For most of the last decade, backup and security were separate product categories with separate teams and separate procurement cycles. That separation no longer matches the threat model. Ransomware operators target backups in the first hour of intrusion; backup software increasingly carries privileged access into every endpoint and server it protects. The two categories now share an attack surface — so they need to share a defence.
Acronis was early to the convergence with its MDR SOC overlay sitting on top of the backup and endpoint stack. The pitch isn't "backup plus security as separate features." It's a single platform where backup behaviour is monitored, suspicious patterns are flagged, and active protection runs against the very ransomware variants designed to neutralise the backups.
For SMBs, the practical implication is to stop evaluating backup tools and security tools on parallel paths. The two now live or die together. The right architecture treats them as one programme.