As India’s digital economy continues to expand at an unprecedented pace, questions around how to safeguard data against increasingly sophisticated cyber threats have moved to the centre of policy and business discussions. Against this backdrop, the Delhi leg of the VeeamON 2025 India Tour brought together senior civil servants, law enforcement leaders, CIOs, CISOs and executives from sectors such as government, power, gas and utilities to focus on resilience in the age of ransomware.
The day opened in traditional fashion with a lamp-lighting ceremony, but symbolism quickly gave way to substance with the release of the Ransomware India Mitigation Report 2025. The report underscored what many practitioners already experience: ransomware incidents are no longer rare disruptions but near-certainties, and attackers are increasingly targeting the backup systems organisations rely on. The conclusion was clear—resilience depends not only on having recovery plans, but on testing and proving that those plans can withstand real-world pressure.
From there, the conversations broadened to diverse perspectives. Kushagra Sharma, who leads marketing for Veeam India and SAARC, described cyber resilience as a prerequisite for customer trust and growth rather than just a compliance requirement. His colleague, Beni Sia, Veeam’s General Manager and Senior Vice President for Asia Pacific and Japan, stressed the importance of immutability and recovery testing, noting that attackers now aim to corrupt backup data itself.
The public sector lens was equally prominent. Assam bureaucrat Dr. Jeevan Basavaraj, who heads the Department of Startups, Innovation and Entrepreneurship, said that embedding security into the DNA of new companies from day one is crucial to avoid what he termed “cyber debt.” Dr. Deepak V. Shastry from the Natural Gas Society of India linked resilience directly to public safety, noting that in energy and utilities, immutable backups and rehearsed failovers are not IT add-ons but operational necessities.
From the law enforcement side, Indian Police Foundation leaders DC Jain and OP Singh emphasised the need for faster intelligence sharing between enterprises and investigators, pointing out that agencies are too often brought in only after a ransom note arrives.
Industry associations and skill councils added their own calls to action. Cyber Security Association of India president N. K. Goyal pressed for enforceable hygiene measures such as multi-factor authentication and hardened administrator controls across small and mid-sized firms.
Col Sarvesh Sharma, Director of the Army Welfare Placement Organisation, decorated with the Vishisht Seva Medal, highlighted the untapped value of bringing veterans into the cyber workforce, citing their procedural discipline and readiness under pressure.
The theme of inclusion found resonance through Neha Bagaria, founder of HerKey, who said that India’s cyber workforce ambitions will fall short without improving women’s participation in technology careers. Rishikesh Patankar, Vice President at NSDC, tied this to national skilling standards and outcome-based models, while IT entrepreneur Kamal Gulati noted that many breaches stem from preventable lapses like unpatched systems, flat networks and lax SaaS governance. Yashwant Singh of NxtGen Cloud pointed to sovereign cloud patterns and automated policy enforcement as ways to reduce dependence on human vigilance.
In a leadership spotlight session, Bagaria argued that diverse leadership teams make stronger risk decisions. That dovetailed into a framework from Veeam’s Vijay Raai, who outlined six pillars—people, platforms, policy, partnerships, process and practice—as a practical roadmap for building a cyber-resilient India.
While the morning focused on frameworks, the evening sessions brought candid exchanges. Closed-door roundtables saw senior government officials discuss compliance with the Digital Personal Data Protection Act and sector-specific mandates, while CIOs and CISOs compared notes on ransomware strains targeting backup repositories.
One highlight was the CIO panel featuring Rajneesh Kumar Srivastava, Executive Director of Finance and IT at Indraprastha Power Generation Company and Pragati Power Corporation, who underscored the need for tiered, immutable backups and clean-room recoveries in critical infrastructure, arguing that recovery objectives should be audited as rigorously as safety metrics.
Taken together, the Delhi edition of VeeamON 2025 did not present a silver bullet. Instead, it offered a common vocabulary for policymakers and practitioners and a reminder that cyber resilience is not only an IT issue but a national one. As participants broke into side conversations and exchanged contacts, the underlying message was clear: the strength of India’s digital economy will ultimately depend on its ability to secure the weakest backup, train the least-prepared responder and close the most easily overlooked gap.
