For many, 2022 was a year in which hope met uncertainty because the pandemic slowed, but economic and global challenges expanded. In IT, cyberthreats continued to be top of mind as organizations sought to reduce their risk of data loss on smaller budgets.
In 2023, we expect the conversation to expand from “security” to “risk” as businesses balance data security, cost, and complexity.
Data Resilience in the Spotlight
1. Data Protection Integrates with Data Security
Customers need data protection vendors to integrate into their data security ecosystem. Organizations looking to “tighten the belt” on their IT budgets will not have the capital to invest in multiple siloed products and will seek out solutions that bridge the gap between security posture, recovery, management, analytics, and integration with third-party tools.
Additionally, cyber criminals will target cloud workloads as data centers become more secure. Companies will be forced to extend their cyber resilience beyond the data center. With these additional requirements, the market will need to help customers do more with less — less money, less staff, and less experience. There will be a need for autonomous data resilience — in which the customers’ data is automatically secured and protected.
Here’s my recommendation for how to address this prediction: “First, executives must create a risk management strategy that incorporates cyber-insurance, security, and data protection. Second, data protection teams must work with security to ensure that their backups are secured. Finally, data protection teams should connect with the security team to understand what role they need to play in preparing for and recovering from an attack.”
2. MFA, Zero-Trust, and Potential Exploits
People have talked about Multi-factor authentication (MFA) and zero-trust security for several years now, but as we return to offices in 2023, IT teams must reassess the organizational perimeter with a stronger focus on identity. In recent attacks, we have seen examples of sophisticated social engineering taking advantage of MFA fatigue. IT teams must ensure their organizations are thinking ahead of these disasters and implementing stronger systems to account for potential human error.
Curtis Preston, Druva Chief Technical Evangelist, offers his perspective: “The big takeaway from the cyber incidents of 2022 is that MFA, while incredibly important, is not infallible. We will continue to see a dramatic increase in the volume of MFA exhaustion attacks. Bad actors will overwhelm the victim with so many MFA requests that they eventually authorize one of them, and the attacker is in. In 2023, companies must look to make their MFA systems more resilient to these types of attacks.”
3. Mergers and Acquisitions Complicate Data Protection
Some days, it can feel like data sprawl is expanding faster than the universe. Even as organizations try to centralize their employees’ data with Microsoft 365, Google Workspace, and virtual desktops, business units are building applications that spread corporate data in more places than ever. Organizations run hundreds of SaaS tools, many of which retain data. Cloud-native workloads are only expanding, especially for data analytics.
With mergers and acquisitions, companies pick up even more tools and data locations. While executives talk about unifying back-end infrastructure, data and application gravity make standardization incredibly difficult. Instead, IT needs to find a way to protect and secure data where it lives, without hiring more people or buying more tools.
My opinion is: “Due to the economic challenges, M&A is going to surge, so there will be even more data silos. Companies need a simple, scalable way to manage and protect their data — including respecting data residency requirements. It will be virtually impossible to manage and protect the data on their own.”
Budgetary Concerns in an Uncertain Economy
4. Economic Challenges Shrink the Time Horizon for Technology Investment
Companies will leverage the cloud for most new initiatives because they will want to make low-risk bets in 2023. Cloud-based projects require minimal initial investment, charge only for what is consumed, and can be quickly decommissioned.
Additionally, teams will ruthlessly prioritize IT projects based on rapid ROI (return on investment). Because they do not have enough senior personnel, and the economy is a concern, they will need to show value in six months to propel them to the next investment.
Here’s my take: “Most organizations are inefficient in both their use of cloud and data center technologies. In 2023, they will use tools and processes to ruthlessly eliminate waste. In particular, they will offload functions that can be delivered as a service.”
5. Automation to Reduce the Skills Gap
Time and again it’s been proven that humans are the weakest link in the security chain. To ensure data resiliency in wake of a disaster or cyber attack, security leaders will need to prioritize the proper training of their staff — while equipping them with the right systems to automate processes.
Here’s a perspective from Yogesh Badwe, Druva Chief Security Officer: “It’s important that organizations shed the idea that their teams must manually handle these processes, from backing up data each night to monitoring systems. With touchless systems, teams can rest assured that their operations and data will be safe. Automated technology and stronger integrated strategies will give organizations the peace of mind they need that regardless of what new threats they might face in 2023, the organization is as prepared as possible to protect, secure, and recover its critical data.”
The AI/ML Revolution Comes to Data Protection
6. AI/ML Automation Saves Cost and Human Effort
Organizations have struggled to scale their AI/ML (artificial intelligence and machine learning) model deployment in production due to complex data dependencies, manual processes, lack of expert AI/ML skills, and siloed engineering teams. In 2023, organizations will look to invest in AI/ML platform teams and services that can simplify dependencies, improve data and model discoverability, manage dataset access and governance, and make model building and deployment easily repeatable. MLOps (machine learning operations) platforms that provide these benefits will gain traction.
Druva Director of Innovation Preethi Srinivasan offers this take: “With high labor costs and a recession looming, AI/ML solutions that solve practical use cases will take priority in 2023. IT organizations will look to build or purchase autonomous solutions that bring them cost savings, provide operational efficiency, and reduce or eliminate human effort.”
7. Autonomous Data Protection Is the Future
The status quo in data protection has been unrealistic — expecting businesses to have dedicated teams to manage backups, SLAs, RPOs, and RTOs, and diligently troubleshoot failures. In reality, workloads have grown more complex, data growth has been massive, and there are hundreds of enterprise applications used in an organization, demanding backup admins spend significant time and effort on data protection tasks.
Preethi Srinivasan had this to say on the topic: “Autonomous data protection is hyper-automation that identifies bottlenecks, rectifies them, and proactively prevents them such that backups just work. Autonomous protection will work at a macro and micro scale, identifying useful metadata patterns, and leveraging advanced AI/ML to deliver radical simplicity, savings, and security.”
Key Takeaways and Next Steps
Start 2023 right by protecting your business and its critical data. As threats like ransomware continue to evolve, Druva delivers peace of mind — a single, comprehensive platform to ease management, backup, recovery, and protection for all your workloads.
Analyst firm International Data Corporation (IDC) recently evaluated the benefits of a strong data resilience strategy, especially SaaS-based approaches like those offered by Druva, to address today’s challenges and risks. Get the free IDC report for comprehensive insights to strengthen your organization’s data resilience.