Veeam used RSAC 2026 to argue that data protection and security must now converge, positioning recovery as a core security capability rather than a siloed IT function [1]. This shift reflects a broader industry trend: resilience is now a strategic enabler for AI transformation, not just an operational afterthought. According to Futurum Group's 2H 2025 Cybersecurity Decision Maker Survey (n=1,008), 62.1% agree AI-powered defensive tools are now a necessity.
What is Covered in this Article
- Veeam's push for converged data protection and security at RSAC 2026
- The new mandate for recovery as a security function
- AI transformation and the strategic role of resilience
- Implications for CISOs, CIOs, and security vendors
The News
At RSAC 2026, Veeam made the case that recovery must be treated as a core security capability, not a backup afterthought [1]. The company argues that security posture is now measured by both threat detection speed and the ability to recover and maintain operations after an incident. This redefinition aligns with the growing recognition that resilience is a strategic asset, especially as organizations accelerate AI adoption and face more frequent, sophisticated attacks. Veeam's message lands as CISOs and CIOs grapple with the operational realities of integrating AI, where downtime or data loss can cripple automated processes and agentic workflows. According to Futurum Group's 2H 2025 Cybersecurity Decision Maker Survey (n=1,008), 82.3% of organizations experienced at least one significant security incident in the past 12 months, and 62.1% now see AI-powered defensive tools as essential.
Analyst Take
The line between data protection and security is blurring fast. As AI-driven automation raises the stakes for operational continuity, recovery is no longer just an IT checkbox. It's a board-level concern and a forcing function for security architecture.
data protection and security: Resilience as the New Battleground for Security Vendors
Veeam's RSAC message is less about backup and more about redefining the security stack through data protection and security integration. Recovery speed and confidence are now part of the CISO's mandate, not just the CIO's. This shift pressures legacy security vendors such as Symantec and McAfee, who have historically focused on prevention and detection, to rethink their value proposition. According to Futurum Group's 2H 2025 Cybersecurity Decision Maker Survey (n=1,008), 73.2% expect their cybersecurity budget to increase in the next 12 months, with modernization—not compliance—as the top driver. Vendors who can't integrate rapid recovery and resilience into their data protection and security platforms risk being sidelined as buyers demand end-to-end solutions.
AI Transformation Raises the Cost of Downtime and Data Protection and Security Risks
AI adoption amplifies the operational impact of security incidents and strains data protection and security capabilities. Automated workflows and agentic AI systems depend on uninterrupted data access. A single breach or ransomware attack can halt entire business processes, not just IT operations. Futurum's Cybersecurity Decision Maker Survey (n=1,008, 2H 2025) found that 62.0% of organizations have seen a significant increase in sophisticated AI-driven social engineering attacks. As organizations embed AI deeper into core processes, the ability to recover quickly becomes existential. Veeam's focus on resilience is well timed, but execution risk remains: integrating recovery into security operations centers without adding complexity or slowing response times is a tall order.
Convergence or Vendor Lock-In—Who Wins the data protection and security Architecture War?
The convergence of data protection and security raises a critical question: will buyers benefit from integrated platforms, or will they face new forms of vendor lock-in? Futurum Group's 2H 2025 Cybersecurity Decision Maker Survey (n=1,008) shows 43.0% plan to expand their security vendor count, while only 34.6% are consolidating. The market is still in a net-expansion phase, but as recovery becomes a data protection and security requirement, platform vendors such as Microsoft and AWS are positioned to bundle protection, detection, and recovery. The risk is that organizations trade one set of silos for another, with limited interoperability and escalating switching costs.
What to Watch
- Recovery as Table Stakes: Will CISOs make rapid recovery a top-three security metric by 2027?
- AI-Driven Incidents: How will the rise of agentic AI change the operational cost of downtime?
- Vendor Integration: Will security and backup vendors partner or compete for control of the resilience stack?
- Consolidation vs. Fragmentation: Does the market move toward platform dominance or best-of-breed integration?
Sources
1. Veeam at RSAC 2026: Why Data Protection and Data Security Must Converge
Declaration of generative AI and AI-assisted technologies in the writing process: This content has been generated with the support of artificial intelligence technologies. Due to the fast pace of content creation and the continuous evolution of data and information, The Futurum Group and its analysts strive to ensure the accuracy and factual integrity of the information presented. However, the opinions and interpretations expressed in this content reflect those of the individual author/analyst. The Futurum Group makes no guarantees regarding the completeness, accuracy, or reliability of any information contained herein. Readers are encouraged to verify facts independently and consult relevant sources for further clarification.
Disclosure: Futurum is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum as a whole.
Read the full Futurum Group Disclosure.
Other Insights from Futurum:
Veeam Makes Bigger Data Security Play With Acquisition Of Securiti
Building Resilience: Effective Strategies For Cyber Incident Preparedness
Earnings Season: Lenovo, Cisco, Kyndryl, Plus Llms
Author Information
Futurum Research
Futurum Research delivers forward-thinking insights on technology, business, and innovation. Content published under the Futurum Research byline incorporates both human and AI-generated information, always with editorial oversight and review from the expert Futurum Research team to ensure quality, accuracy, and relevance. All content, analysis, and opinion are based on sources and information deemed to be reliable at the time of publication.
The Futurum Group is not liable for any errors, omissions, biases, or inadequacies in the information contained herein or for any interpretations thereof. The reader is solely responsible for any decisions made or actions taken based on the information presented in this publication.
