Backup verifications and frequencies were included in ransomware playbook for 44% of organizations.

Of organizations that paid a ransom, 60% paid less than half of the initial ransom.

36% of organizations affected by ransomware opted not to pay a ransom.

7 out of 10 organizations experienced a ransomware attack in the past year.

69% of organizations believed they were prepared before being attacked by ransomware. Their confidence plummeted by over 20% afterward.

Of organizations that were attacked by ransomware, only 10% recovered more than 90% of their data.

Organizations that prioritize data resilience can recover from ransomware attacks up to seven times faster.

The FBI received 3,156 complaints about ransomware in 2024 (versus 2,825 in 2023 and 2,385 in 2022).

Of organizations that were attacked by ransomware, 57% recovered less than 50% of their data.

Less than half of organizations had key technical elements included in their ransomware playbook.

98% of respondents had a ransomware playbook.

Of organizations that paid a ransom, 82% paid less than the initial ransom.

CISOs experienced a 15% drop in their ransomware preparedness rating post-attack.

64% of victim organisations did not pay ransoms this year, compared to 50% two years ago.

Of the organizations that experienced a successful ransomware attack last year, 86% admitted they paid a ransom to recover their data.

41% of respondents at middle market organisations said their existing security measures were completely successful against ransomware attacks.

25% of surveyed executives at middle market organisations reported experiencing at least one ransomware attack or demand in the previous 12 months.

X-Force observed a decline in ransomware incidents overall for the third year.

Ransomware made up 28% of malware cases in 2024.

35% of respondents in larger middle market companies reported at least one ransomware attack or request.