SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
World backup day 1
#
Data Protection
#
DR
#
Digital Transformation

Data governance reshapes backup strategies in AI era

Tue, 31st Mar 2026
Author image
By Mark Tarre, News Chief

Organisations are reassessing data resilience strategies as the growth of artificial intelligence and expanding data volumes expose the limits of traditional backup approaches.

The shift comes as enterprises face increasing operational and financial pressure tied to storing, managing and securing large volumes of data, much of which remains unused or poorly understood.

Data growth

Global data volumes are projected to reach 393.9 zettabytes by 2028, according to International Data Corporation.

Australia reflects this trend, with its data centre market expanding significantly over the past two decades, driven by cloud adoption, AI deployments and digital services.

At the same time, cyber incidents continue to rise, with tens of thousands of cases reported annually by the Australian Cyber Security Centre.

This combination of rapid data expansion and persistent threats is reframing resilience as both a technical and economic concern.

Cost pressure

Organisations increasingly face compounding costs tied to data storage, backup operations, compliance requirements and AI systems.

Many continue to operate under a "just in case" mindset, retaining and duplicating data without clear visibility into its value.

Research indicates that a significant portion of enterprise data remains "dark", meaning it is unused or unknown, yet still stored and protected.

This drives additional infrastructure costs and complicates recovery processes during disruptions.

Gartner estimates that by 2030, up to 33% of IT effort will be spent addressing AI data debt, as organisations work to secure and manage the data feeding their AI systems.

In Australia, 62% of organisations report that more than half of their data remains unused or unidentified, despite being routinely backed up.

Governance focus

Attention is shifting towards data governance as a central component of resilience strategies.

"World Backup Day is an important reminder that resilience has become about more than just data recovery. In our increasingly API-driven and agentic world, sensitive data is increasingly dynamic and residing outside traditional backup 'boundaries.' Backups can help you recover what's lost, but they can't control how it's exposed, misused, or exfiltrated as it happens. You need continuous visibility and governance across all application/API/agent connections. Otherwise, you're just backing up data you've already lost control of," said Eric Schwake, Director of Cybersecurity Strategy, Salt Security.

"As organisations mark World Backup Day, the focus is evolving. Backup is essential, but it works best when guided by clear retention policies and strong data governance. Without those guardrails, resilience programs can expand unchecked, becoming costly to run, difficult to manage, and increasingly hard to defend from a business perspective," said Keir Garrett, Managing Director of Cloudera Australia and New Zealand.

Organisations are moving towards classifying data based on business impact, allowing them to prioritise protection levels and reduce unnecessary retention.

This approach aims to align resilience strategies with regulatory requirements, operational needs and customer expectations.

AI impact

Data governance is also becoming critical for AI performance.

Poorly managed data can introduce inaccuracies into analytics and machine learning models, reducing the reliability of outputs.

Organisations face a dual cost burden, paying to store low-value data and then addressing its downstream effects on AI systems.

The quality of data inputs is increasingly linked to the effectiveness of AI-driven decision-making.

Threat landscape

Cyber threats continue to evolve in scale and sophistication, placing additional pressure on resilience strategies.

WatchGuard data points to a 1,500% increase in new evasive malware, with most attacks delivered through encrypted channels.

In Australia, more than 96,000 network attacks were blocked in a single quarter, with attackers targeting internet-facing systems and, in many cases, backup environments.

This has led to renewed focus on backup strategies such as the 3-2-1 model, which involves maintaining multiple copies of data across different media types, including off-site storage.

Testing gaps

Backup systems remain widely deployed, yet many organisations do not regularly test recovery processes.

"This World Backup Day, businesses need to rethink the idea that having a backup means being protected. Too often backups are treated as a 'set and forget' safety net, but if they haven't been tested, they may not work when it matters most," said Anthony Daniel, Managing Director, Australia, New Zealand and the Pacific Islands, WatchGuard Technologies.

Regular testing is increasingly viewed as necessary to validate recovery readiness and identify gaps in resilience strategies.

Behaviour risks

Human behaviour continues to present vulnerabilities in data protection.

"World Backup Day is a valuable reminder of how dependent we've all become on our digital lives, and how easily personal data can be lost or held hostage," said Dr. Kawin Boonyapredees, APJ CISO Advisor, KnowBe4.

"In Australia, we see a growing gap between how confident people feel about cybersecurity and the habits they actually follow," said Boonyapredees.

"KnowBe4's latest research shows that more than half of employed Australians put more thought into securing their work accounts than their personal ones, even though personal data plays an equally important role in resilience," said Boonyapredees.

"The same study found that two-thirds of Australians reuse passwords across multiple accounts, and around one in four take no action after hearing about a major data breach unless they are directly notified," said Boonyapredees.

"These behaviours leave people exposed in ways they often don't realise," said Boonyapredees.

"Backups become critical in these moments," said Boonyapredees.

"A single compromised password, an unexpected malware infection, or a lost device can quickly escalate into a situation where precious files or years of personal history are suddenly out of reach," said Boonyapredees.

"Having a reliable, up-to-date backup means you can recover quickly, without relying on luck or hoping that an incident stops short of causing real damage," said Boonyapredees.

Related stories
Wiz expands AI security coverage across cloud & edge
Elastic ties security platform to Google's air-gapped cloud
KYC for online gambling & gaming in Australia: A compliance guide
VPN vulnerabilities don't have to become breaches
CrowdStrike launches AI security coalition with partners

Top stories

CommBank deploys AI to spot emerging fraud patterns
The real-time data solution to the AI energy problem
Commvault extends Clumio support to Google Cloud Storage
Commvault brings cloud resilience tools to Google Cloud
Semperis expands Purple Knight for government clouds