The Neglect of Backup Systems in Israeli SMBs: A Critical Risk to Business Survival
The neglect of backup systems among Small and Medium-sized Businesses (SMBs) in Israel has become one of the most significant risk factors for business continuity. Despite the sharp rise in ransomware attacks and recommendations from global leading bodies, many businesses still maintain backups that are not segregated, untested, and practically unrecoverable. Based on data from Veeam, Acronis, and CERT-IL, we can observe the true state of affairs in Israel and how adopting Logical Air Gaps and Immutable Backups can rescue an organization from a ransomware crisis and provide true business resilience. Below are actionable insights and recommendations based on the methodologies implemented by TOM for its SMB clients.
Backup Neglect: The Greatest Threat to Business Continuity
While ransomware attacks in Israel and globally continue to grow in intensity and frequency, SMBs still struggle to adopt modern backup strategies capable of ensuring real survival. Recent reports from leading security organizations present a clear picture: backup is not just a technical obligation—it is a fundamental requirement for business continuity. In many cases, it is the difference between a rapid recovery and a total operational collapse.
The State of Backups: Global and Local Insights
- Recovery Failures – The Core Issue: The Veeam Data Protection Trends 2024 report indicates that 74% of organizations fail to recover data during an incident at a level that meets their own defined standards. This means that even organizations with “backups” are often unable to recover in real-time.
- Non-Segregated Backups – An Invitation for Ransom: The Acronis Cyberthreats Report 2024 emphasizes that many companies continue to keep backups connected to the same network environment, leading to their encryption during an attack. The clear recommendation: Immutable Backups and Logical Air Gaps.
- Ransomware in Israel: Publications from CERT-IL show an increase in the frequency of ransomware attacks, particularly against SMBs with minimal security and unprotected backups. Many affected businesses lacked up-to-date recovery capabilities or relied on misconfigured cloud backups.
Why are Israeli SMBs Still Unprepared?
- The False Sense of Security: Most failures do not stem from a lack of backup, but from backups that are faulty, untested, non-isolated, or unrecoverable in real-time.
- Operational Overload: SMBs often lack a dedicated CIO or CISO. IT managers are preoccupied with daily operations and fail to perform routine restoration tests.
- Perceived Cost: Backup and Disaster Recovery (DR) solutions are often viewed as an expense rather than essential protection. In reality, the cost of a ransomware incident for a small business ranges from ₪50,000 to ₪250,000, according to public data from the Israeli cyber insurance industry.
What Does Modern Backup Require in 2025?
Based on official recommendations from Veeam, Acronis, NIST, and ENISA:
- Logical Air Gap: Ensuring backups are inaccessible to the production operating system.
- Immutable Backups: Files that cannot be deleted, modified, or encrypted by external threats.
- DR Site Replication: The ability to maintain continuous operations if production systems are compromised.
- Quarterly Restoration Tests: Documented proof that the backup is actually usable.
- End-to-End Encryption: Both in transit and at rest.
- Zero Trust Access: Restricting backup environment access to strictly authorized personnel.
- Advanced Monitoring: Identifying suspicious behavior, such as a sudden spike in deleted or modified files.
How TOM Builds Resilience for SMBs
TOM implements a backup infrastructure for SMB clients based on Cyber Resilience principles, including:
- Managed IT Services integrating Backup-as-a-Service (BaaS).
- Layered Cyber Security, including endpoint hardening.
- Segregated Backups (Logical Air-Gap) within the TOM-CLOUD environment.
- Immutable Storage to prevent deletion during an attack.
- Continuous Monitoring and routine Backup Health Checks.
- Documented Periodic Restoration Tests.
- Tailored DR Planning for small businesses at optimized price points.
Conclusion
The data shows that the primary gap is not in the technology itself, but in the implementation, structure, and maintenance of the backup array. Israeli SMBs are at increased risk—not just due to the existence of threats, but because of outdated models that fail to meet 2025 standards. An organization that adopts a proper, immutable, and regularly tested backup strategy achieves high cost-effectiveness and protects itself against the most dangerous scenario: ransomware.
