As cybercrime accelerates and ransomware continues to pose a significant threat, with 73% of UK & Ireland (UK&I) organisations experiencing at least one attack in the past year and 18% suffering four or more, businesses are feeling more vulnerable than ever.
This according to the Veeam Data Protection Trends Report 2023, writes Alex Walsh, channel and alliances director UK & Ireland at Veeam.
While many organisations struggle to manage current threat levels, they cannot afford to reduce their cybersecurity budgets otherwise they run the risk of leaving themselves exposed. The threat level is rising so fast that market research firm Canalys predicts that spending on cybersecurity services will increase by 14% to $144.5 billion this year, with investment increasing the most among governments and larger enterprises.
This correlates with Veeam’s research where UK&I respondents said they plan to increase spend on Modern Data Protection solutions (that encompass cybersecurity) by 8.4%. As a business with a 100% channel market, we believe this provides a huge opportunity for our partners to work closely with end-user organisations to help them make investments that strengthen and optimise their security posture. It also means cybersecurity provision will become one of the biggest growth areas for the channel this year.
What, however, are the key issues that UK&I businesses face, and what role can channel partners play to facilitate more resilient, secure, organisations?
Protection gap leaves organisations’ data exposed
According to Veeam’s latest annual research into Modern Data Protection trends, four out of five organisations within the UK&I believe they have a disconnect between what business units expect and what IT services can deliver. Eighty-three percent have an ‘availability gap’ between how quickly they need systems to be recoverable, following an incidence of downtime and how quickly IT can bring them back. Eighty-one percent also reported a ‘protection gap’ between how much data they can afford to lose before it impacts the business and how often that data is backed up or protected.
While implementing security technologies, such as anti-virus, anti-spyware and intrusion detection tools, to reduce exposure to cyber-attacks, businesses must up the focus they have on the processes and plans that will help them in the event of an attack. Veeam’s view is that the last line of defence against ransomware is fast recovery from secure, immutable backups.
The success or failure of a company following a ransomware attack (or other outage) depends on their ability to recover all of their data fast and get back to business. The recency and quality of backups is a basic need, but the instant and automatic ability to restore and recover is what separates a good strategy from a great one.
Not only can this address protection and availability gaps, it also thwarts the success of cybercriminals who increasingly target backup repositories. 88% of EMEA ransomware attacks targeted backups last year, of which 74% were successful making this a growing area of concern. Particularly as only 52% of their encrypted or destroyed data was recoverable after these attacks.
Furthermore, the vast majority of organisations only backup their data once a week or once a month, and sometimes as little as once a year. In a 24/7/365 world, this clearly isn’t going to cut it in terms of effecting a swift recovery even against ‘normal’ IT hardware, software and communications outages. It is woefully inadequate when trying to protect organisations against, or recover them from, cyberattacks and ransomware.
Embracing a modern data protection solution
Modern production environments – where data can live in virtual, physical, cloud, SaaS and Kubernetes ecosystems – need Modern Data Protection.
A single data platform that automates the entire process, so that organisations can backup files, folders and systems regularly and without human intervention, ensure testing is taking place on a regular basis and that can orchestrate immediate recovery without placing additional pressure on already strained IT and security teams. Especially if companies can also achieve the lowest possible operational overheads and add value to business and IT functions alike.
Having identified the type of solution required, a fundamental step in developing a tailored robust backup and recovery strategy is knowing exactly what data is ‘mission critical.’ Also, how soon the data needs to be recovered, and how recent said data needs to be in order to resume ‘business as usual’.
Firms must recognise that not all data is equal as this will inform recovery priorities and data storage approaches. Once they’ve identified their Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs), they can develop the secure backups that will be an integral part of both wider business – as well as cyber-resilience, rapid recovery and continuity strategy.
End-user firms can then have confidence that they can fend off cyber-attacks, and that robust data recovery is available to them.
How the channel can help – talent and expertise
With over 35 000 active partners and 450 000 end-customers serviced by our ProPartner network globally, Veeam’s channel gives businesses access to unrivalled expertise and knowledge. The network is a mix of very different partner profiles and roles representative of the wider channel IT sector: for example, VARs, cloud and service providers, SIs and more.
This means that whatever data protection challenge or issue an organisation has, it won’t be new, and by working with the channel a solution can be crafted to that firm’s specific needs.
Fifty-nine percent of global organisations said they’d find it difficult to respond to a cybersecurity incident due to widening cybersecurity skills gaps (an increase of 26,2% on the previous year). Such lack of expertise is making it harder for organisations to identify, and put adequate data and cyber protection in place, as well as increasing their risk and likelihood of suffering security breaches and compromised recovery.
The experience mentioned above is good news for the channel which is in a strong position to address this growing issue as they are able to fill talent gaps with the right expertise. Organisations are then free to outsource more of their data protection requirements so they can focus on other business priorities.
In addition, vendors often encourage channel partners to develop competencies and to partner with one another too. While organisations are increasingly interconnected, the deep skillset of the channel ecosystem and the ‘partner with partner’ approach means they can become even more of an enabler when it comes to helping customer organisations achieve digital transformation projects that have modern data protection baked in.
This will help to solve the data security and backup challenges many firms face.
Channel partners can help organisations build resilient infrastructure and recommend more mature security programmes, as well as help to design and implement them. Such support is invaluable given the complexity and severity of the threat landscape, and cybercriminals’ relentless pursuit of new attack vectors.
Building a collaborative and secure future
With cyberthreats like ransomware, it’s not a matter of ‘when,’ or ‘if’ companies will be affected, but ‘how often.’ Keeping up with expanding threats alone is no good. Anticipation and ensuring immediate, fast recovery from a secure, immutable data source is the vital defence. In a complex, interconnected world, vendors and the channel must work together to help their customers in building a chain of cyber resilience.
Having resilience through data security, recoverability and freedom across and throughout the IT environment brings significant business opportunities – for end-customers and the partners who support them.
Modern data protection helps companies maintain data availability and agility to make the most of their digital transformation programmes, and adopt new ways of working for competitive advantage. The channel is integral to that process, helping customers close their availability, protection and skills gaps via the support, expertise and solutions partners deliver.