According to MarketPulse research conducted by Foundry, 97% of IT Leaders feel confident in their backup and recovery posture. However, despite this confidence, 83% of organizations experienced data loss in the past year. Additionally, the average recovery time is currently nine hours, with only 4% of surveyed companies able to recover in under an hour.
The expert sentiments we received for World Backup Day overwhelmingly pointed to closing this paradox gap by shifting the focus from having backups to testing backups. Read on to hear what they have to say about realigning company focus to resilience and recovery.
Backup is a Resilience Problem
In 2026, the biggest shift in data protection is that failures are no longer driven solely by data loss, but by systems behaving incorrectly while appearing operationally healthy. As organizations adopt AI-driven and autonomous workloads, traditional backup strategies—designed for static systems—are increasingly misaligned with how data, state, and dependencies evolve in real time. Emerging risks now include silent data corruption, cascading failures across integrated systems, and the inability to restore system behavior even when data is successfully recovered.
Most enterprises still treat backup as a storage problem rather than a resilience problem, which creates critical gaps in recovery.
Organizations need to rethink backup as part of a broader runtime resilience strategy—one that includes state awareness, dependency mapping, and validation of system integrity after recovery, not just restoration of data.
Varun Raj, Enterprise AI & Cloud Platform Leader, Kyndryl
Watch for Malicious Code Hidden in PDFs
A Shift To Evidence-Grade Resilience
World Backup Day is a useful reminder that most organizations still think about resilience too narrowly. In 2026, the real issue is not whether data exists somewhere else. It is whether critical records can be restored quickly, trusted, verified, and used in context when a business actually needs them.
AI-driven threats are raising the stakes because they are attacking not just systems, but confidence in the integrity of records. A copied file is not the same thing as a defensible business record. For customer-facing organizations, conversations are a major blind spot. Calls, chats, transcripts, notes, and metadata often live in different systems, which makes recovery fragmented and audit response slow.
The shift I expect to see is from backup thinking to evidence-grade resilience. That means preserving interactions as complete, portable, verifiable records with metadata and chain of custody intact, so teams can recover both the data and the business context around it. The organizations that handle this best will treat backup, compliance, and AI-readiness as part of the same infrastructure decision.
Ben Herron, Co-Founder, VCONify
You Can’t Protect What You Can’t See
Last year, we ran our security toolkit against a real company’s infrastructure as a benchmark. We found 47 vulnerabilities. Hardcoded secrets. Exposed API keys. Cloud misconfigurations. S3 buckets that shouldn’t have been public.
None of that has anything to do with backups on the surface. But here’s the connection most people miss: a hardcoded credential gets exploited, and suddenly the backup doesn’t matter, because the attacker has been inside the system for weeks, and every backup you have is compromised too.
Backup strategy in 2026 isn’t about frequency. It’s about scope. And scope requires visibility.
Tudor Brad, Managing Director, BetterQA
The Recovery Plan Matters As Much as Backup
Most organizations still think about backup as an “IT checkbox”, and that exact mindset is what gets them in trouble when something actually goes wrong. What’s changed this year is that AI-driven ransomware can identify and target backup systems specifically, so having a backup isn’t enough anymore if it’s sitting on the same network as everything else.
In document-heavy environments like healthcare and legal, which is a lot of what we deal with, the recovery plan matters as much as the backup itself because restoring a terabyte of files means nothing if you can’t prove chain of custody or version integrity.
The honest gap I see most often isn’t technical, it’s that nobody’s actually tested the restore process until there’s a crisis, and that’s a terrible time to find out your backups are three months stale.
Moe Rosenfeld, CIO, eCopier Solutions
Focus on Rapid Recovery and Resilience
World Backup Day is a reminder that cyber resilience isn’t just about business continuity; it’s about preserving data that could shape your organization’s future.
In today’s AI era, data has become the most valuable competitive asset, and as cyberattacks continue to escalate, robust security measures are an essential piece of the data infrastructure. It’s no longer enough to focus solely on prevention; rather, organizations must focus on rapid recovery and resilience. That means layered protection and redundancy through various levels of infrastructure to safeguard critical data, including immutable, encrypted backups that remain secure even if primary systems are compromised.
Economical, scalable storage has become a form of insurance: the better you index, preserve, and protect your data today, the more valuable it becomes tomorrow. At the same time, however, data snapshots and redundancy remain essential for quick recovery in the event of a cyberattack or data loss, making current workflows resilient and ready for future use.
Roland Rosenau, SE Director, EMEA, Quantum
Regularly Test Backups
In 2026, the biggest gap in any backup strategy is the assumption that having backup software means you can recover your data. But a completed backup job and a recoverable backup are two very different things. Human error remains the primary cause of data loss and AI-driven threats have raised the stakes considerably by enabling attackers to move faster and target backup infrastructure directly. Either way, organizations that regularly test their data and system recovery and ensure their backup environment is isolated from their production systems (e.g., using a NAS device solely for backups) are the ones that will hold up under pressure. That’s why this year’s World Backup Day is a great opportunity for IT teams and MSPs to shift their focus from “Are we backing up?” to “Can we actually recover, and how quickly?”
Nathan Fouarge, VP of Strategic Solutions, NovaBACKUP
Why Backup Alone Can’t Protect Data at Petabyte Scale
Conventional backup strategies were designed for a world of megabytes and gigabytes, not today’s environments where enterprises routinely managetens or even hundreds of petabytes and billions of files.Traditional backup assumes data grows slowly and that organizations can tolerate hours or even days before recovery begins. But for modern data-driven businesses, those assumptions are no longer realistic.
On a massive scale, the idea of simply backing up everything becomes unrealistic: traditional systems cannot move hundreds of terabytes per hour or scan billions of files fast enough to keep up with modern data growth.
As data volumes explode across hybrid infrastructures, from on-prem storage and cloud environments to distributed teams, the challenge isn’t simply making copies of data. Organizations must be able to recover the right data instantly when something goes wrong, whether due to ransomware, accidental deletion, or system failure.
To do this, data protection must become an integral part of the data platform itself. Organizations need to move beyond traditional backup strategies toward continuous data availability, where every change to data is recorded in real time and where data can be instantly restored to any point in time. By embedding protection directly into the data path, every file change — such as writes, deletions, or renames — can be captured as it happens, ensuring an organization can always recover its data quickly and effectively.
Jason Lohrey, CEO and Founder, Arcitecta
Storage Architecture Has Become A Strategic Decision
World Backup Day is a useful reminder, but for enterprise and data center operators, the conversation has moved well beyond backup. The real focus today is data resilience: the ability to ensure that critical data remains durable, accessible and protected against an increasingly complex threat landscape.
AI is fundamentally changing the nature of enterprise data. Organizations are no longer just storing data. They are managing a continuously expanding asset base of inference logs, model checkpoints, synthetic datasets and telemetry streams that compound in volume with every cycle of refinement. The value of any given dataset may not be fully understood until years after it was created.
This is where storage architecture becomes a strategic decision. Ransomware resilience, data immutability and air-gapped architectures are no longer optional considerations for diligent enterprise infrastructure teams. They are foundational requirements. At the same time, the economics of protecting data at scale demand intelligent tiering. Storing everything on high-performance flash is financially unsustainable. High-capacity HDDs remain the backbone of cost-efficient, scalable data resilience strategies, and can provide the density and throughput economics that allow enterprises to retain data long enough to realize its full value.
Brad Warbiany, Director of Planning & Strategy, WD
Backup Strategies Need to Evolve
We’re now in what I’d call the ‘Downtime Era,’ where the cost of being offline often outweighs the ransom itself. With incidents and AI-enabled attacks contributing to roughly $400 billion in annual losses, backup strategies need to evolve.
Today, success isn’t just about completing a backup but how quickly and safely you can recover. We look at MTCR (Mean Time to Clean Recovery), which measures how fast you can restore systems with verified, malware-free data to maintain business continuity during an attack.
One effective approach that is often overlooked is to revisit concepts around traditional air-gapped backups. In the past, tape backups were physically isolated from networks, making them immune to online threats. Today, organizations can apply that same principle through network segmentation – creating isolated recovery vaults that only connect during backup windows and remain disconnected otherwise, reducing exposure to attacks.
Jim Atria, senior live online lead instructor, MyComputerCareer
Measuring Resilience
There’s still a common misconception that backup is about storage. In reality, it’s about how fast and reliably you can recover:
In media and broadcast operations, this gap becomes critical. It’s not enough to have backups, you need to be able to restore content and relaunch services quickly, in a clean and verified state, even under active attack.
AI-driven threats are now targeting backup processes themselves, not just production systems. That’s why immutable storage, isolated recovery environments, and regular recovery testing are becoming standard practice.
Today, resilience is measured by proven recovery time and the ability to get services back on air, not by how often you run backups.
Oleksandr Samarukha, Head of Telecom Infrastructure Innovation, Cosmonova Broadcast
Make Resiliance Operational
Heading into World Backup Day, the real risk isn’t just data loss, but the rise of AI-driven attacks that are now smart enough to locate and compromise backups before organizations even know they’ve been breached. Most companies still have a dangerous gap between having backups and being able to actually recover, relying on systems that aren’t immutable, isolated, or tested under real attack conditions. At ValorC3, we focus on cloud services that make resilience operational. It’s important to ensure data is stored correctly, and that it’s instantly recoverable across hybrid environments with automation and portability built in. The hard truth for IT and security teams is that recovery has to be more than a quarterly checklist. It has to be continuously validated and ready to execute at any moment. In 2026, resilience will be judged by one thing: how fast you can recover when everything else fails.
Jim Buie, CEO, ValcorC3 Data Centers
Treat Backup As An Active Discipline
Backup alone is not resilience, especially as AI-driven threats accelerate ransomware and data compromise. Many organizations still face a confidence gap, with untested recovery plans, incomplete coverage and limited use of immutable backups. To close that gap, IT and security teams must treat backup as an active discipline, adopting immutable, air-gapped strategies and regularly testing recovery under real-world conditions. In an era of constant threats, resilience will be defined by how quickly and reliably organizations can recover, not just whether they have backups.
J.J. Thompson, CEO, Spektrum Labs
Prioritize Your Backup Network
The greatest risk to data protection in 2026 isn’t the breach itself, but the ‘recovery bottleneck’ created by prioritising the backup solution itself but not the network in the middle. Tools like Object Lock and immutability help manage cryptolocker incidents but RTO is a critical metric which isn’t considered often enough. IT managers looking to upscale their infrastructure should focus on building resilient, high-availability, and high-capacity connectivity to eliminate single points of failure and make restoration exercises more resilient and easier to manage.
Cameron Daniel, CTO, Megaport
How AI Is Reshaping The Cybersecurity Landscape
AI is fundamentally reshaping the cybersecurity landscape, accelerating both the speed and sophistication of attacks. Its ability to autonomously move through networks makes rapid, accurate recovery more critical than ever. While staying ahead of every emerging risk is unrealistic, organizations can dramatically reduce impact by building resilience into their operations. That starts with a modern business continuity strategy that clearly defines recovery point and recovery time objectives, and is tested regularly to ensure it performs when it matters.
Jeremy Pogue, Vice President of Security and Network Services, Integris
Backups Need to Be Verifiably Recoverable
In 2026, resilience depends on backups that are verifiably recoverable. This is a choice that makes managed backup services pull ahead of in-house, DIY models. More and more, DIY models fall short of what’s needed as AI-driven attacks speed up phishing, ransomware and cyber threats. The weak point we keep seeing is the space between data capture and a proven, repeatable recovery of the applications and dependencies the business actually runs on. Managed backup improves recovery objectives, provide compliance-ready documentation and strengthens security while freeing IT staff to focus elsewhere. From my perspective, data protection is as much of a technical safeguard as it is a cornerstone of enterprise risk management. It protects systems, customer trust, brand reputation and financial stability.
Kurt Esser, Managed Services GTM Leader, WEI
Backups No Longer Stop Ransomware
Backups alone no longer stop ransomware—modern attacks focus on data theft and disruption, so resilience must include the ability to operate through incidents, not just recover from them. AI-driven threats have dramatically shortened the attack timeline, making it critical to assume compromise and protect backups with immutability and strong isolation. The biggest failure point today isn’t whether backups exist, but whether organizations can actually restore quickly and reliably under pressure. Hybrid, distributed, and immutable backup architectures are now baseline expectations, with success defined by how well recovery is orchestrated across environments. In 2026, resilience is measured by time-to-recover, and organizations that can restore critical operations within hours—not days—are the ones that will withstand modern cyber events.
Todd Thorsen, CISO, CrashPlan
Resilience Defined By Customer Expectations
In 2026, resilience will be defined less by whether data is recoverable and more by whether organizations can sustain operations that meet customer expectations during disruption. That requires moving beyond static recovery plans to dynamic, continuously updated models of dependencies, along with cross-functional exercises that reflect real-world conditions.
Rich Cooper, SVP of Global Market Transformation, Fusion Risk Management
We Still Need the 3-2-1 Backup Rule
The 3-2-1 backup rule is still valid. Three copies, two media types, one offsite. Follow it. But if you think following it means you’re protected, that’s where the risk begins.
The threat landscape has shifted in three important ways. Attackers are using AI to defeat defenses at machine speed, which makes recovery a front-line capability, not an afterthought. Meanwhile, your own AI is creating exposure you can’t see because it is indexing content and generating copies across systems faster than any administrator can track. And your AI deployments themselves are now critical infrastructure; you have models, pipelines, and agents that need to be protected, recoverable, and compliant.
None of these threats can be addressed by backup volume or velocity alone. They require context.
Context means three things in practice: application intelligence, identity intelligence, and data intelligence. With centralized metadata, you gain visibility into what exists, who touches it, and how it behaves, which turns data and identity sprawl from a liability into a strategic asset. With the appropriate centralized metadata, you can also use AI to detect anomalies, flag unusual access, and build recovery strategies proportional to actual risk.
3-2-1 tells you how to store your data. Context tells you what’s worth protecting and how to get it back.
Modern resilience isn’t a checklist. It’s a continuous practice of understanding your applications, identities, and data, so when something goes wrong, you know exactly what you’re recovering and whether you can trust it.
Stephen Manley, Chief Technology Officer, Druva
A Shift Towards Active AI-Driven Resilience
Data protection is shifting from passive backup to active, AI-driven resilience, focusing on immutability, hybrid cloud management, and rapid recovery to counter machine-speed cyberattacks.
Key trends shaping data protection and backup strategies include making backup data a Tier-0 cybersecurity asset, implementing zero-trust architecture (ZTA) in backup architectures, implementing the 3-2-1-1-0 Rule, cloud-based data sovereignty compliance, and integrating AI detection to conduct continuous monitoring for AI threats faster than traditional methods, which are now targeting the recovery backup system itself.
The emerging threats include Autonomous Attacks, Recovery Denial, Shadow AI and Data Sprawl, Data Poisoning, and PQC/QRC Harvest Now, Decrypt Later (HNDL).
Dr. David Utzke, CEO & CTO, MyKey Technologies
Backup Plans Alone Aren’t Enough
World Backup Day is a useful reminder to have a backup plan, but backups alone aren’t enough. For that plan to be effective, organizations also need a recovery plan, and that’s where many strategies fall short. Too often, having multiple copies of data is treated as the end goal, without considering how those copies are accessed, stored, and ultimately restored. The reality is that backups are now part of the attack surface. If they’re always connected, poorly segmented, or inconsistently managed across endpoints, they can be compromised just as easily as primary systems, leaving organizations with data they can’t reliably recover.
What’s changing is where risk is accumulating. Data is no longer centralized. It’s spread across remote devices, transient work environments, and portable storage that often sits outside of formal IT oversight. That creates gaps not just in protection, but in recoverability. Without clear policies around how data moves, where it’s stored, and who is responsible for securing it at each stage, organizations may believe they have a backup plan in place, but lack a recovery plan that will actually work when needed.
This is why backup strategies need to evolve from a static checklist to an operational discipline built around recovery. It’s not just about how many copies exist, but whether at least one is isolated from day-to-day network exposure and whether recovery has been validated under realistic conditions. World Backup Day is a valuable checkpoint, but the organizations that pair backup planning with disciplined, tested recovery planning will be the ones that can restore operations with confidence when something goes wrong.
Kurt Markley, Managing Director, Apricorn
The Problem With Resilience Models Designed for a Centralized World
World Backup Day used to be about restoring files after an IT failure. In today’s energy environment, that mindset is dangerously outdated. As power generation becomes decentralized — across solar farms, microgrids, and distributed assets — we’re not just backing up data, we’re talking about maintaining continuity of physical operations. If an attacker disrupts an OT system, you’re not recovering documents — you’re losing megawatt-hours, breaching contracts, and triggering real financial and operational consequences in minutes.
The problem is that we’re building a massively distributed energy grid with security and resilience models designed for a centralized world. Every new connected asset expands the attack surface, yet very few organizations are quantifying what recovery actually looks like in this environment. Backup strategies need to evolve beyond data replication to include operational recovery — how quickly systems can be restored, how integrity is verified, and how to prevent compromised systems from coming back online. Without that shift, ‘backup’ becomes a false sense of security rather than a true resilience strategy.
Rafael Narazzi, CEO & Co-Founder, Centrii
A Protection Gap You Need to Close
Over the last year we’ve been witnessing how enterprise infrastructure is shifting fast. Organizations are moving workloads to next-gen infrastructure, adopting Kubernetes at scale, and rebuilding applications around containers and microservices. It’s a meaningful step forward in how we run and scale software. But it introduces a protection gap that most teams haven’t caught up with yet.
Most organizations running Kubernetes assume the platform takes care of resilience. It handles availability, not backup. Persistent volumes and application data need explicit protection, and in most environments we see that protection is either missing or untested.
That last word matters. A backup you’ve never restored from is nothing but a false sense of security. The question to ask on March 31st is “when did we last actually recover from one, and how long did it take?”
Maybe March 31st shouldn’t just be a reminder. It should be a fixed point in every organization’s calendar to actually run a recovery test, walk through the DR plan, and find out where the gaps are before an incident does it for you. The teams that treat it as an action item rather than an awareness day are the ones that won’t be scrambling when something goes wrong.
Paweł Staniec, CTO, Catalogic Software
A Call To Rethink How Resilience is Engineered
World Backup Day is no longer just a reminder to create copies of data and continually test and refine your recovery procedures. It is a call to rethink how resilience is engineered into the storage layer itself. As ransomware operators increasingly target backup infrastructure first, the assumption that recovery points will be available when needed is no longer safe. If attackers can delete or encrypt backups by exploiting shared administrative domains, organizations lose their ability to recover without paying a ransom. This is why modern backup strategies must extend beyond traditional recovery models and instead focus on architectural resilience by embedding immutability, high availability, and durability directly into storage platforms. This often includes leveraging object storage architectures that support immutability controls and policy-based data protection, helping ensure backup data cannot be altered or deleted once written. Approaches such as the 3-2-1-1-0 model, combined with enforced immutability, ensure that data remains protected, verified, and recoverable even in the face of sophisticated attacks.
At the same time, the concept of air-gapped backup storage has re-emerged as a foundational control in cyber resilience. Whether implemented through physical separation or logical isolation, air-gapped architectures are designed to ensure that even a full administrative compromise spanning identity systems, hypervisors, and backup management tools does not extend to recovery data. By separating control planes, restricting access, and enforcing retention policies at the storage level, organizations can reduce correlated failure risk and preserve critical decision-making leverage during an incident. This aligns closely with zero-trust principles, where systems are designed with the assumption that breaches will occur, and resilience depends on limiting blast radius rather than preventing every intrusion.
The urgency of this shift is further accelerated by the growth of AI, analytics, and other data-intensive workloads, which are driving unprecedented data volumes and complexity. Scalable object storage is becoming central to managing backup, recovery, and long-term retention at scale, but only when paired with architectures that prioritize isolation, verification, and performance under pressure. On World Backup Day, the priority is clear. Organizations must move beyond legacy backup thinking and design storage environments that can withstand real-world failure scenarios. Backup is no longer an operational afterthought. It is a strategic capability that underpins business continuity, regulatory compliance, and the ability to recover with confidence when it matters most.
Paul Speciale, CMO, Scality
The Evolution of World Backup Day
World Backup Day has evolved from a simple reminder into a crucial strategic checkpoint. In the past, we treated data loss like a natural disaster such as a flood or a fire, something you recover from. Today, we face intelligent adversaries who don’t just destroy data; they often weaponize it. They actively hunt and corrupt the very backups that are meant to be our safety net. This fundamental shift in the threat landscape demands a revolution in our defense mechanisms. A backup that can be altered is no longer an asset; it’s now a vulnerability waiting to be exploited. It’s a false sense of security. True cyber resilience is now defined by immutability and air-gapped architecture. It’s about creating a version of your data that is fundamentally unreachable and unchangeable by an attacker, like placing your digital crown jewels in a time-locked vault that only you have the key to. We’re not just making copies anymore. We are forging digital artifacts that guarantee a point-in-time recovery, ensuring that no matter what chaos unfolds on the network, your history, your business, and your future are secure.
Aron Brand, CTO, CTERA
AI Initiatives Are Rapidly Elevating Preserved Data Importance
AI initiatives are rapidly elevating the importance of preserved data. Modern AI models depend on vast historical datasets, many of which were originally collected for entirely different purposes. Data that appears inactive today may become essential tomorrow for training models, validating results, and supporting new discoveries. At the same time, ransomware threats continue to grow, and compliance mandates require organizations to retain data for extended periods.
In response, organizations are architecting resilience across the entire data lifecycle. This includes immutable offline copies, geographic separation, and preservation architectures designed for durability at massive scale. It also reflects the reality that most data becomes inactive over time and can be stored more efficiently on secondary or tertiary tiers rather than costly high-performance infrastructure.
Ted Oade, Director of Product Marketing, Spectra Logic
Not All Data Has the Same Value
On World Backup Day last year, I said that all-flash backup architectures were an expensive and unnecessary investment for most organizations. That perspective was not based on market timing, it was based on a fundamental principle, not all data has the same value, and it should not be treated as if it does. Today, the market has caught up. Rising flash prices and supply constraints did not create a new problem, they exposed an existing one. For years, the industry optimized for peak performance at any cost. That model is now breaking under the weight of data growth.
Backup is simply where this becomes most visible. But the reality is much broader. This is not a backup problem, it is a data architecture problem. Organizations can no longer afford to build infrastructure based on the assumption that all data belongs on the fastest tier.
The shift ahead is clear. Storage must become dynamic, not static. Systems must continuously adapt data placement based on real usage, not predefined policies. Intelligent auto-tiering is not a feature, it is the foundation of a new architecture where performance and cost are no longer in conflict.
Protection Must Extend Beyond Fires, Fools, and Floods
World Backup Day is a reminder that protection must now extend beyond fire, fools, and floods. Data is the currency of today’s digital economy — the lifeblood of intelligent enterprises. The continuing boom in Generative AI amplifies both the power and the risk of data, making backups essential to preserving not just systems, but insight and trust. In an era of automated systems, the ability to restore and validate data is what keeps intelligence resilient when disruption strikes.
For World Backup Day, organizations should ensure they maintain multiple backup copies of critical data using different formats, the proven “3‑2‑1” approach, and, most importantly, know when and how to recover both the data and the underlying business services. For individuals, the day serves as a reminder to protect important files such as family photographs in a secure and accessible place. Resilience starts with readiness, for both enterprises and people alike.
Jack Cherkas, Global CISO at Syntax
Backup is a Trust and Technical Problem
The biggest shift in data protection strategy I have seen working on healthcare cloud infrastructure is that backup has become a trust problem as much as a technical problem. It is not enough to have backups. You need to be able to prove in real time that what you backed up is complete, uncorrupted, and actually restorable in the time window your business can tolerate. I rebuilt disaster recovery infrastructure at a Fortune 100 healthcare technology company and the uncomfortable discovery was that our backups were technically succeeding while our verified restore capability was untested at realistic data volumes. We had confidence in our backup process and almost no confidence in our recovery process, which is the wrong thing to be confident about.
The emerging risk that most IT and security teams are underestimating in 2026 is AI-assisted ransomware that is specifically designed to target backup infrastructure before encrypting primary systems. Attackers have learned that the backup is the leverage point. If they can corrupt or encrypt your backups silently before triggering the visible attack, your recovery options collapse. The practical response to that threat is immutable backup storage with air-gapped verification, but more importantly it is treating your backup infrastructure with the same security posture as your primary systems rather than as a secondary concern. Most organizations apply their strongest security controls to production and their weakest to backup, which is exactly backwards given where the attack surface has moved.
Ayush Raj Jha, Senior Software Engineer, Oracle Corporation
More Security NewsAbout Author
Taylor Graham, marketing grad with an inner nature to be a perpetual researchist, currently all things IT. Personally and professionally, Taylor is one to know with her tenacity and encouraging spirit. When not working you can find her spending time with friends and family.