AI-enabled threats surge as 95% of Indian firms allow use of generative AI tools; nearly 70% of ransomware-hit organizations paid ransom to recover data
Nearly half of Indian organizations experienced at least one ransomware attack in the past year, making India one of the most targeted markets globally, according to the OpenText Cybersecurity 2025 Global Ransomware Survey. The report highlights a steep rise in AI-driven cyber threats, even as Indian enterprises rapidly adopt generative AI tools without adequate governance frameworks.
The study, based on responses from 1,800 security professionals across seven countries—including over 200 from India—found that 71% of Indian organizations observed an increase in AI-powered phishing or deepfake attacks. While 95% allow employees to use generative AI tools, only about half have a formal AI-use or data privacy policy in place.
Ransomware incidents remain widespread, with nearly 70% of affected organizations admitting to paying a ransom—among the highest rates globally. However, only 12% of those hit were able to fully recover their encrypted or stolen data, underlining the persistent gap between perceived cyber resilience and actual preparedness.
“Organizations are right to be confident in their progress in security posture, but they can’t afford to be complacent,” said Muhi Majzoub, Executive Vice President, Security Products, OpenText. “AI fuels productivity while also heightening risk through insufficient governance and its expanding use in attacks. Managing information securely and intelligently is essential to building resilience in organizations of any size.”
The survey indicates that Indian companies are prioritizing cloud security (68%), network protection (60%), and backup technologies (58%) as key focus areas for 2026. Yet the growing complexity of ransomware attacks—often entering through third-party vendors or managed service providers—continues to expose businesses to cascading risks.
Nearly two-thirds of respondents reported being impacted by a third-party breach in the past year. In response, 91% now conduct cybersecurity assessments of software suppliers, and 83% outsource some security functions to managed service providers.
Encouragingly, ransomware is increasingly viewed as a board-level concern, with 84% of Indian executive teams ranking it among their top three business risks, higher than the global average of 71%. Most organizations (80%) conduct regular employee awareness training, and over 76% test ransomware recovery plans multiple times a year—signaling growing executive engagement in cybersecurity governance.
The OpenText report concludes that defending against ransomware now requires stronger collaboration across organizations, vendors, and technology providers. As AI reshapes both attack and defense landscapes, India’s cyber readiness will hinge on governance, visibility, and shared responsibility across its expanding digital ecosystem.
