Insight, News, Security

Organisations Fall Short on Data Protection, while Budgets Rise to Tackle Mounting Cyber Security Challenges

DUBAI, UAE, 22nd February, 2022: The disconnect between business expectations and IT’s ability to deliver has never been more impactful, according to the Veeam Data Protection Trends Report 2022, which found that 89% of organisations are not protecting data sufficiently. Veeam Software, the leader in backup, recovery and data management solutions that deliver Modern Data Protection, found that 88% of IT leaders expect data protection budgets to rise at a higher rate than broader IT spending as data becomes more critical to business success and the challenges of protecting it grow in complexity. More than two-thirds are turning to cloud-based services to protect essential data.

The Veeam Data Protection Trends Report 2022 surveyed more than 3,000 IT decision makers and global enterprises to understand their data protection strategies for the next 12 months and beyond. The largest of its kind, this study examines how organisations are preparing for the IT challenges they face, including huge growth in use of cloud services and cloud-native infrastructure, as well as the expanding cyber-attack landscape and the steps they are taking to implement a Modern Data Protection strategy that ensures business continuity.

Anand Eswaran, Chief Executive Officer at Veeam.

“Data growth over the past two years [since the pandemic] has more than doubled, in no small part to how we have embraced remote working and cloud-based services and so forth”, said Anand Eswaran, Chief Executive Officer at Veeam. “As data volumes have exploded, so too have the risks associated with data protection; ransomware being a prime example. This research shows that organisations recognise these challenges and are investing heavily, often due to having fallen short in delivering the protection users need. Businesses are losing ground as modernisation of ‘production’ platforms is outpacing their modernisation of ‘protection’ methods and strategies. Data volumes and platform diversity will continue to rise, and the cyber-threat landscape will expand. So, CXOs must invest in a strategy that plugs the gaps they already have and keeps pace with rising data protection demands”.

The data protection gap is widening

Respondents stated that their data protection capabilities cannot keep pace with the demands of the business, with 89% reporting a gap between how much data they can afford to lose after an outage versus how frequently data is backed up. This has risen by 13% in the past 12 months, indicating that while data continues to grow in volume and importance, so do the challenges in protecting it to a satisfactory level. The key driver behind this is that the data protection challenges facing businesses are immense and increasingly diverse.

For the second year in a row, cyberattacks have been the single biggest cause of downtime, with 76% of organisations reporting at least one ransomware event in the past 12 months. Not only is the frequency of these events alarming, so is their potency. Per attack, organisations were unable to recover 36% of their lost data, proving that data protection strategies are currently failing to help businesses prevent, remediate and recover from ransomware attacks.

“As cyberattacks become increasingly sophisticated and even more difficult to prevent, backup and recovery solutions are essential foundations of any organisation’s Modern Data Protection strategy”, said Danny Allan, CTO at Veeam. “For peace of mind, organisations need 100% certainty that backups are being completed within the allocated window and restorations deliver within required SLAs. The best way to ensure data is protected and recoverable in the event of a ransomware attack is to partner with a third-party specialist and invest in an automated and orchestrated solution that protects the myriad data centre and cloud-based production platforms that organisations of all sizes rely on today”.

Businesses face a data protection emergency

To close the gap between data protection capabilities and this growing threat landscape, organisations will spend around 6% more annually on data protection than broader IT investments. While this will only go some way to reversing the trend of data protection needs outpacing ability to execute, it is positive to see CXOs acknowledge the urgent need for Modern Data Protection.

As cloud continues its trajectory to becoming the dominant data platform, 67% of organisations already use cloud services as part of their data protection strategy, while 56% now run containers in production or plan to in the next 12 months. Platform diversity will expand during 2022, with the balance between data centre (52%) and cloud servers (48%) continuing to close. This is one reason 21% of organisations rated the ability to protect cloud-hosted workloads as the most important buying factor for enterprise data protection in 2022 and 39% believe IaaS/SaaS capabilities to be the definitive attribute of Modern Data Protection.

“The power of hybrid IT architectures is driving both production and protection strategies through cloud-storage and Disaster Recovery utilising cloud-hosted infrastructure”, concluded Allan. “The benefits of investing in Modern Data Protection go beyond providing peace of mind, ensuring business continuity and maintaining customer confidence. To balance expenditure against strategic digital initiatives, IT leaders must implement robust solutions at the lowest possible cost”.

Other key findings from the Veeam Data Protection Trends Report 2022 include:

  • Businesses have an availability gap: 90% of respondents confirmed they have an availability gap between their expected SLAs and how quickly they can return to productivity. This has risen by 10% since 2021.
  • Data remains unprotected: Despite backup being a fundamental part of any data protection strategy, 18% of global organisations’ data is not backed up — therefore, completely unprotected.
  • Human error is far too common: Technical failures are the most frequent cause of downtime with an average of 53% of respondents experiencing outages across infrastructure/networking, server hardware and software. 46% of respondents experienced cases of administrator configuration error, while 49% were hindered by accidental deletion, overwriting of data or corruption caused by users.
  • Protecting remote workers: Only 25% of organisations utilise orchestrated workflows to reconnect resources during a disaster, while 45% run predefined scripts to reconnect resources running remotely in the event of downtime and 29% manually reconfigure user connectivity.
  • Economic drivers remain critical: When asked about the most important factors when purchasing an enterprise data solution, 25% of IT leaders are motivated by improving the economics of their solution.

Commentary and insights from Claude Schuck Regional Director, Middle East at Veeam Software

Claude Schuck Regional Director, Middle East at Veeam Software.

Protection and Availability Gap in the Middle East

  • 80% of UAE organisations and 82% of Saudi organisations have a protection gap between how much data they can afford to lose after an outage and how frequently data is backed up.
  • 80% of UAE organisations and 76% of Saudi organisations have an availability gap between their expected SLAs and how quickly they can return to productivity.
  • 98% of UAE organisations and 97% of Saudi organisations experienced unexpected outages within the last 12 months.
  • On average, 17% of UAE organisations’ and 18% of Saudi organisations’ data is left completely unprotected.

“The UAE and Saudi (the two biggest IT markets in the Middle East) findings of the Veeam Data Protection Trends Report 2022 largely mimics the global results, which find that the gap between business expectations and IT delivery, when it comes to data protection, continues to widen and has never been worse. As the proportion of applications that organisations consider mission-critical increases, so too does the volume and variety of cybersecurity threats. Entire industries face a data protection emergency and businesses across the world are looking for ways to accelerate their strategies to protect data, remediate cyber-attacks and recover from systems outages”.

“To be fully transformative, Middle East enterprises need to be anchored with key technologies provided by virtualisation, hybrid cloud and Kubernetes. Companies who succeed in accelerating their adoption of a Modern Data Protection strategy will put in place solid foundations to gain competitive advantage from digitisation. It will enable them to experience the lower cost points and flexibility of public cloud, leverage the security and proximity of private cloud, and fast-track their development cycles by deploying Kubernetes, with the assurance that their data is protected across their entire infrastructure”.

Ransomware in the Middle East

  • 86% of UAE organisations and 84% of Saudi organisations suffered ransomware attacks, making cyber-attacks one of the single biggest causes of downtime for the second consecutive year.
  • Per attack, organisations in UAE were unable to recover 34% of their lost data on average, while Saudi organisations were unable to recover 37% of their lost data on average.
  • 81% of UAE organisations and 81% of Saudi organisations were unable to recover at least some of the data they had lost.

“For businesses in the Middle East to win the ransomware battle, they must possess the capability for education, implementation and remediation. The best remedy for a security breach is prevention. This can be improved through education of employees, ensuring that cyber-attackers are not being gifted access to the data and systems they need to initiate a ransomware attack. The next strategy is implementation: offsite and offline backups to mitigate the effects of ransomware. Veeam advocates the 3-2-1-1-0 rule. There should always be at least three copies of important data, on at least two different types of media, with at least one off-site, one offline, with zero unverified backups or backups completing with errors. Finally, businesses need a plan for remediation. Do not pay the ransom. The only option is to restore data. Implementing a full Backup and Disaster Recovery plan gives organisations the ability to recover data in event of a ransomware attack, minimising the risk of financial and reputational damage”.

Need for Modern Data Protection in the Middle East

  • 88% of UAE organisations and 86% of Saudi organisations plan to increase their data protection budgets during 2022 – spending an average of around 7% more than in 2021.
  • 52% of UAE organisations’ data infrastructure is currently located in the data centre, with 48% now hosted in the cloud. 49% of Saudi organisations’ data infrastructure is currently located in the data centre, with 51% now hosted in the cloud.
  • 69% of UAE organisations and 76% of Saudi Arabian organisations are already running containers in production, while 29% and 22% respectively plan to do so in the next 12 months.

“It is clear from the survey that businesses in the Middle East are investing more and taking steps to ensure that their organisations’ data protection strategy is fit for purpose given the continual increase in data criticality and constantly evolving threat landscape. To provide a strong foundation for Digital Transformation, IT leaders must implement robust Modern Data Protection strategies at the lowest possible cost. The “new normal” for modern IT is approximately 50/50 between on-premises servers and cloud-hosted servers. As such, an optimal and future-proof data protection strategy needs to accommodate physical, virtual and multiple cloud-hosted or cloud-native options. It should give businesses confidence that their data is protected and always available across all production platforms. Through a single backup and data management platform for cloud, virtual, physical, SaaS and Kubernetes, Modern Data Protection enables organisations to modernise backup and recovery, secure data against ransomware, and improve application performance.  All of which lead to improved business efficiency and cost-effectiveness”.

The full Veeam Data Protection Trends Report 2022 is available for download at

Previous ArticleNext Article


The free newsletter covering the top industry headlines