Veeam Data Protection Trends Report: A Look at the Data Protection Industry Landscape

The company presented the results of its annual report, which revealed that organizations will increasingly invest funds in backup solutions. In addition, the importance of having BaaS and DRaaS services is highlighted. Jason Buffington, Veeam’s VP Market Strategy, and Dave Russell, VP Enterprise Strategy, discuss the study’s main findings.

Veeam Data Protection Trends Report is a study that has been published for 5 years and focuses on analyzing the main trends and challenges of the data protection industry. In late 2023, an independent consulting firm, at Veeam’s request, surveyed 1,200 IT leaders from more than 200 organizations to gain insight into the current cybersecurity landscape.

The company held a virtual event to analyze the results of this report, with the participation of Jason Buffington, VP Market Strategy of Veeam, and Dave Russell, VP Enterprise Strategy.

As the first outstanding result of the research, 54% of organizations are considering changing their BackUp solutions in 2024. This does not necessarily imply that all these companies will effectively change solutions, but they are considering it, which demonstrates a general disagreement with the current level of protection they handle. This year, organisations will increase their data protection budget much more than in IT.

On the other hand, the study followed the behavior of organizations since 2020 and, until after the pandemic, there were no significant changes in the way they hosted their servers. Already entering 2024, companies have their physical servers in the data center (28%) or virtual machines in the data center (27%), while the remaining 45% hosts their servers in the cloud with one of the hyperscalers or Service Providers.

“The ecosystem is becoming more complex and has more workloads and data. At the same time, ransomware is increasing, so backup solutions become fundamental”

-Dave Russell

Aside from knowing the intent of organizations to change their backup solutions, the Veeam Data Protection Trends Report inquired about why they seek to do so. The first reason among respondents was to improve the confidence and success of backup organizations. Secondly, there is the ability to detect and remediate a cyberattack or ransomware. And thirdly, being able to diversify or use different data protection tools for different workloads.

Now, what are the goals that organizations hope to meet once they change their Backup solutions? “Most organizations seek to integrate data protection with cybersecurity tools. Backup experts and security solutions know there’s a lot more they can do to interact better. They also look for mobility and ease of management through the cloud, to be able to move their workloads from one cloud to another,” explained Jason Buffington.

“We must solve the problem everywhere. The datacenter is not going to disappear, the cloud just comes to make things a little simpler. Enterprise backup must be both IaaS and SaaS”

Jason Buffington

In addition, organizations were questioned about the main challenges to face the digital transformation process in the next 12 months. First, cyber threats appear as the biggest problem, along with the ability to meet sustainable, social and government goals. Secondly, there is a lack of competence to implement new technologies.


According to the Veeam study, as far as cloud is concerned, 74% of organizations perform BackUp on Microsoft 365.

Another question within this survey was how likely organizations are to choose to use Backup as a Service or Disaster Recovery as a Service services for their servers in the next 2 years, to which 88 per cent of the organizations responded in the affirmative.

“Cybercriminals are using up-to-date ransomware and mail phishing strategies, powered by AI, whereby organizations opt for BaaS and DRaaS to prevent these accidents and have response methods,” said Veeam’s VP Enterprise Strategy.

On the other hand, there is a shift in the preferences of organizations over the years, increasingly tending to cloud infrastructure models or working with a DRaaS provider, rather than multiple self-managed data centers. Veeam says this is something with great potential for the industry.

“If you’re a small or inexperienced organization, you don’t have multiple data centers and you probably don’t have experts who know how to develop a disaster recovery plan, but a cloud provider does. Working with a Cloud Provider gives you the capacity and expertise you don’t have in Disaster Recovery, and therefore in cyber resilience, to know how to strengthen yourself after an attack,” Buffington said.

“It is always important to do our back up in the cloud, and so ‘take the data out of the building’. Baas and DRaaS are inevitable”

-Dave Russell

Cyber Resilience

In the last 4 years, cyber attacks were the main cause of problems in organizations, secondly, problems in infrastructure and networking. Ransomware attacks, for example, are a methodology that grows and becomes increasingly sophisticated.

75% of organizations suffered ransomware attacks in 2023. However, when someone enters our system, they can be up to 200 days without performing an action, only monitoring the environment to find out the strengths and weaknesses of the organization’s system. For this reason, 25% of the organizations surveyed believe that they have not been attacked.

“Unlike natural disasters, such as hurricanes or earthquakes, which we can prevent and take action in advance, cyber attacks, especially ransomware, can happen at any time, and we need to be prepared. It is not a question of whether we will receive a ransomware attack, but of when we will receive it,” said Dave Russell.

Another aspect that is relevant in the Veeam Data Protection Trends Report is that, during the Disaster Recovery tests carried out by companies, 2 of 5 servers could not be recovered when needed. In these cases, almost half of the organizations (49%) say that, in the face of these cases, they will take manual actions to restart their production. This involves great risks, as these are critical situations, where the capabilities and resources of companies are compromised.

“Let’s think about it in our daily life, no one is prepared to lose 2 out of 5 photos of their children, of their wedding. It’s 40% of the total, imagine having to tell your boss that 40% of his activity is suspended, and it gets worse, because they can’t get back to normal production fast. This will not be possible without proper workload orchestration,” added Veeam’s VP Enterprise Strategy.

The Future of Industry

To conclude, the experts analyzed the last question that was asked to those interviewed in the report, which was “how many were looking for a new job outside their current organization?”. Forty-six per cent of respondents said they are considering this possibility.

In this context, Jason Buffington proposed 3 possible scenarios for the future of the industry:

  • Caution: organisations may lose their experts, which would put them at a disadvantage in the face of an inevitable crisis scenario.
  • Opportunity: They can recruit new talents with skills that will help them prepare for cyber attacks and learn how to protect modern clouds.
  • One possible answer: choosing BaaS, DRaaS and CRaaS Managed Service Providers can be a great help for the future.