While 95% of organizations are confident in their ransomware recovery, AI-driven attacks and limited data governance are undermining that certainty
OpenTextâ„¢ (NASDAQ: OTEX) (TSX: OTEX), a global leader in secure information management for AI, today released the findings of its fourth annual Global Ransomware Survey. The survey of almost 1,800 security practitioners and business leaders highlighted a rising tension between confidence and risk: confidence in ransomware readiness is rising yet concern over AI-driven attacks and third-party vulnerabilities are growing just as fast.
Organizations believe they’re ready to bounce back from ransomware—but AI is rapidly changing the threat landscape. New attack methods, weak governance, and supply chain vulnerabilities are exposing critical gaps between preparation and performance, creating a higher-stakes environment for defenders and leaders alike. This is especially true for SMBs that have fewer formal AI policies.
“Organizations are right to be confident in their progress in security posture, but they can’t afford to be complacent,” said Muhi Majzoub, Executive Vice President, Security Products, OpenText. “AI fuels productivity while also heightening risk through insufficient governance and its expanding use in attacks. Managing information securely and intelligently is essential to building resilience in organizations of any size.”
Key survey findings include:
False Sense of Confidence Grows, as AI raises the Stakes
Organizations feel more prepared than ever to recover from ransomware attacks, but AI introduces a growing layer of complexity that’s causing unease. While internal GenAI use is rising, so are external AI-powered threats. Organizations are navigating a high-stake balancing act to enable innovation while managing risk.
- Ninety-five percent of respondents are confident in their ability to recover from a ransomware attack, but only 15% of those attacked fully recovered their data.
- Eighty-eight percent allow employees to use GenAI tools, yet less than half (48%) have a formal AI use policy.
- Enterprises lead AI governance (52%) compared to SMBs (43%) by having a formal AI policy in place.
- Fifty-two percent report increased phishing or ransomware due to AI; 44% have seen deepfake-style impersonation attempts.
- Top AI-related concerns among respondents include data leakage (29%), AI-enabled attacks (27%), and deepfakes (16%).
Unmanaged Supply Chain Pathways Create Hidden Risks
While much of the ransomware conversation centers on AI, supply chain and third-party risks remain a quiet but dangerous threat. Attacks are both more frequent and distributed, often entering through vendors, partners, or unmanaged digital pathways.
- Two in five companies (40%) experienced a ransomware attack in the past year; nearly half of those were hit more than once.
- Forty-five percent of victims paid a ransom; 30% paid $250K or more.
- Only 15% of those hit fully recovered their data; 2% recovered nothing.
- Twenty-five percent experienced ransomware attacks originating from a software vendor.
- Over three-quarters (78%) of organizations now assess software supplier cybersecurity; 82% have patch management in place.
Sophistication of Ransomware Attacks Raises Awareness
The rise of AI and the spread of ransomware across critical business systems have pushed cybersecurity into the spotlight. What was once seen as an IT issue is now recognized as a core strategic concern for boards and executive teams.
- Seventy-one percent of respondents say their executive team sees ransomware as a top three business risk.
- Nearly two-thirds (64%) have been asked by customers or partners about ransomware readiness in the past year.
- 2026 investment priorities include cloud security (58%), backup technologies (52%), and user training (52%).
- A majority (77%) conduct regular security awareness training; only 4% offer none.
For additional findings from the OpenText Cybersecurity 2025 Global Ransomware survey, view the infographic.
Protecting against ransomware now depends not just on internal defenses, but also on how effectively organizations, partners, and technology providers work together to close security gaps before they’re exploited. To learn more about our enterprise solutions, explore OpenText Cybersecurity Cloud. To learn more about our offerings for SMBs, click here.
Survey Methodology
In September 2025, OpenText Cybersecurity surveyed 1,773 C-level executives, security professionals, and security and technical directors from SMBs and enterprises in the United States, Canada, the United Kingdom, Australia, France, and Germany. Respondents represented multiple industries including technology, financial services, retail, manufacturing, healthcare, education, and more.