Cyber-Confidence Crisis: 95% of Firms Confident, Yet Only 15% Fully Recover from Ransomware

The widespread confidence among companies in their own cyber resilience is colliding with a new wave of threats — this time, driven by artificial intelligence. According to the OpenText Cybersecurity Report 2025, 95% of organizations worldwide believe they could recover from a ransomware attack. Yet reality paints a far grimmer picture: only 15% of victims have successfully restored all their data, while an increasing number of incidents now involve the use of AI in offensive operations.

The study, encompassing nearly 1,800 security professionals and business leaders across the U.S., Canada, Europe, and Australia, reveals that confidence is rising in tandem with risk. Companies are enthusiastically adopting generative AI tools to boost productivity — but in doing so, they are also exposing themselves to new vulnerabilities. Nearly 90% of respondents allow employees to use AI-based services, yet fewer than half (48%) have established formal policies governing their use. Small and medium-sized enterprises remain particularly exposed, with such policies in place in only 43% of cases.

The problem is compounded not only by internal lapses but also by external dependencies. One in four organizations reported breaches originating through software suppliers, while nearly half (45%) of those hit by data encryption attacks admitted to paying the ransom. Alarmingly, 30% transferred more than $250,000 to attackers, yet a mere 2% managed a full recovery. Even so, three-quarters of organizations have since begun systematically auditing their vendors and implementing structured update management procedures.

More than half of the respondents reported a surge in phishing and AI-enhanced attacks, while 44% encountered attempts at identity impersonation through deepfakes. The greatest concerns include data leaks (29%), automated attacks (27%), and fabricated videos (16%). Meanwhile, 71% of executives ranked ransomware among their top three business risks, and two-thirds noted that partners and clients now regularly inquire about their cybersecurity posture.

Plans for 2026 reflect this shift in priorities: companies intend to invest primarily in cloud infrastructure protection (58%), data backup solutions (52%), and employee training (52%). Nearly 80% already conduct regular cybersecurity awareness programs, though 4% still lack such initiatives entirely.

OpenText Cybersecurity emphasizes that the fight against ransomware now demands more than internal defenses — it requires close collaboration among organizations, suppliers, and technology partners. Only through such collective effort can vulnerabilities be addressed before artificial intelligence — rapidly emerging as a new weapon in the cybercriminal arsenal — turns them into opportunities for exploitation.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy