Winning the Race Against Ransomware
Coming off VeeamON 2025 in San Diego, we’re buzzing about all things data resilience, data portability, and data recovery! If you weren’t able to make it, or just want to keep the conversation going, read on for some more information. In this month’s edition, we’ll not only continue keynote speaker Eric O'Neill 's discussion about the global impact of cyberattacks — but we will also look at how organizations like yours can stay ahead of anything these adversaries can throw at you and your business.
🚀 DRMM: A Plan to Future-Proof Your Organization
Business continuity is a major focus for nearly every organization — but the real test often comes during an actual disruption. Whether that disruption comes from bad actors, natural disaster, or human error, many organizations don’t realize there’s gaps or faults in their readiness plans until they experience them firsthand after an incident. To help organizations strengthen their data protection posture, the Veeam Data Resilience Maturity Model (DRMM) provides an empirical framework for organizations to assess their current resilience posture, identify gaps, and implement targeted improvements. Veeam developed the DRMM in collaboration with McKinsey & Company , supported by insights from George Westerman of MIT, Palo Alto Networks , Microsoft , Splunk , and the minds of over 500 C-level executives. This model places organizations into four maturity horizons — from basic to best-in-class — and 74% percent of surveyed organizations land in the bottom two horizons, highlighting significant room to improve.
Organizations at higher DRMM horizons don’t just recover — they lead by achieving:
You may have solid backup and recovery — but without integrated strategy, intelligence, and coordination across teams, you’re still exposed. The DRMM helps you strengthen resilience before the next disruption hits.
Research revealed that 74% of participating enterprises fell into the lowest two horizons of the DRMM, meaning they lack the maturity needed to recover quickly and confidently from a disruption.
✅ Evaluate Your Readiness
This year’s Ransomware Trends Report, “From Risk to Resilience: 2025 Ransomware Trends and Proactive Strategies”, is out now! This year’s report surveyed 1,300 organizations over the last 12 months, including 900 who experienced at least one ransomware attack in the last year. Almost all surveyed organizations (98% of them) reported that they already have a playbook to respond to ransomware, which is a clear sign that organizations are taking this threat seriously. This is good, but unfortunately, we found that less than half of organizations have the essentials in place that are required to execute their playbook effectively.
The organizations who were the most successful in bouncing forward after attacks had frequent verified backups and copies of those backups, assured all backups were clean, established alternative infrastructure arrangements, developed containment and data isolation plans, and already had a chain of command in place for responding to incidents.
Whether it’s frequent backups, robust contingency plans, or ongoing training, the most effective organizations see prevention as a continuous effort and recovery as a key function. At the same time, organizations are working on breaking down barriers between IT operations and security teams or at least planning to. 52% of respondents said significant improvement or a complete overhaul is required to align IT operations and security teams.
💻 Cybercriminals are Evolving, But We are Too
Unfortunately, it’s a fact of life in cybersecurity that as we evolve to combat ransomware, threat actors are adapted to take downs and security awareness too. New cybercriminal entities pop up fairly frequently, and Akira ransomware has cemented its reputation as one of the most relentless and disruptive cyberthreats affecting organizations currently. Akira has held the number one spot for the most ransomware attacks for six straight quarters according to Coveware by Veeam’s case data, and in 2024, it was responsible for 14% of all ransomware incidents.
While many ransomware groups tend to chase after big-ticket targets, Akira casts a wider net, focusing on sheer volume rather than just high-profile victims. Without early detection and strong, proactive defenses, organizations risk facing crippling downtime and costly demands. However, companies that take decisive action — by hardening remote access, aggressively monitoring for credential misuse, and updating and fortifying VMWare ESXi environments — can dramatically lower their risk profile.
📰 Veeam News
Are you going to RSAC 2025? Come see us! Even if you’re unable to attend in person, we are also hosting a webinar live from the event on May 1, where Rick Vanover and Javier Perez will discuss the latest in cybersecurity, including recaps on RSAC keynotes and a deeper look into Veeam Recon Scanner.