The one thing companies can’t afford is to lose revenue, and yet disaster recovery is still not a priority for many, says Mandi Matthews, Solutions Architect: Azure at Braintree.
One hundred percent. That’s how many companies have reported revenue loss from downtime in 2025. And enterprises are now experiencing around 86 hours of IT outages a year1. In South Africa, the cost of breaches is as high as R350 million in direct losses over three years, says PwC, with threats gaining momentum alongside digital and cloud adoption2. On the flip side, companies that invest in disaster recovery (DR) solutions and have clearly defined DR metrics experience a reduction in fraud and cyber-related losses and minimise revenue loss. They also have better relationships with customers and stakeholders.
Then there’s the $2.3 trillion cost of disaster. The United Nations Office for Disaster Risk Reduction estimates that this is now the annual bill that comes due for DR, and points out that intelligent planning and investment play a significant role in offsetting the risk3. Whether the disaster is digital or physical, planning has become everything.
However, implementing DR strategies and policies can be challenging. Compliance, for example, is complex and can have a negative impact on the business. According to PwC 77% of respondents felt that compliance was too complicated, underscoring the need for the move towards solutions that made it simpler and faster. It’s needed – only 7% of those surveyed felt they were leading with compliance4. When a company can coordinate its compliance and DR activities, its confidence levels increase, as does its operational resilience.
Another challenge is far more human – companies don’t have a great attitude towards DR. Many still believe it is either a luxury or an unnecessary expense, one that only becomes relevant after an incident. When it comes to DR, companies tend to fall into three groups: those who don’t know what it is; those who think a disaster won’t happen to them; and those who view it as an avoidable cost.
Unfortunately, this mindset is one of the biggest contributors to prolonged outages. Companies underestimate the frequency of failure and the financial impact of downtime, not really recognising how DR is actually less of a cost centre and more of a resilience mechanism. They also don’t often realise that there’s a chasm-wide difference between backups and DR.
Backups can only take a business to a point. They can help the company recover data, but not operations. They don’t have the systems and capabilities to recreate a functioning environment or spin up infrastructure, or restore customer-facing services. Critically, they don’t meet the recovery time objectives required in regulated or high-availability sectors.
Companies can’t afford to be comfortable with backups. It doesn’t matter how well the business understands its systems or how expert the IT team is, a day lost to downtime while the backup is being restored is a day of lost transactions, productivity and reputation.
Disaster recovery, on the other hand, is designed to lift the company straight back into business. It involves replicated environments, automated orchestration, defined failover plans and continuous synchronisation. The technology and the strategy behind DR restore the entirety of the business extremely quickly, not just the data. And this neatly brings the conversation back to compliance – often it is exactly this requirement that brings companies to the DR doorway, knocking to find out how they can remain compliant and competitive in a highly regulated market.
Companies, especially those in the financial services sector, increasingly require regulator-aligned DR architectures, particularly in Microsoft Azure environments. And many have had unexpectedly unpleasant experiences when their DR systems have failed or haven’t met regulatory requirements and they’ve been expected to re-architect from scratch. In sectors like financial services, there’s almost zero tolerance for downtime and weakly architected systems.
Fortunately, technology has caught up, as have metrics that allow companies to better define their DR practices against global standards. Companies need visibility into their Recovery Time Objective (RTO) so they know how long they can afford to be down, then into their Recovery Point Objective (RPO), which determines how much data they can afford to lose. These metrics then need to feed data from testing under pressure so companies know how their systems will react, and how long it takes for them to achieve full operational recovery.
And that full recovery today? Try seven minutes. There are DR tests that have spun up entire production environments, including firewalls, virtual machines, databases, and networking, in under ten minutes. Not hours. Compared to a traditional backup restore which can take hours under ideal conditions, DR as a Service is lightning fast.
It also protects revenue, underpins compliance, and directly influences customer and stakeholder trust. In 2025, DR is strategic. And finding a DR partner that can whip up the entire business in the time it takes to make a cappuccino? Invaluable.