OpenText Reveals Insights from 2025 Global Ransomware Survey, Highlighting AI Threats

Insights from OpenText's 2025 Global Ransomware Survey

In a recent report released on October 23, 2025, OpenText Corporation highlighted key findings from its Global Ransomware Survey involving nearly 1,800 security professionals and business leaders. The data reveals a contentious relationship between trust and risk as organizations feel increasingly confident in their abilities to recover from ransomware attacks, yet simultaneously express rising concerns about AI-driven threats and third-party vulnerabilities.

Growing Confidence vs. Emerging Risks

The survey underscores a paradox where organizations believe they possess adequate resilience against ransomware, while the evolution of AI significantly alters the threat landscape. New attack techniques, poor governance, and vulnerabilities in the supply chain expose critical gaps between preparedness and execution, creating a precarious environment for both security professionals and business leaders. This trend is particularly evident among small and medium-sized enterprises (SMEs), which often lack formal AI policies.

Muhi Majzoub, Executive Vice President of OpenText Security Products, commented on these findings:
"While it's natural for enterprises to take pride in their advancements in security frameworks, complacency can be dangerous. AI may enhance productivity, but inadequate governance and the growing use of AI in attacks exacerbate risks. Effectively and intelligently managing information is crucial for building resilience across organizations of all sizes."

Key Survey Findings

Misplaced Confidence Amid Risks

The research indicates that while 95% of respondents express confidence in their recovery capabilities following ransomware attacks, only 15% of those impacted can fully restore their data. Additionally, a notable 88% of organizations allow employees to utilize generative AI tools; however, fewer than half (48%) have established formal policies for their use.

Larger corporations (52%) lead in AI governance compared to small businesses (43%), showcasing a disparity in resources and readiness. Furthermore, more than half of the respondents (52%) reported an increase in phishing and ransomware attacks attributed to AI, and 44% have witnessed deepfake-style impersonation activities.

Among concerns surrounding AI, data breaches (29%), AI-facilitated attacks (27%), and deepfake incidents (16%) top the list, reflecting an urgent need for organizations to define their AI strategies effectively.

Supply Chain Vulnerabilities

While the focus on AI risks is prevalent, discussions often overlook the silent yet significant threats posed by supply chains and third-party risks. Attacks are becoming more frequent and decentralized, often infiltrating through vendors, partners, or unmanaged digital pathways.

In the past year alone, 40% of organizations reported experiencing ransomware attacks, with nearly half facing multiple incidents. Among victims, 45% paid ransoms, and 30% paid over $250,000. Alarmingly, only 15% managed to recover their data completely, while 2% reported being unable to recover anything. Notably, 25% of attacks originated from software vendors, underscoring the importance of assessing cybersecurity among suppliers. According to the survey, 78% of organizations evaluate their software suppliers' cybersecurity, while 82% actively manage patching protocols.

Escalating Ransomware Threats

The rise of AI and the penetration of ransomware into core business systems have propelled cybersecurity into the spotlight. This once IT-centric challenge is now recognized as a core strategic issue among boards and executives.
Seventy-one percent of respondents noted that management views ransomware as one of the top three business risks, highlighting a significant shift in awareness and priority.

Additionally, 64% of organizations have been questioned by customers or partners regarding their ransomware response strategies in the past year. Investment priorities for 2026 include cloud security (58%), backup technologies (52%), and user training (52%). Moreover, 77% of organizations conduct regular security awareness training, while only 4% have eschewed training altogether.

Conclusion

The detailed findings of OpenText's 2025 Global Ransomware Survey suggest that addressing ransomware threats relies not just on internal measures but also on how effectively organizations, partners, and technology providers can collaborate to address security gaps before they are exploited. For more information on OpenText’s Enterprise Solutions, visit OpenText Cybersecurity Cloud. For solutions tailored for small businesses, check here.

Survey Methodology

In September 2025, OpenText Cybersecurity conducted the survey, targeting 1,773 respondents from SMEs and large enterprises in the US, Canada, UK, Australia, France, and Germany, including executives, security experts, and heads of security and technology departments. Respondents represented various industries, including technology, financial services, retail, manufacturing, healthcare, and education.

About OpenText

OpenText™ is a global leader in information management software and services, providing a comprehensive suite of business cloud, AI, and technology to help organizations tackle complex global challenges. For more information about OpenText (NASDAQ/TSX: OTEX), visit OpenText.