As 2026 approaches, a new tension is shaping the global cybersecurity landscape: organizations are more confident than ever in their ability to recover from ransomware, yet they face a rising wave of sophisticated, AI-powered attacks that threaten to outpace their preparedness. The OpenText Cybersecurity 2025 Global Ransomware Survey highlights this paradox, revealing a digital world where optimism and vulnerability now coexist uneasily.
Confidence vs. Reality
The survey finds that 95% of organizations believe they can recover from ransomware, a dramatic vote of confidence. Yet, reality tells a different story—only 15% of attacked organizations were able to recover their data entirely, and 2% recovered none at all. This gap signals that strong sentiment may not be matched by true resilience, particularly as threat actors adopt advanced AI-driven techniques.
AI Widens the Threat Surface
AI continues to supercharge productivity, but for cybersecurity, it is a double-edged sword. While 88% of companies now permit the use of GenAI, fewer than half have a formal AI policy, leaving them vulnerable to risk. At the same time, 52% report an increase in phishing or ransomware due to AI, and 44% have already encountered deepfake-style impersonation attempts. As organizations rush to innovate, readiness lags, especially among SMBs, widening the exposure gap.
Supply Chain Attacks Surge
Beyond AI, the report highlights the risks posed by vendor-driven threats. Two in five organizations experienced ransomware in the past year, with 25% of attacks originating from software suppliers. More than 45% of victims paid a ransom, and 30% spent $250,000 or more, underscoring the high-stakes cost of modern cyber extortion.
Cybersecurity Becomes a Board Priority
Ransomware has moved from a technical risk to a boardroom concern. 71% of leaders now view ransomware as a top-three business threat, and partners increasingly demand proof of readiness. Companies are responding with investments in cloud security, backup tools, and user training—a sign that resilience is becoming a strategic priority.
The Road Ahead
The story of ransomware in 2025 is not simply about escalation—it is about evolution. Organizations believe they are prepared, but confidence is facing its toughest test yet as AI makes attacks faster, more deceptive, and harder to contain. The winners in this next phase will be those who match innovation with governance, and optimism with operational discipline. In the new era of cybersecurity, resilience isn’t just about recovery—it’s about anticipating and adapting to threats.
