Veeam Leaders on Cyber Resilience, Ransomware Shifts, and the Future of Data Recovery

Cyberattacks today are not just about breaching systems—they’re about testing the very resilience of organisations. With ransomware getting smarter, extortion attacks rising, and even backup data coming under fire, the battle has moved from prevention to preparedness. The question is no longer whether an attack will happen, but how ready an organisation is to bounce back.

For Veeam, data resilience is more than a business strategy. The company's leadership underscores this message strongly and a pivot to building a Cyber-Surakshit Bharat. Through initiatives like Suraksha and Sakshamta in India, the company is working to strengthen both capability and awareness, ensuring resilience becomes a cultural mindset, not just a technical process.

In this conversation with CiOL, leaders from Veeam Software, Sandeep Bhambure, Managing Director & VP, India & SAARC; David Allott, Field CISO, APJ; and Keith SNG, Field CTO, APJ share  insights into ransomware trends, the evolving role of CISOs, and how organisations can rethink backup, recovery, and resilience for the digital-first era. Excerpts.

To start, could you explain the idea behind Suraksha, how it aligns with Veeam, and its role in advancing cyber resilience in India?

Sandeep Bhambure: Veeam is a leading company in data resilience space. Veeam Software is widely regarded as a leader in data resilience. The scale we’ve achieved in India is a reflection of our global track record.

However, the larger goal is not just about revenue, but about helping Bharat achieve its mission of becoming a Viksit (developed) and Cyber-Surakshit Bharat. This cannot be achieved in a single day by simply educating people or investing in technology—it’s a journey and a continuous process.

Within this mission, two pillars are critical: Cyber-Sakshamta (capability) and Cyber-Saksharta (awareness/education). As the number one player, and with over a decade of commitment to India, we’ve invested heavily here. Our software development centres in Bengaluru and Pune reflect our Make in India commitment.

Through Suraksha and Sakshamta drives, we are working with universities to integrate data resilience into curricula and offering best practices, frameworks, and whitepapers for organisations. In short, our mission is to make Bharat both cyber-capable and cyber-aware—a blend of education, strategy, awareness, and capability.

You also released a ransomware report today. What stood out for you in this year’s findings compared to last year?

David Allott: The first big change is the shift towards cyber extortion. Attack groups are finding more value in pure extortion over traditional ransomware.

Second, we’re seeing more targeted attacks—sometimes a mix of extortion and ransomware, sometimes purely extortion.

The good news is ransomware payments are declining as organisations invest more in resilience. But challenges remain—particularly in aligning people, processes, and capabilities to strengthen defences.

How has the role of the CISO evolved in response to these threats? And how do “AI for security” and “security for AI” come together?

David Allott: A CISO’s role is increasingly that of an enabler. They’re balancing AI-assisted attacks with AI-driven defence. They also act as referees internally, ensuring accountability across business units.

At the same time, regulatory pressures are mounting, making boards and leaders more accountable. CISOs must ensure organisations are both compliant and resilient in the face of evolving threats.

A CISO’s role is to be an enabler for the business, and I think they’re spending a lot of their time trying to understand where the threat landscape is heading. They’re dealing with both AI-assisted attacks and AI-driven defense tactics — it’s a constant cycle of adapting and staying ahead.

When it comes to backup and recovery, what are some of the challenges you’re seeing and how are organisations addressing them?

Sandeep Bhambure: While ransomware attacks have slightly reduced, infiltration attempts are on the rise. Groups like LockBit being disrupted has helped, but 70% of customers still faced ransomware in the last 12 months.

A worrying trend is that 90% of these attacks targeted backup data, and in 34% of cases, attackers succeeded in corrupting repositories. Paying ransom doesn’t help—70% of those who paid were attacked again.

Another issue is the resilience perception gap. While 70% of organisations rated themselves highly resilient, only 8% were truly best-in-class. This gap is what attackers exploit.

From Veeam’s perspective, how do you translate these challenges into opportunities for customers?

David Allott: We launched the Data Resilience Maturity Model (DRMM), co-developed with McKinsey. It provides a roadmap for organisations to benchmark resilience and measure progress.

Keith SNG: We follow DRMM with one-on-one workshops, helping customers adopt features like immutability and inline malware scanning to improve resilience.

Sandeep Bhambure: Customers take two approaches—self-managed via the Veeam Data Platform (VDP) or fully managed SaaS via Veeam Data Cloud (VDC). Many adopt a hybrid approach. Within VDC, offerings like Microsoft 365 backup are growing at record pace, protecting over 23.5 million users. Together, these deliver end-to-end resilience across preparedness, incident management, and recovery.

Finally, recovery time objectives (RTOs) are becoming a hot topic. Are these now part of SLAs and KPIs?

Sandeep Bhambure: Veeam is a pioneer in recovery speed. According to IDC, our recovery is up to five times faster than competitors. Instant Recovery enables massive restores in minutes, not hours. Being hardware-agnostic gives customers flexibility and cost savings.

Keith SNG: On Veeam Data Cloud, Vault Storage will soon allow instant recovery to Azure in under five minutes. We’re also enhancing Continuous Data Protection to extend beyond VMware to physical workloads—accelerating replication to the cloud.

Key Takeaways from the Conversation

Cyber resilience today goes far beyond backup and recovery—it’s about awareness, capability, and speed. From the rise of extortion-based threats to the widening resilience perception gap, enterprises must move faster than attackers. Veeam’s message is clear: building a Cyber-Surakshit Bharat demands a mix of education, preparedness, and innovation, where recovery becomes a measure of business strength, not just IT efficiency.