Evolving World Backup Day: A Call to Go Beyond the Humble Backup

When World Backup Day was first introduced in 2011, backups were often an afterthought – something businesses knew they needed but didn’t prioritise. It served primarily as an insurance policy against natural disasters and hardware failures rather than cybercrime, and businesses rarely considered testing recovery or protecting their backups.

As businesses face more sophisticated attacks, such as ransomware that targets backups directly through backup deletion and corruption, organisations must go beyond merely backing up data to implementing a data resilience strategy. This not only means protecting backups by ensuring they remain reliable and recoverable in the face of an attack, but also incorporating other aspects of resilience that backups rely on and interoperate with.

Today, World Backup Day is more than just a reminder to backup data; it underscores the need for individuals and businesses to make comprehensive data protection, security and cyber resilience a top priority. Especially at a time when almost seven out of 10 Hong Kong companies were estimated to have experienced cyberattacks in 2024, and their cybersecurity readiness remain at “basic” levels.

From backup to data resilience

Backup has evolved from keeping a copy of data stored away – once considered purely in the infrastructure and operations IT domain. Instead, it has become part of many businesses’ holistic cybersecurity strategy and is employed alongside endpoint security and exfiltration prevention. Ultimately, data backup forms a single arm of an overall data resilience strategy that needs to consider recovery, security, portability, and with AI, even intelligence.

In the data resilience context, the approach to data backup in particular, has changed to include data security considerations. This includes:

•Immutable backups: In today’s threat landscape, cyberattacks commonly target both data availability and confidentiality - two critical pillars of the CIA triad (Confidentiality, Integrity and Availability), With 87% of ransomware attacks in Q4 2024 already involving data exfiltration, organisations must be prepared for criminals to target data intergrity. Ensuring backups are immutable – meaning they cannot be modified or deleted – helps businesses protect their data in the face of these evolving cyberattacks.

•Automated threat detection: Since backups are a prime target of ransomware attacks, early warning systems are crucial for a timely and effective response. Continuous monitoring of backup environments for suspicious activity allows businesses to identify and mitigate threats before they escalate. These systems also provide cybersecurity teams with valuable threat intelligence and early indicators of compromise, a further enabling the timely and informed response to incidents.

•Rapid recovery capabilities: Having backups is essential, but it’s only the first step. Organisations must regularly test recovery processes and implement orchestration processes to streamline business restoration should the unthinkable happen. The human element is equally as important as the technology – key stakeholders must understand their roles and responsibilities in the recovery process to ensure efficient restoration of critical systems.

Security teams should also consider leveraging backup environments for proactive threat hunting and security testing. By using backup snapshots as a forensic tools, organisations can analyse historical activity, detect persistent threats and improve their security posture without impacting production environments. Organisations can also incorporate AI and automation in their data resilience strategy. For example, Veeam Intelligence leverages AI-powered insights to significantly reduce recovery time and improve threat visibility.

As the volume of data grows and cyber threats evolve, backup is no longer solely about recovery, it’s a frontline defence against cybercrime. Organisations that treat backup as a strategic cybersecurity asset rather than just a simple recovery tool will be better equipped to withstand modern threats and maintain operational resilience.

Growing regulatory pressures make evolution from backup to data resilience necessary

As backup has evolved from an afterthought to a necessity, governments have also recognised the importance of data resiliency, implementing regulations that better prepare businesses for cyber threats. For example, in Hong Kong, the Protection of Critical Infrastructures (Computer Systems) Bill is currently being considered by LegCo, which will require designated operators of critical infrastructures to take appropriate measures to protect their computer systems and minimise impact from cyberattacks.

With the evolving cybersecurity landscape and developing legislation, having a backup and recovery strategy in place is no longer a ‘nice to have’, it must evolve into a comprehensive data resilience strategy. Not only will this bring together data backup, recovery, security, portability, and intelligence, it’s essential to ensure compliance and business continuity.

Attributed to Anthony Spiteri, Regional CTO APJ, Veeam and James Finlay, Lead Director of Incident Response APJ, Coveware by Veeam