70% of organisations are still under cyber-attack despite improved defences
With cyber threats becoming more sophisticated and frequent, the report underlines the need for organisations to prioritize their defences, mitigate risks and recover effectively. To help address these persistent cyber threats, the report shares several actionable steps organisations can take to bolster defence, mitigate risk and recover more quickly, as well as the best practices of companies able to successfully recover. Veeam surveyed 1,300 organisations to gauge how Chief Information Security Officers (CISOs), security professionals, and IT leaders are recovering from cyber threats.
Ransomware attacks are becoming more refined and pervasive, posing significant challenges to organisations globally. The Veeam report reveals that while the percentage of companies impacted by ransomware attacks has slightly declined from 75% to 69%, the threat remains substantial. This decrease is attributed to improved preparation and resilience practices, as well as increased collaboration between IT and security teams. However, as ransomware attacks from both established groups and 'lone wolf' actors proliferate, organisations must adopt proactive cyber resilience strategies to mitigate risks and recover more swiftly and effectively from incidents.
'Organisations are improving their defences against cyber-attacks, yet 7 out of 10 still experienced an attack in the past year. And of those attacked, only 10% recovered more than 90% of their data, while 57% recovered less than 50%. Our latest findings clearly indicate that the threat of ransomware will continue to challenge organisations throughout 2025 and beyond', said Anand Eswaran, CEO of Veeam. 'As the nature and timing of attacks evolve, it is essential for every organisation to transition from reactive security measures to proactive data resilience strategies. By adopting a proactive security approach, investing in strong recovery solutions, and fostering collaboration across departments, organisations can significantly reduce the impact of ransomware attacks'.
Key Findings and Trends to Watch in 2025:
Law Enforcement is Forcing Threat Actors to Adapt: In 2024, coordinated efforts by law enforcement agencies led to significant disruptions in major ransomware groups, such as LockBit and BlackCat. However, the rise of smaller groups and independent attackers has increased, necessitating ongoing vigilance.
In 2024, coordinated efforts by law enforcement agencies led to significant disruptions in major ransomware groups, such as LockBit and BlackCat. However, the rise of smaller groups and independent attackers has increased, necessitating ongoing vigilance. Data Exfiltration Attacks Grow : The report notes a troubling trend toward exfiltration-only attacks – when cybercriminals break into an organisation's network but do not encrypt or lock the data Instead, they focus on stealing sensitive information—like personal data, financial records, or intellectual property—and transferring it outside the organisation. Organisations with weak cybersecurity measures are particularly vulnerable, as threat actors rapidly exploit vulnerabilities, often within hours.
: The report notes a troubling trend toward exfiltration-only attacks – when cybercriminals break into an organisation's network but do not encrypt or lock the data Instead, they focus on stealing sensitive information—like personal data, financial records, or intellectual property—and transferring it outside the organisation. Organisations with weak cybersecurity measures are particularly vulnerable, as threat actors rapidly exploit vulnerabilities, often within hours. Ransomware Payments Are Decreasing : The total value of ransomware payments fell in 2024, with 36% of affected organisations opting not to pay a ransom. Of those that did pay, 82% paid less than the initial ransom and 60% paid less than half that sum, emphasising the importance of robust recovery strategies.
: The total value of ransomware payments fell in 2024, with 36% of affected organisations opting not to pay a ransom. Of those that did pay, 82% paid less than the initial ransom and 60% paid less than half that sum, emphasising the importance of robust recovery strategies. Legal Consequences of Ransom Payments are Emerging: New regulations and legal frameworks are discouraging ransom payments, with initiatives like the International Counter Ransomware Initiative urging organisations to strengthen their defences rather than capitulate to attackers.
New regulations and legal frameworks are discouraging ransom payments, with initiatives like the International Counter Ransomware Initiative urging organisations to strengthen their defences rather than capitulate to attackers. Collaboration Reinforces Resilience Against Ransomware : Enhanced communication between IT operations and security teams, along with partnerships with law enforcement and industry players, has proven vital in fortifying defences against ransomware.
: Enhanced communication between IT operations and security teams, along with partnerships with law enforcement and industry players, has proven vital in fortifying defences against ransomware. Budgets Rise for Security and Recovery, but More Is Needed: While organisations are allocating more resources to security and recovery efforts, there remains a significant gap in investment relative to the growing threat landscape.
Organisations that prioritise data resilience can recover from attacks up to seven times faster and experience significantly lower data loss rates. These successful organisations share several common attributes, including robust backup and recovery strategies, proactive security measures, and effective incident response plans. The report emphasizes the importance of shifting from reactive security to proactive cyber resilience strategies to meet the challenges of ransomware. Findings from the report also encouraged organisations to adopt the 3-2-1-1-0 data resilience rule, ensuring that backups are immutable and free from malware before restoration.
Pre-attack confidence among ransomware victims often doesn't reflect reality, as 69% believed they were prepared before being attacked, while their confidence plummeted by over 20% afterward, revealing significant gaps in planning. While 98% of respondents had a ransomware playbook, less than half of organisations had key technical elements included, such as backup verifications and frequencies (44%) and a pre-defined 'chain of command' (30%). Notably, CIOs experienced a 30% decline in their preparedness rating post-attack, compared to a 15% drop for CISOs, suggesting that CISOs have a clearer grasp of their organisation's security posture. These findings underscore the importance of fostering organisational alignment in cyber resilience and preparation, emphasising the need for regular training and exercises across all teams to ensure a coordinated response during and after an attack.
The full Veeam 2025 Ransomware Trends and Proactive Strategies Report is available now for download at https://go.veeam.com/ransomware-trends. For more information on Veeam, visit https://www.veeam.com.
Image Credit: Veeam
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
TECHx
5 hours ago
- TECHx
NetApp Reports Global Race for AI Leadership Intensifies
Home » Emerging technologies » Artificial Intelligence » NetApp Reports Global Race for AI Leadership Intensifies NetApp®, the intelligent data infrastructure company, has released a new report titled The AI Space Race . The report examines which countries are leading the competition to become global AI innovation leaders. The findings are based on a survey of CEOs and IT executives from the U.S., China, the U.K., and India. NetApp revealed that while some countries are ahead, every region has the potential to succeed in the race for AI dominance. According to the report, AI is now essential for business success. The region that leads in AI will gain advantages in economic growth, quality of life, and political influence. NetApp emphasized that organizations must make their data accessible, secure, and scalable to generate valuable AI outcomes. Gabie Boko, CMO at NetApp, compared the AI race to the 1960s space race. She stated that intelligent, scalable, and secure data infrastructure will be key to gaining an edge. Companies that get their data ready for AI will unlock business insights and operational efficiencies. The report highlighted that: 81% of global respondents are piloting or scaling AI projects. 88% say their organizations are mostly or completely ready for AI transformation. Respondents from India (29%) and the UK (32%) reported feeling increased pressure to compete. China and the U.S. are seen as current frontrunners. However, NetApp noted that all countries are investing heavily, and the field remains wide open. Regional strategies also differ. In China, 35% of leaders focus on scalability, 11% higher than the global average. Meanwhile, the U.S., U.K., and India prioritize integration with existing systems, aiming for long-term value. NetApp also reported misalignment in China between CEOs and IT leaders. While 92% of Chinese CEOs claimed active AI projects, only 74% of IT leaders agreed. In contrast, the U.S. showed stronger internal alignment, with 61% of both groups rating their organizations as AI-ready. Despite optimism, challenges remain. Globally, 79% expressed concerns about poor data strategies leading to broken models and biased AI insights. Russell Fishman, Senior Director of Product Management at NetApp, stated that strong data infrastructure and cloud solutions are vital for AI success. He said organizations that invest in intelligent data infrastructure will extract the most value from AI. NetApp emphasized that an AI-ready infrastructure must be secure, agile, and scalable. It should enable seamless cloud transitions, cost control, and adaptability. As AI shifts from content generation to action, NetApp reported that data-level security is essential. Only intelligent infrastructure can ensure trust and control while moving fast in the global AI race.
Tahawul Tech
8 hours ago
- Tahawul Tech
QBS Software makes strategic deal to acquire EMT Dubai
QBS Software, the enterprise software value-added distributor (VAD) founded in 2017, recently announced that it has entered into a definitive agreement to acquire EMT Dubai, a fast-growing cyber-security and infrastructure specialist headquartered in Dubai. Dave Stevinson, CEO, QBS Software, commented: 'With emt Dubai joining the QBS Software group we instantly gain a best-in-class team, an established logistics platform inside the UAE, and a portfolio that mirrors the needs of Gulf partners. This acquisition is another bold step in our strategy to build the leading software-focused VAD across EMEA and to cross the US $1 billion mark well before the end of the 2028'. emt Dubai brings a proven local channel network, strong government and enterprise credentials, and specialist skills in next-generation security and infrastructure deployment, The company will remain branded a as emt for 12 months before transitioning to QBS branding, forming the nucleus of a new QBS Middle East business unit headquartered in Saudi Arabia and QBS META HQ in Dubai. Customers and vendors should experience no disruption to day-to-day operations. The enlarged organisation will offer the region's resellers immediate access to an extended catalogue that now includes strategic vendors such as Fortinet, Check Point, Trend Micro, Progress Software, TeamViewer, Imperva, Qualys, Acronis and many more. By integrating these alliances with EMEA Dubai's regional relationships, QBS can deliver broader-based solutions that cover: Cybersecurity Transformation Infrastructure Solutions & Management Generative AI in Cybersecurity Governance, Risk & Compliance (GRC) Managed Security & IT Services IT Asset Management & Cost Optimisation This announcement follows QBS's recent acquisitions of Prianto Group in Germany and Elmer Yazılım in Türkiye, both of which have expanded the company's presence across EMEA and META. Beside that Since mid-2023 the Group has completed five targeted take-overs to assemble a best-of-breed vendor line-up and local execution capability: Year Company (HQ) Key Vendor Relationships Strategic Fit 2025 Prianto Turkey (Istanbul) OpenText, Quest, SUSE Enterprise software depth, cloud migration 2025 Elmer (Ankara) Check Point, OpenText, Trend Micro, TeamViewer Turkish & wider METAA reach, 1 000+ resellers 2024 Titus Corp (Johannesburg) Jetbrains, TeamViewer, Minitab Pan-SADC coverage, SaaS breadth 2024 Maxtec (Johannesburg) Fortinet, Thales, Qualys Cyber-security VAD, SOC expertise 2023 InfoNet (Istanbul) Check Point, Trend Micro, Forcepoint Next-gen security, Turkish government credentials Mo Mobasseri , Co-Founder & CEO emt META Dubai, added: 'Joining forces with QBS unlocks scale, capital and an enviable vendor line-up. Our partners in the Middle east and Africa will benefit from richer solution stacks, deeper technical resources and the operational excellence QBS is known for'. Image Credit: QBS Software & emt Dubai
Zawya
9 hours ago
- Zawya
Vehere appoints Gulf Software Distribution to accelerate market growth across the region
The collaboration further positions Vehere to deliver advanced cybersecurity and intelligence solutions to government and enterprise clients in the region Dubai, United Arab Emirates: Vehere, a new-age cyber defense software company, has engaged Gulf Software Distribution (GSD), a value-added distributor of software products, to strengthen its presence across the region. As part of the partnership, GSD will distribute Vehere's Network Detection & Response (NDR) products in the UAE, Qatar, Saudi Arabia, Bahrain, Oman, Kuwait, and Levant. Vehere's AI-powered NDR platform will provide regional organizations with an advanced second line of defense, empowering security teams to detect and stop attacks at their earliest stage, before they escalate into breaches. By leveraging lossless packet capture, deep packet inspection, and real-time behavioral analytics across both encrypted and unencrypted traffic, the platform delivers enhanced visibility and scalability across the network. Its modular architecture enables organizations to deploy rapid threat hunting, comprehensive forensic analysis, and one-click investigation workflows. Additionally, through intelligent integration with SIEM, EDR, XDR, SOAR, and TIP systems, Vehere's NDR accelerates mean-time-to-detection and response, automates containment of ransomware, APTs, lateral movement, and insider threats, and enriches alerts with contextual intelligence for streamlined SOC operations. With over a decade of experience in leveraging AI cyber network intelligence to support counter-terrorism efforts of nations, Vehere protects critical infrastructure for Fortune 500 companies, telecom providers, financial institutions, and smart cities worldwide. The company is actively expanding its footprint as part of its broader growth strategy in the Middle East. The collaboration with GSD marks a significant milestone in Vehere's efforts to achieve a lasting impact in the industry. The move will make the company even better positioned to deliver advanced cybersecurity and intelligence solutions to government and enterprise clients in the region, enabling it to attract more resellers and integrators while supporting demand generation. Avinash Garg, Vice President of Sales (MEA) at Vehere, said, 'This partnership represents a strategic leap in expanding our presence across the region. It enables local enterprises and government organizations to strengthen their cybersecurity posture with access to our battle-tested NDR technology -- originally developed to meet the rigorous demands of top-tier defense and intelligence agencies.' Veerendra Kolla, Head of Channel Sales at GSD, said, 'Cyber threats are growing in intensity and sophistication, and middle east organizations are increasingly prioritizing greater visibility and proactive protection across their networks. We found Vehere's technology to be exceptionally well-suited to meet these demands. Its powerful threat detection capabilities and deep network insights truly impressed us -- making this partnership a strategic step in delivering cutting-edge cybersecurity to the region." The partnership comes at a time when the value of the global NDR market is projected to reach a compound annual growth rate (CAGR) of 14.1% between 2024 and 2028, according to the Worldwide Network Detection and Response Forecast by International Data Corporation (IDC). The EMEA region alone is expected to see a 12.6% growth, highlighting strong regional demand. The collaboration with Vehere will unlock new opportunities for GSD's channel ecosystem to tap into the thriving NDR market. About Gulf Software Distribution Gulf Software Distribution (GSD) is a value-added distributor of software products that helps its channel partners in the UAE, Qatar, Kuwait, Oman, and Bahrain expand market reach and drive sustainable business growth. Headquartered in Dubai, the company was set up by Gulf Business Machines (GBM), one of the largest providers of end-to-end digital transformation solutions. Currently, GSD is the largest IBM distributor in the Gulf region. Working across a broad range of market sectors, the company is ideally equipped to assist its partners with industry-specific opportunities. About Vehere Vehere is a new-age Cyber Defense software company specializing in AI Cyber Network Intelligence. With over a decade of experience supporting counter-terrorism efforts, Vehere Network Detection and Response solutions now protect critical infrastructure for Fortune 500 companies, telecom providers, financial institutions, and smart cities worldwide.
