses is the need for agility and flexibility in the face of accelerating innovation and disruptions from competitors due to the increase in cloud adoption.
With so much depending on the cloud, Abhilash Purushothaman, vice president and general manager (Asia) at Rubrik, says in the past backup was primarily designed to address low-frequency, high-impact security events.
"Due to the challenge of slow networks, the emphasis was on fast data transfer to minimise the backup windows," he explained. "With speeds having increased across the region since, moving the data fast is no longer today's problem. What exists today is high frequency, high impact problems in the name of cyber events - which is why organisations are looking at resilience rather than recovery."
Has the cloud made backups obsolete?
Purushothaman claims that traditional backups are becoming obsolete due to the changing digital landscape and data explosion. "Instead of just solving recovery problems," he opined, "reimagining backups as a means of achieving data protection and cyber resilience is crucial."
He posited that in today's world, backups have become the last line of defence against cyberattacks, especially in regions like Asia, which saw the highest ransomware attacks globally in 2022.
"Focusing on resilience and recovery alongside prevention is imperative, and cyber resilience is crucial to safeguard critical data sources like backups."
Abhilash Purushothaman
In the prevalence of hybrid cloud, how do you apply cyber resilience?
Gartner says cloud-inspired operating models, advanced flash technologies, cybersecurity and data insights are among the top enterprise storage trends of 2023. Purushothaman concurs and adds that data is dispersed across various sources, lacking a single source of truth.
While Gartner recommends that infrastructure and operations leaders must prioritize those technologies and storage platforms to stay ahead of business demands, Purushothaman suggests businesses with legacy and cloud-native operations face data distribution challenges and uncertain security postures.
He goes on to commend that cyber resilience must go beyond simple backup, focusing on understanding data posture across on-premises, private and public clouds, user activities, and sensitive data discovery. "This holistic approach forms a true cyber resilience strategy, accounting for data's diverse locations and threats," he explained.
Asked if it is better for organisations to select which solution they should go for or to limit the number of options available to them, Purushothaman commented that large enterprises grapple with tech debt while startups benefit from cleaner tech platforms. Post-COVID, businesses adopt two pillars: running the show and growing the business.
"Run the business" teams manage complexity with compromise, dealing with legacy systems. "Grow the business" teams innovate, leveraging cloud and digital strategies.
"Although convergence is expected, no single solution fits all due to differing technical debts and reliance on existing technologies. Overall, the Asian tech market has evolved significantly in the last five years, emphasising future investments over preservation," said Purushothaman.
Actionable options to mitigate risks
According to Purushothaman, organisations are increasingly adopting an "assumed breach" strategy. It is an outdated notion that internal networks are secure, as evidenced by 93% of recent ransomware attacks occurring externally.
He added that ransomware assailants now target backups, with 72% annihilating them. "This necessitates a collaborative approach between infrastructure and security teams to ensure robust data protection. Executives, security teams, and boards must scrutinise backup technologies," he opined.
What is the best way to optimise backups?
"Our strategy revolves around a hybrid multi-cloud environment. Organisations should prioritise understanding their current data security posture, including the location of critical data assets," said Purushothaman.
He suggested that identifying the “crown jewels” and high-risk data becomes essential. He went on to explain that many large enterprises lack this insight due to hybrid and widespread data distribution.
"An initial step is assessing these crown jewels, followed by gauging associated risks. To secure these crown jewels, intentional investments across cloud, private cloud, and legacy systems for uninterrupted operations are needed for peace of mind," said Purushothaman.
How do we mitigate that risk to backup and recovery at ease?
The cybercrime sector, especially ransomware attacks, is rapidly expanding. Emphasising data security over just infrastructure is crucial. The recent Zero Labs survey shows, that with the low data recovery rate, paying ransoms is not an effective strategy.
"Looking ahead, data resilience becomes an ecosystem-driven, shared responsibility. In this AI-driven landscape, technology serves both good and bad purposes, requiring advanced threat detection and response strategies," Purushothaman concluded
Click on the Podchat player and hear Purushothaman share his perspective on backup strategies for the digital-native economy.
- In the digital economy, how important is backup and recovery?
- Given what you just highlighted about innovations in storage and speed, do you think the cloud has made backup obsolete?
- How do you apply cyber resilience when organisations are adopting hybrid cloud strategies?
- What major trends do you see shaping up in the cloud backup marketplace?
- There are a variety of hybrid cloud backup solutions in the market. There is always a potential for this availability of different approaches to create confusion and in some cases even gaps in an organisation's ability to protect its data.
- Do you think it is better for organisations to limit the selection of solutions to a few?
- If yes, how does the CIO/CTO decide what criteria to narrow the window of available offerings?
- What is the best way to optimise backup where the IT strategy revolves around a hybrid cloud?
- Given Rubrik's experience in backup and recovery events, what trends can we expect in the years to come?