Zerto, IDC Reveal Backup Failures and Ransomware Vulnerabilities in IT Systems

By Stefania Viscusi

Zerto, a Hewlett-Packard Enterprise company, recently released findings from a new IDC-commissioned survey which highlights the vulnerabilities many organizations face when it comes to backup and disaster recovery (DR) strategies. According to the survey, backup-related failures account for 32% of global data loss incidents, making it the leading cause of data loss, despite backup and recovery being named the top IT investment priority for 2024.

The survey gathered responses from organizations across North America, Western Europe, India, and Australia, offering key insights into the state of disaster recovery and cyber resilience.

A key finding of the report is that many organizations continue to face severe data recovery challenges, even when they have backups in place. Nearly half (48%) of organizations that paid a ransom after a ransomware attack did so despite having valid backups, hoping for a faster recovery or less data loss. However, only 20% of those who paid the ransom fully recovered their data, leaving many organizations stuck in a worst-case scenario — maintaining costly backup systems without reaping recovery benefits during attacks.

"It’s unfortunate to see organizations funneling resources into backup processes only to realize that it was all for naught — paying the ransom money and losing the data," said Phil Goodwin, research vice president, IDC. “What's clear is that only a holistic approach can eliminate these negative outcomes and keep organizations safe. In particular, CDP will prove increasingly central to unified data protection efforts in months and years to come."

Another issue that further compounded this is staffing issues. Organizations said they lack IT personnel, skills, and time creating major obstacles in DR and cyber recovery (CR) efforts. Nearly 34% of respondents listed outdated recovery processes as a significant issue in maintaining cyber resilience, while 31% pointed to insufficient staff knowledge and skill sets.

How can businesses combat these challenges? According to the IDC report, a holistic approach to disaster and cyber recovery is needed. This includes integrating backup, disaster recovery, and cyber recovery to ensure better data protection. Continuous data protection (CDP) minimizes data loss, enabling organizations to restore systems to a point just before a cyberattack.

The report also uncovered that despite the potential for AI to transform disaster recovery, trust in AI remains low. Fifty-nine percent of respondents said AI tools are not yet reliable for disaster recovery purposes. However, 40% of respondents said they are optimistic about AI’s future role in DR.

"Organizations are increasingly responsible for data environments whose complexity they are unequipped to handle and whose integrity they are ill-prepared to safeguard," said Caroline Seymour, vice president, storage product marketing, HPE. "This is not the fault of any individual organization, but it does demand a more sophisticated approach to data protection — one in which traditional backup is not the be-all-end-all but instead one of a suite of complementary tools, including CDP.”




Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

AI Is Changing MSP Value Proposition, Not Eliminating It

By: Erik Linask    7/1/2026

MSPs are moving beyond AI hype and focusing on the practical questions that matter most: client data protection, AI governance, service desk efficienc…

Read More

MSPs: The Network Is No Longer Someone Else's Problem

By: Erik Linask    6/30/2026

Reinvent's new MyCloud SecureLink offering gives MSPs and resellers a partner-ready way to deliver managed SD-WAN, network security, and resilient con…

Read More

Why the Fastest-Growing MSPs Are Saying "No" More Often

By: Special Guest    6/30/2026

The fastest-growing MSPs in the U.S. are boosting margins, reducing cyber risk, and scaling more sustainably by adopting stricter customer qualificati…

Read More

The Next MSP Platform Battle Will Be Fought Over Data, Not Features

By: Erik Linask    6/24/2026

SuperOps and Guardz are bundling IT operations and agentic security into a single MSP offering, reflecting a broader shift away from fragmented tool s…

Read More

The AI ROI Problem Was Never About the Model; It's About Integration

By: Erik Linask    6/24/2026

Xurrent's new built-in iPaaS is designed to help AI agents move from recommendation to execution by connecting ITSM workflows directly to systems like…

Read More