At a media briefing in September 2025 in Hong Kong, Veeam executives painted a stark picture of the evolving cyber threat landscape, emphasising the urgent need for organisations to shift from reactive defences to robust data-resilience strategies.
The briefing also spotlighted Veeam's strong foothold in the Asia Pacific and Japan (APJ) region, where it claimed the top spot in market share according to IDC's latest report for the second half of 2024.
Transitioning to the pressing issue of ransomware, Beni Sia, general manager and senior vice president for Asia Pacific and Japan at Veeam, described the 2025 trends report as more than just data—it's a "playbook of how bad actors are attacking and compromising systems and networks."
Alarming statistics revealed that "70% of customers surveyed here got attacked once in the last 12 months," with 89% of attacks targeting backup repositories and 34% resulting in modifications or deletions.
Sia warned that attackers are accelerating, aided by AI: "With AI today, it's very easy to just type out in any of the large language models. How do you find vulnerability? What's the source? What's the code? Boom, you go."
He debunked the myth of simply paying ransoms, noting that "69% of the people that we surveyed, if they pay the ransom, guess what? They get attacked again. Usually, it's by the same group."
Attacks now unfold in under 24 hours, from access to exfiltration and demands, making prevention insufficient. "You literally need to build yourself out of ransomware with data resilience," Sia asserted.
It’s all about data resilience
At the heart of Veeam's message is data resilience, framed as a comprehensive framework rather than a mere feature. Sia outlined five foundational pillars: backup, recovery, portability, security, and intelligence.
"Data portability is about making sure that lockdown doesn't happen," he explained, stressing the need for flexibility across physical, virtual, SaaS, and container environments. This is crucial in cyber incidents, where infrastructure becomes a "crime scene" under regulations such as Hong Kong's upcoming CI Act, which requires 24-hour reporting.
Security must be "baked in" from the start, with immutable copies and proactive scanning, while intelligence leverages AI for insights.
The need for DRMM
Raymond Goh, head of Ssystems engineering for APJ at Veeam, delved into the Data Resilience Maturity Model (DRMM), co-developed with McKinsey, MIT's Dr George Westerman, and partners like Palo Alto Networks, Splunk, and Microsoft.
DRMM assesses organisations across four horizons: Reactive & Manual (44%), Reliable But Limited (30%), Mature & Adaptive (18%), and Self-optimising (8%).
Goh highlighted a critical disconnect: "70% said they were confident... But the reality is that when the companies went through this study, it only showed 8% of them are actually best-in-class."
This misalignment stems from underinvestment, despite 94% planning increased IT spend in 2025—a fraction of what's needed.
"For every dollar that you spend, the most resilient companies return up to $10 to $3 back," Sia added, with Global 2000 firms losing $400 billion annually in downtime alone, excluding reputational damage.
DRMM is vendor-neutral and outcome-based, drawing on 500+ CIO surveys and 50+ customer interviews to distil 52 key questions across eight dimensions: strategy, people & process, and technology sub-areas such as backup and security. Goh described it as a lifecycle: "It's an ongoing journey... The missing R in between the risk and resilience is readiness."
Organisations undergo assessments involving multiple stakeholders, followed by internal reviews and resilience workshops to develop actionable plans, with milestone checks every 3 to 6 months. Best-in-class firms, often in highly regulated sectors like financial services, achieve 10% higher revenue growth, 4x faster RPO, 3x faster RTO, and 30% quicker ransomware recovery.
Platform consolidation and layered security
As security stacks grow increasingly complex, consolidation is trending toward simplicity. Sia addressed Veeam's stance: "From our ecosystem in terms of consolidating... many customers are consolidating. And from our data in terms of us growing, clearly we are coming a long way ahead... where we are winning and being the vendor of choice."
He advocated layers over single vendors: "From a security lens, it's really protection in layers... The best analogy I'll use is, I mean, at home, right? You have your main gate, you have your main door, you have maybe your bedroom door, your valuables, you might even want to put a safe."
Goh added, "It's definitely not a one vendor play for sure. It's also not a hundred vendors play... what we're promoting is the best of breed solution."
AI's role: From conflict to collaboration
AI is embedding everywhere, but multiple tools can clash. A question on conflicting AI advice prompted Goh: "I am actually quite blown away by seeing practical examples with customers when we do some of these workshops, when this is actually the first time they are sitting down together in a room."
He urged alignment of IT security to clarify postures and tools.
Goh distinguished AI types: Horizontal for basic knowledge (e.g., "how should I configure a backup job?"), vertical for deep analysis (e.g., spotting suspicious OneDrive encryption). "We are just suspecting this. You can go deeper working with the security vendors... What we are doing over here is detecting early as much as possible."
He affirmed: "People still matter... We specialise in the data resilience that is needed as part of the component to walk that journey."
One last takeaway
The briefing underscored that in Hong Kong and Southeast Asia, where digital transformation meets stringent regulations, data resilience is no longer optional.
As Sia concluded, organisations must "build yourself out of ransomware," leveraging tools like DRMM to turn vulnerabilities into competitive advantages.
