How firms can ensure business continuity with backup and cyber resilience strategies

Cyber-attacks are now inevitable, and India is experiencing a surge in ransomware, phishing, and distributed denial-of-service (DDoS) attacks targeting various sectors. The Indian Cyber Crime Coordination Centre reported losses of ₹11,333 crore due to cyber fraud in the first nine months of 2024. This is a clarion call for businesses to look beyond conventional and siloed data backup mechanisms and adopt comprehensive data resilience strategies. On World Backup Day, experts shared insights on why data backup is becoming critical for cyber-resilience, enabling instant recovery, financial loss mitigation, and business continuity.

According to Balaji Rao, Area Vice President for India and SAARC at Commvault, “Legacy backup solutions are failing due to their inability to scale in modern hybrid and multi-cloud environments, creating data silos and operational inefficiencies, which increase vulnerability to cyber threats.”

It is here that enterprises need agile, integrated backup and recovery solutions with automation and orchestration. Giving an example of Commvault, he said, the company addresses this challenge with solutions like Cleanroom Recovery, which provides a secure environment for testing and validating cyber-recovery plans, and Cloud Rewind, which automates data recovery and cloud application rebuilding for seamless continuity.

In any case, investing in data resilience is crucial as cyberattacks become more sophisticated, with most companies facing breaches. A successful strategy includes multi-layered backups, automated processes, and redundancy across environments. Security at every layer, including encryption, access controls, and employee training, is vital, he added.

As cyber-threats and data volumes surge, businesses need automated, scalable, and secure backup solutions, agrees Pankaj Kitchlu, Systems Engineering Director, India & SAARC at Juniper Networks. “A robust backup strategy fosters business resilience, innovation, and long-term growth,” he said, highlighting the importance of deploying AI-Native solutions, zero-trust security, and advanced threat prevention.

Sandeep Bhambure, Vice President and Managing Director, India & SAARC, Veeam Software, believes that data backup now is no longer just about copying files; it’s an integral part of an organisation’s cybersecurity infrastructure. “Implementing immutable backups, automated threat detection, and rapid recovery processes are essential to ensure data remains safe and recoverable in the event of a cyber-attack,” he said, stressing the importance of regularly testing recovery processes and ensuring proper orchestration.

Rao further suggests that Backup-as-a-Service (BaaS) as a scalable, cost-effective solution for hybrid and multi-cloud environments, eliminating infrastructure overhead and streamlining compliance.

The future of cyber resilience relies on Artificial Intelligence (AI)-driven platforms for rapid system prediction, isolation, and restoration, he noted.

Needless to say, the Digital Personal Data Protection Act (DPDPA) which came into effect in August 2023 reinforces the increasing importance of data resilience and aligns Indian businesses with global data security standards, ensuring business continuity.  
In the next three to five years, AI is anticipated to play an increasingly key role in the cybersecurity domain, promoting self-defense capabilities and automating compliance. The rise in regulatory requirements, such as those from the Reserve Bank of India, underscores the importance of cyber recovery testing, which poses financial and reputational risks for firms that are unprepared, thereby increasing the demand for cyber-resilience, said Rao.

Bhambure highlights that the surge in data breaches has elevated recovery to a top priority for Chief Information Security Officers (CISOs). Effective cybersecurity governance at the board level and collaborative efforts are vital, as relying solely on backups is insufficient. Identifying clean data necessitates specialized security knowledge.

Going forward, achieving a balance in AI regulation is essential to promote innovation while addressing cybercrime. As Bhambure noted a robust incident response strategy requires the integration of security and data protection, supported by playbooks and recovery testing. “An effective cyber-resilient approach aims to eliminate ransom payments, thereby disrupting ransomware activities,” he said.