Old Dog New Tricks

Just an Old Guy doing Veeam stuff

Welcome To Old Dog New Tricks. I’m
Mark Boothman I’ve worked in IT for over 30 years specializing in virtualization and data resilience. This blog is to catalog my thoughts and experiences being a community member and hopefully to provide help and inspiration to others looking to get involved in various community programs. I am the Co-Lead of the Veeam User Group (VUG) United Kingdom. The views i share in this blog are expressly mine alone and do not reflect those of my employer.

Data Resilience Is a Leadership Problem – Not Just a Technical One

This is a post based around a discussion point that came about when I spoke at the VeeamOn Tours the other year in Manchester & London. When data resilience fails, it rarely does so because the technology wasn’t capable. More often than not, it fails because of differing priorities that the IT team were not aware of.

In the conversations we have had with customers, a common pattern keeps emerging: resilience is treated as an IT responsibility, owned by the IT team and it’s all good.

I think it’s fair to say that this approach is no longer fit for purpose.

In a world where downtime directly impacts revenue, reputation, customer trust, and regulatory exposure, data resilience has to be a business‑wide discipline – and that only happens when there is clear buy‑in from the C‑suite down.

Resilience Without Alignment Is Fragile

Most organisations believe they have a data resilience strategy in place.

  • Backups exist.
  • Recovery plans exist.
  • Documentation exists.

What’s often missing is shared understanding.

If the board assumes systems can be recovered “quickly”, but IT understands that “quickly” actually means several days, there is already a gap. If finance believes ransomware is covered because backups exist, but security knows restore testing hasn’t happened in months, there is risk hiding in plain sight.

Technology alone doesn’t close those gaps – alignment does. True resilience requires leadership‑level agreement on:

  • What really needs to be protected
  • What level of downtime is acceptable – and what isn’t
  • What the commercial and operational impact of failure looks like
  • Where responsibility begins and ends during a major incident
  • What are the priorities in a recovery scenario. (especially key at say 2 a.m. on a holiday weekend)

Without that clarity, even the best technical solutions can leave an organisation exposed.

The C‑Suite Sets the Tone – Whether Intentionally or Not

Data resilience is shaped by the SMT, long before a recovery button is ever pressed.

Budget decisions, risk appetite, regulatory posture, and strategic priorities all come from the top of the organisation. If resilience is positioned as a cost to be minimised, the resulting strategy will reflect that. If it’s viewed as a foundational capability that protects revenue and continuity, the conversation changes.

The most resilient organisations we work with have something in common, their leadership teams treat resilience as part of business governance, not a line item under IT.

That doesn’t mean executives need to understand recovery orchestration or backup architecture- but they do need to understand consequences, trade‑offs, and exposure. When leadership is engaged, resilience discussions move from:

“What’s the cheapest way to meet this requirement?”
to:
“What level of protection aligns with our risk profile?”

That shift is critical.

Buy‑In Must Extend Beyond the Boardroom

Alignment at the top is essential – but it isn’t sufficient on its own.

Data resilience breaks down when IT lives in isolation. IT may understand the strategy, but if application owners, service managers, and operational teams aren’t aligned to it, execution becomes inconsistent.

This shows up in very familiar ways:

  • Business teams deploying new systems without considering recovery requirements.
  • Changes made in production that never make it into backup or DR plans.
  • Assumptions that “someone else” is validating recoverability.
  • Incident response plans that look good on paper but fail under pressure.
  • Extended recovery times due to lack of clarity and competing priorities.

When resilience is clearly defined from the top and reinforced throughout the organisation, these gaps narrow. Expectations are clearer. Ownership is defined. Testing becomes a normal part of operations rather than an afterthought.

In short, resilience becomes a behaviour, not a document.

From Technical Capability to Organisational Confidence

The real goal of data resilience isn’t just the ability to restore data. It’s confidence.

Confidence that when something goes wrong, the organisation knows:

  • Who is involved
  • What decisions need to be made
  • How long recovery will take
  • What the business impact will be

That confidence only exists when technical capability is matched with organisational alignment.

  • C‑suite sponsorship gives resilience authority.
  • Shared understanding gives it consistency.
  • Regular validation gives it credibility.

Without all three, resilience remains theoretical.

Final Thought

Cyber threats, human error, platform failures, and operational disruption aren’t edge cases anymore – they’re expected conditions. Treating data resilience as a purely technical concern in that environment is a risk in itself. Alignment from the C‑suite down doesn’t just improve recovery outcomes; it prevents unpleasant surprises at the worst possible moment.

And in resilience planning, surprises are what hurt most.