Survey: Organizations Are Too Confident in Their Cyber Resiliency
A global survey of 1,773 C-level executives, security professionals and security and technical directors finds nearly all (95%) are confident in their ability to recover from a ransomware attack.
Survey: Organizations Are Too Confident in Their Cyber Resiliency
A global survey of 1,773 C-level executives, security professionals and security and technical directors finds nearly all (95%) are confident in their ability to recover from a ransomware attack.Conducted by OpenText, the survey also notes that 40% of respondents said their organization experienced a ransomware attack in the past year, with nearly half hit more than once. A total of 45% of victims paid a ransom, with 30% paying in excess of $250,000. However, among those victimized only 15% fully recovered their data.
Grayson Milbourne, security intelligence director for OpenText, said that inability to fully recover data suggests there is a significant gap between how resilient organizations really are versus internal perceptions.A full 71% of respondents said their executive team sees ransomware as a business risk but that awareness doesn’t always equate to understanding. In fact, advances in artificial intelligence are only going to make it easier than ever to launch, for example, phishing attacks that are used to inject the malware used to encrypt data. More than half of respondents (52%) have already seen an increase in phishing or ransomware due to AI, with 44% having experienced an attack that employed a deepfake impersonation. Top AI-related concerns among respondents include data leakage (29%), AI-enabled attacks (27%), and deepfakes (16%), according to the survey.More troubling still, many organizations are also at the same time adopting AI tools without formal usage policies in place. A full 88% said their organization allows employees to use generative AI tools, yet less than half (48%) have a formal AI use policy. That opens those organizations to, for example, prompt injection attacks that can be used as a method for launching a ransomware attack, noted Milbourne.The survey also finds that 25% of ransomware attacks originated from a software vendor. On the plus side, more than three quarters of respondents (78%) said their organization now assesses the security of software supplier cybersecurity.Nearly two-thirds (64%) also noted they have been asked by customers or partners about ransomware readiness in the past year, which may help explain why business leaders are more concerned.On the plus side, those concerns are having a, hopefully, positive impact on IT investment plans for 2026, with cloud security (58%), backup technologies (52%), and user training (52%) at the top of the priority list. The challenge is that additional investment doesn’t necessarily mean that data will be instantly recoverable in the event of a ransomware attack. Many organizations still wind up paying a ransom simply because the amount of downtime that would be incurred before data can be recovered is simply too long given the amount of revenue that might be lost. Of course, there is no honor among thieves so many organizations wind up simply being victimized again by the same cybercriminal syndicate, noted Milbourne.Ultimately, each organization will need to determine the level of disruption they might be able to tolerate and work backwards from there. Resiliency is costly, so the issue is balancing the total cost of achieving versus the value of the workflows that might be impacted if data suddenly became unavailable at the most inconvenient moment possible.
About Author
