Q&A: Veeam CTO On The Evolving Cloud Threat Landscape & Building A More Effective Recovery Plan

As cloud adoption accelerates and cyber threats become more pervasive, the need for robust cloud backup and recovery strategies has never been greater. 

“The biggest challenge today is managing the responsibility of data spread across multiple cloud-based solutions,” says Michael Cade, Field CTO of Cloud Strategy at Veeam, in an interview with Expert Insights.

With over 14 years of industry experience with a key focus on data centre technologies including virtualisation, storage and data centre, Michael’s role at Veeam is to engage those new to availability technologies as well as those who are experts, speaking at events and providing feedback from the field into product management. 

In this conversation, Michael discusses the evolving challenges of protecting cloud data, shares how Veeam helps organizations safeguard their workloads, and offers practical advice for CISOs seeking effective cloud backup solutions. He also explores key trends shaping the future of the cloud backup landscape, highlighting what organizations must prioritize to stay resilient in 2025 and beyond.

Q. What are the biggest challenges for customers in the cloud backup space today and how are threats evolving?

Cloud backup is an evolving space – we have SaaS-based workloads (such as Microsoft 365) and the importance of that data across an entire platform. Then we have IaaS, where customers have looked to take that first step into the cloud journey to run their virtual machines, maybe to get out of an on-premises virtualization platform. We have PaaS, or Platform-as-a-Service, which is where the end user can offload some of the underpinning OS, patches, etc., off to the cloud provider and just consume the database. 

The biggest challenge with all this choice is the skills needed to manage the responsibility of this data spread across these multiple cloud-based solutions. Most likely not everything is going to be in the same cloud. 

We must also consider regulations and compliance, and make sure that data is not crossing borders and breaking regulations. The security aspect of data spread across all these platforms and clouds is a top priority. It must be ensured that data is secure, protected, and available no matter what happens. 

Q. How does the Veeam Backup for Microsoft Office 365 platform help to teams address these challenges, and how do you differentiate yourselves from competitors?

 When it comes to protecting SaaS workloads such as Microsoft 365, it’s about providing the ability to hit the “easy button” on protecting data. Our product can be consumed in a few different ways. It can be purchased as a subscription where you download and run the software yourself and you manage the end to end and protection of your data. 

We have a network of VCSPs (Veeam Cloud & Service Providers) and MSPs that provide the Veeam as a Service. This might appeal to those end users that have a relationship with MSPs and the requirement for other wrap -around services. 

Another option is using the Veeam first-party solution – Veeam Data Cloud. This offering enables the customer to sign up and protect their workloads into a Veeam Cloud, a fast-growing option that provides BaaS for SaaS, and offloads the responsibility over to Veeam to hold and ensure that the data is secure and available when bad things happen. 

Q. What are your top recommendations for CISOs in the process of looking for a cloud backup solution?

 Coverage. Flexibility. Immutability.  Three words I would suggest as a top recommendation. 

As a CISO responsible for the data and the security of the business, you should ensure that—across these cloud paradigms of SaaS, IaaS, and PaaS—you have a solution that provides best of breed across all of these as-a-Service type models, as well as being able to provide a flexible delivery model themselves.  Veeam has three options when it comes to protecting these workloads. 

Flexibility— in a world where things are moving fast, you want to know you can provide mobility to your data, ensuring you can go from Cloud A to Cloud B in case prices change or there are other damaging circumstances to deal with. 

Another recommendation would be immutability—ensuring that all data backups are stored in a secured immutable way. Ensuring that nobody can tamper with backups, and when something bad happens you can get things up and running again as fast as possible.  

Q. What trends do you expect to see in the cloud backup space in 2025?

 We will see a continued adoption of cloud going into 2025. Where businesses have moved into the IaaS space, I fully expect to see more adopt the PaaS model and offload some more of that responsibility to the cloud providers in exchange for some dollars. Data security will also be a trend to follow in 2025, but this will be a continuation of bad things happening to data. 

Because of this, we need to keep raising awareness of not only protecting data in a secure manner, but we must also consider the prevention side and the continuous change to platforms. 

Q. In your view, what should organizations’ top cloud backup planning priorities be for 2025?

Have a plan! 

Second, ensure there are backups in place across all services and data within the business. The public cloud providers have a shared responsibility model that we have been sighting for years to our customers. This will ensure availability of services and infrastructure, but your data is your data.

Third, understand your data. As humans, we tend to hold onto everything for a rainy day. Businesses need to start thinking about being more hygienic when it comes to the production data sets they own. 

This will help when it comes to recovery plans—knowing what you have and where will ensure you can be focused when it comes to getting things back up and running as fast as possible.  

Further reading

• Learn more about Veeam
• Read our guide to the best Backup and Recovery Solutions for Microsoft 365