Why data protection deserves a promotion in your security strategy

The promotion of data protection in security

For years, organizations have viewed data protection as little more than backup and recovery solutions that had to meet basic compliance and readiness requirements. Data protection was not viewed as a strategy that could greatly enhance the organization’s overall security and compliance posture. 

Well, today’s data protection solutions aren’t your parents’ data protection solutions. They’ve modernized and evolved, incorporating a wide range of security and operational improvements. It’s good timing, as the shift towards greater automation and AI puts significant strain on managing, monitoring, and protecting data. Here at GDT, we believe it’s time for organizations to revisit their overall data protection and security strategies to prepare for modern security challenges.

Closing the resilience gap

Organizations are continuing to invest heavily in cyber-defense, prioritizing detection and prevention through next-generation firewalls, endpoint protection, and threat intelligence. While these are all essential to a solid cybersecurity strategy, investments shouldn’t stop there. Incidents and their impact remain high, despite spending. Worldwide security spending increased 12% in 2025, according to the IDCⁱ, yet global threats continue to accelerate. In the last year, 88%ⁱⁱ of organizations experienced cybersecurity incidents. Furthermore, in 2025, 44% of organizations hit by ransomware found their backups compromised or incompleteⁱⁱⁱ. 

Closing the resilience gap means organizations must also prioritize and improve their digital resilience by strengthening data protection. In other words, it’s no longer enough to protect your perimeter; you must protect your data, ensure recoverability, and minimize business disruption. This shift highlights the need to increase your focus on data protection as a core element of your security strategy.

From backup to security control: What changed

In a recent survey, Fortinet found that around three-quarters of organizations had experienced insider-related data loss in the past 18 months, with 58% experiencing six or more incidents. As technology advances, the role of data protection within a comprehensive security strategy warrants closer scrutiny.  

Data protection, including backup and storage, has become a critical part of cyber-resilience and business continuity, with providers such as NetApp, Veeam, and Rubrik embedding robust security and data protection features into their platforms.

Critical data protection capabilities

Organizations that take advantage of these advancements in data protection capabilities can limit damage when data loss and data breaches occur. Reduced downtime and revenue loss, along with faster time to recovery, are among these benefits. Organizations should ensure they are taking advantage of the following capabilities:

• Immutable/tamper-proof backups that prevent bad actors from altering data. 

• Identity and access management coupled with data privacy and data loss prevention capabilities.  

• Automated ransomware and vulnerability detection to identify suspicious patterns in backup data using world-class threat intelligence. 

• Identity and Active Directory-aware controls to prevent unauthorized restores. 

• Recovery testing and verified restore points to validate data recoverability before an incident. 

• Native integration with leading security solutions. 

These capabilities help ensure your organization can recover confidently and maintain business continuity in the event of a data breach.

Reframing security accountability

Security accountability isn’t just a function of the security team; security and data protection are everyone’s responsibility. Integrating data protection into your overall security strategy provides the opportunity to distribute some of the accountability. By incorporating data protection into daily workflows, security accountability becomes operationalized — each department takes ownership of security decisions relevant to its data and processes. Plus, it aligns security with business function, ensuring that security controls are applied within the context of operational priorities and compliance needs. 

 For example: 

• IT and application owners must ensure systems are configured to enforce protection policies: access, encryption, backup, and monitoring. 

• Business units must identify and classify the sensitivity of the data they generate or handle. 

• Data owners and users must handle data appropriately, adhering to least-privilege access and reporting anomalies as needed. 

• Compliance and legal teams oversee regulatory alignment and audit readiness. 

By reframing accountability, security teams can shift from security enforcement to an advisory and oversight role, providing the frameworks, tools, and training. This reduces bottlenecks and single-point dependencies and distributes responsibilities more evenly.

Embedding data protection in your security strategy

To build true resilience, organizations must take steps to integrate data protection directly into their security framework. Here are practical steps you can take.  

1. Review your existing data protection and security approach.  
   It’s critically important to ensure there is alignment between your data protection strategy and business priorities. Reviewing your existing approach, testing it, and identifying opportunities to improve your overall posture should be an annual activity. 

2. Map data protection to your incident response plan. 
   Ensure backup and recovery processes are defined within your security incident response playbooks. Security, IT, and compliance teams should coordinate how and when to trigger recovery workflows following an attack or other security incident. 

3. Include backup systems in your security tooling. 
   Backup repositories often sit outside the scope of security operations. Integrating them into your SIEM, Vulnerability Management, or XDR solution allows you to detect anomalies, such as mass deletions, encryption attempts, or unusual access patterns, before you incur data loss. 

4. Apply the same access and authentication controls to your backup infrastructure. 
   Backup and restore platforms should follow the same identity and access governance policies as production systems. Implement multi-factor authentication, least-privilege access, and role-based separation of duties to minimize insider and lateral-movement risks. 

5. Treat immutable and air-gapped backups as part of your security posture. 
   Immutable or isolated copies are your last line of defense against ransomware. Classify them as security assets, not just IT assets — with defined ownership, testing cadence, and verification policies. 

6. Conduct joint recovery exercises with security and IT teams. 
   Simulated recovery events should be part of regular security drills. These exercises validate that backup data is recoverable, credentials are accessible, and response teams can coordinate effectively under real-world pressure. 

Building a culture of cyber resilience

When an attack happens, resilience is what determines whether your organization experiences a brief interruption or a business-defining disruption. When data protection becomes part of your security strategy, not just your IT operations, you improve your ability to respond, recover, and resume business faster, even in the face of sophisticated attacks.  

At GDT, we help organizations bridge the resilience gap by aligning cybersecurity, data protection, and operational recovery into a unified strategy. GDT’s cyber resilience workshop can help your teams design and operationalize a truly integrated resilience strategy. Our complimentary workshop is designed to provide security and IT leaders with a practical roadmap for strengthening recovery readiness, modernizing backup architectures, and integrating resilience into enterprise-wide risk management.  

Integrating these disciplines takes cross-functional coordination and a clear roadmap. If you need help getting started, I urge you to register for a cyber resilience workshop. To learn more about the importance of data storage, consider reading Data storage: The backbone of data center resiliency.