top of page
Search

Ransomware Readiness Isn’t Enough — AI and Supply Chains Are the Silent Wildcards

In a twist that might surprise even seasoned CISOs, the fourth annual Global Ransomware Survey from OpenText reveals a paradox: businesses are increasingly confident in their ability to bounce back from ransomware — yet at the same time, they’re quietly admitting that the real threats are multiplying and shifting in ways they’re only beginning to grasp.


Confidence vs. Reality


According to the survey of roughly 1,800 security practitioners and business leaders, 95 % of respondents say they’re confident they could recover from a ransomware attack. But when pressed on real-world outcomes, only 15 % of organizations that were attacked managed full data recovery. That gap — between preparedness and performance — is raising alarm bells.


The AI Factor: Double-edged Sword


The data shows that AI is both a tool for corporate innovation and a weapon in the hands of adversaries. Some headlines:


  • 88 % of respondents permit use of generative AI by employees — but only 48 % have enacted a formal AI-use policy.


  • 52 % report an uptick in phishing or ransomware attacks attributed to AI; 44 % say they’ve seen deepfake-style impersonation attempts.


  • Top AI-related concerns: data leakage (29 %), AI-enabled attacks (27 %), and deepfakes (16 %).


As one executive put it: “Organizations are right to be confident in their progress in security posture, but they can’t afford to be complacent.” — Muhi Majzoub, Executive VP, Security Products at OpenText.


He added: “AI fuels productivity while also heightening risk through insufficient governance and its expanding use in attacks. Managing information securely and intelligently is essential to building resilience in organizations of any size.”


The Supply-Chain Weakness


It’s not just AI. The survey underscores another critical dimension: third-party and supply-chain risks. Highlights:


  • 40 % of companies experienced a ransomware attack in the past year; nearly half of those were hit more than once.


  • 45 % of victims paid a ransom; 30 % paid $250,000 or more.


  • Only 15 % fully recovered their data; 2 % recovered nothing.


  • A full 25 % said the ransomware originated via a software-vendor supply chain path.


  • But the good news: 78 % now assess their software suppliers’ cybersecurity; 82 % have patch management in place.


Implications for Enterprise Strategy


What this survey signals is that ransomware is shifting from being a purely IT incident to being a core business risk — one that sits squarely in boardrooms. Consider:


  • 71 % of respondents say their executive team now considers ransomware a top-three business risk.


  • 64 % have been asked by customers or partners about ransomware readiness in the past year.


  • For 2026, top investment priorities are cloud security (58 %), backup technologies (52 %), and user-training (52 %) — reflecting that resilience is now upstream in strategy, not downstream in response.


What Comes Next for Practitioners


From a practitioner’s vantage point, there are three immediate take-aways:


  1. Governance must catch up to innovation – The high use of generative AI tools without formal policy is a red-flag. Enterprises and especially SMBs need to codify what “safe” AI use means internally.


  2. Supply-chain risk can’t be underestimated – Many attacks are folding in via vendors, managed services, or ungoverned digital pathways. Treat the vendor ecosystem like an extension of your perimeter.


  3. Recovery readiness ≠ recovery success – That 95 % confidence figure is high, but a 15 % full recovery rate among attacked orgs is sobering. Organizations need to validate actual recovery capability, test it under realistic conditions, and evolve beyond mere “we believe we can” to “we’ve proven we can”.


Closing Thought


In short: organizations are right to be investing and getting serious about ransomware — but the landscape is morphing fast. AI is adding layers of complexity, supply-chain exposures are growing, and the margin for error is shrinking. As Majzoub warned, managing information “securely and intelligently” is non-optional if you want to build true resilience — not just confidence.


As the survey makes plain, the question is no longer “if” you can recover — it’s how you ensure you will recover, in a world where threats evolve faster than playbooks.

bottom of page