Data protection in 2023 was all about resilience

Recovering from data loss and ransomware are the gifts that keep on giving … for data protection suppliers, that is.

Update. Dell additions. 18 Jan 2024

Compared to a year ago, there is now more data to protect and more threats against it, making favorable market conditions for the suppliers. The data protection world in 2023 was dominated by dealing with cyber resilience, extending backup’s remit to cover SaaS applications, and seeking new archive technologies to fix tape’s flaws.

Virtually every backup supplier has now added security features to protect against ransomware and other malware attacks on data. Cyber resilience is the name of the backup game, and resilience is starting to look like an over-used word. For example:

  • Veeam describes itself as the home of radical resilience. 
  • Cohesity says: “Protection is one thing. Resilience is everything.”
  • Commvault claims it “gives you an unfair advantage to ensure resilience in the face of ransomware and other advanced threats in today’s hybrid world – and tomorrow’s.”
  • Dell ran a series of cyber-resiliency events and announced cyber resilient data protection enhancements to its PowerProtect and Dell APEX data protection portfolio.
  • Druva says it is “the industry’s leading SaaS platform for data resiliency, and the only vendor to ensure data protection across the most common data risks backed by a $10 million guarantee.”
  • Rubrik greets its website visitors with this message: “Rubrik Security Cloud delivers complete cyber resilience.”
  • Veritas tells its site visitors: “We have a reputation for reliability at scale, which delivers the resilience our customers need against the disruptions threatened by cyberattacks, like ransomware.”

To keep protected data resilient, suppliers typically offer immutable backups and backup health checks, providing known good files, for example. Focus has extended from ransomware attack prevention to ransomware attack recovery, with some guarantees that such recovery is dependable.

No magic anti-malware silver technology bullet was announced in 2023 by any supplier – because there isn’t one.

SaaS app protection

Technology additions were sought by SaaS app protectors, spearheaded by HYCU. It realized that many SaaS applications stored customer data that was not protected by the provider or by data protection companies who focused on protecting the top level apps such as Salesforce and Microsoft 365. HYCU’s boss Simon Taylor even wrote a book about it.

HYCU made its API available to SaaS developers so they could connect their apps to HYCU’s backup. The SaaS customers could then use the connector to have HYCU protect their data. HYCU initiated a program to get 100 connectors ready by the end of 2023. It passed the 50 connectors level in November. We checked to see it has reached 100 yet.

Other data protection suppliers also cast their nets into the SaaS seas – Asigra, for example, with its SaaS app developer SDK, Rubrik, and startup Alcion. Dell APEX Backup Services was expanded to include cloud-native capabilities for AWS and Azure virtual machines (VMs), with cross-cloud backup redundancy by replicating data from Azure VMs to the AWS cloud. 

Veeam invested in Alcion and also bought Australian supplier CT4’s Cirrus Backup-as-a-Service software to protect Microsoft 365 and Azure.

Supplier news

Most data protection news in 2023 was good news. Backup target appliance supplier ExaGrid announced four successive quarters of revenue and customer growth with record quarterly revenue amounts achieved repeatedly.

Backup and cloud storage provider Backblaze achieved a $100 million annual revenue run rate. It also partnered with HYCU to provide low-cost backup data vault. Veeam grew and grew, and did many others.

There were no data protection IPOs in the year. Cohesity, Rubrik, and Veeam are potential candidates, as is Druva. Veeam is owned by Insight Partners, which paid $5 billion for the privilege in January 2020. There have been 55 IPOs by Insight Partners’ portfolio companies since 1994.

Rubrik raised $552 million in funding, Druva $475 million, and Cohesity $660 million. These represent high stakes and their backers will want successful IPOs.

Rubrik bought Tel Aviv-based Laminar and its security posture management software in 2023. It also announced a generative AI chatbot called Ruby. Competitor Druva has its Dru chatbot, Commvault has Arlie, and Cohesity has the Turing AI/ML gateway. Cohesity is also working with OpenAI. Clever chatbots can ease data protection management and identify a customer’s data protection weaknesses.

Technology news

Most data protection development was in the archive arena, with several extreme duration technologies favored, including glass – Cerabyte and Microsoft’s Project Silica — and nickel nanofiche from the Arch Mission Foundation, as well as a 50 TB tape from IBM and a spun-down disk approach from Disk Archive Corp. The two glass slab technologies are not available as products yet, being a year or more away from commercialization, but they represent potential tape replacement possibilities. The nickel nanofiche is not being presented as a commercial archiving technology. Instead its backers have grandiose dreams of “storing humanity’s data forever,” with their archives stashed around the solar system, and keeping a business’s data records for 20 or 30 years isn’t on their radar screen.


IBM’s 50 TB tape indirectly confirmed the validity of the near-term LTO roadmap, which has the LTO-10 format coming in a year or two, with a 36 TB raw/90 TB compressed capacity rating. The next iteration, LTO-11, has a 72 TB raw/180 TB compressed capacity rating and IBM has not reached that, yet. As a reminder, LTO-9 supports 18 TB raw/45 TB compressed.