IDC’s Global DataSphere Forecast estimates that global data volume will surge to 393.9 zettabytes by 2028. This growth puts business continuity, data protection, governance, and the cost of sustaining them under greater pressure. This turns resilience into an AI economics issue, where every additional dataset retained and protected compounds spend across storage, backup operations, compliance overhead, and downstream AI quality and remediation. In the UAE, this challenge is driving both government and enterprise efforts to harness data growth for AI innovation, while strengthening data sovereignty and secure digital infrastructure.
As World Backup Day approaches, the real question is not whether organisations are backing up more data or adding more cloud security controls. It is whether those investments are improving business resilience in a way that is economically sustainable. Backup cannot be treated as an insurance policy that simply expands indefinitely. Without clear retention policies and strong governance, data resilience programs become financially draining, operationally burdensome, and harder to justify.
The priority should be protecting the right data, at the right level, for the right recovery outcomes when disruption hits.
Governance is what makes resilience targeted, not indiscriminate
According to a report by PwC, 55% of respondents in the Middle East prioritise digital and technology risk mitigation over the next 12 months, compared to 53% globally. Understanding the data estate is where effective data resilience begins. Organisations need clarity on what data exists, how it is used, and what recovery expectations apply. Without that visibility, everything tends to be treated as equally critical, which quickly leads to oversized backup environments and unclear recovery priorities.
Governance provides the structure that allows organisations to prioritise protection. When datasets are classified according to business impact, protection levels can be tiered accordingly. Other datasets may be protected through lower-cost approaches or retained for shorter periods. Determining what is critical is not purely a technical exercise. It depends on business commitments and the consequences of disruption, such as regulatory penalties, contractual obligations, operational risk, or reputational damage. When organisations frame resilience decisions through the lens of governance, protection, and retention become deliberate choices aligned to business risk rather than default IT configurations.
Stop paying twice for bad data
When governance priorities are unclear, many organisations default to keeping and backing up data “just in case.” Over time, that approach creates large volumes of information that provide little operational value. Research from the Veritas Global Databerg Report suggests that up to 85 percent of stored data may be dark or redundant, obsolete, or trivial (ROT). Yet organisations still store and protect this data, expanding backup sets and increasing recovery complexity. Larger backup environments require more data to be validated and restored before trusted operations can resume. The impact extends beyond infrastructure costs.
In organisations adopting AI-driven workflows, the consequences may be magnified. Poorly governed data often flows directly into analytics pipelines and AI models, introducing noise and reducing reliability in the insights. The result is a cycle where organisations “pay twice” by investing resources to store and protect low-value data, and then investing again to correct the problems that data creates in downstream systems.
Recovery testing proves governance decisions work in production
Governance strategies only matter if they produce reliable recovery outcomes. Regular restore and disaster recovery testing validates whether protection tiers actually match business priorities. These tests often surface critical insights, such as data that was backed up but did not contribute to recovery, or systems that require stronger protection than originally assumed. They can also expose hidden dependencies across data pipelines, where data lineage helps teams restore in the right order to resume trusted operations without restoring everything.
Leaders can track a small set of indicators to maintain focus. These include whether disaster recovery plans are tested regularly, whether recovery time objectives are clearly defined, whether tests consistently meet those objectives, and what improvements are implemented after each cycle. Over time, this creates a feedback loop that strengthens governance. Insights from recovery testing inform cleanup efforts, policy updates, and operational improvements, helping organisations keep backup environments efficient and aligned with business needs.
Reducing data sprawl prevents resilience costs from compounding
In hybrid and multi-cloud environments, uncontrolled replication increases the volume of data that is secured, governed, and backed up. This adds to the total cost of AI adoption when data spreads across too many systems, copies, and unmanaged pathways.
That is why data movement into third-party SaaS platforms and external services should be treated as a deliberate governance decision, not a convenience. Once data leaves managed environments, visibility drops, controls become harder to enforce, and recovery becomes more difficult to coordinate.
Consistency across environments matters just as much. On-premises and cloud platforms need to be governed in the same manner to avoid managing and protecting data in fragmented ways that may encourage duplicate datasets and bloated backup environments. Open standards such as the Iceberg REST Catalog protocol can help by improving interoperability across engines and catalogs, reducing the need to create extra copies simply to make data usable across platforms.
The result is fewer duplicates, clearer ownership and retention, and a smaller, cleaner backup footprint that is easier to govern and manage, and costs less to maintain.
What leaders should take away?
World Backup Day should be a reminder for businesses in the UAE that resilience in modern enterprises is not about creating more copies of everything or piling on controls. It is about making intentional, governed decisions so organisations avoid carrying an ever-expanding bill for data that is redundant, obsolete, trivial, or simply unknown. Governance is the mechanism that optimises backup spend, shortens recovery, and improves AI reliability. With this, companies will stop paying premium prices to protect data they did not understand, did not need, or should not have kept in the first place.
This opinion piece is authored by Carolyn Duby, Field CTO and Cyber Security GTM Lead, Cloudera.
