Backups are like insurance. Those who are indifferent to risk see it as a waste of money, whereas those of us with assets to protect (houses, professional reputation, etc.) consider it a cost of doing business.

Although backups are a good defense to many problems, including ransomware, one does need to keep their limitations in mind:

1. Backups require planning ahead and spending money you hope to waste. 
2. Backups are generally point-in-time, so you might have "yesterday's spreadsheet", but not "this morning's".
3. Recovery tends not to scale well -- Recovering 1000 machines may require more bandwidth (network or human/admin) than is available.
4. One rarely knows what they need until it is gone, making it hard to know what to back up. For example, are you backing up the desktop on laptops, and what about flash drives?
5. Things break at inconvenient times.  Defense in depth and routine testing are key.

At my previous employer, we were breached.  We had a cyber insurance policy which paid for an IR team, and they used our backups to perform a perfect restoration.  The bad guys never found our backup data.

This was incredibly fortunate because previous restorations from backup were typically small scale, and not across our entire infrastructure.

The one thing which hit us the hardest was loss of availability.  We were out of email for twenty hours, and other services were a bit longer.

The bad guys didn't get a penny.