A global ransomware survey released on Monday morning has some disturbing news for India—the nation’s digital space might be the most targeted and AI-exposed market globally.
While it helps that Indian organisations are stepping up their cybersecurity posture with cloud security, network protection and backup technologies emerging as top priorities for the coming year, the survey does unveil some alarming statistics—that a good chunk of Indian organisations are falling prey to cyberattacks, with the attacks themselves acquiring more expertise and finesse, thanks to AI.
While the survey base in the country is small, the international survey was conducted with nearly 2,000 security practitioners and business leaders across seven countries; the number covered from India is just 200. However, it is indicative of the grave danger India’s digital economy is facing on a regular basis.
According to the survey, making matters worse is the statistic that as many as 7 out of 10 organisations affected by such a cyberattack admitted to paying up ransom to regain access to their data. This makes it one of the highest such rates globally.
The report also calls attention to the increasing role of AI equally in both cyberattacks and the defence against such attacks.
Over 71 per cent of Indian organisations observed an increase in phishing or ransomware attempts linked to AI, while 66 per cent encountered deepfake impersonation attacks such as voice and video spoofing, this time enabled by AI.
This surge in AI-enabled threats comes as an overwhelming majority of organisations allow employees to use generative AI tools, yet just over half have a formal AI-use or data privacy policy in place, the report noted.
Of course, Indian organisations in particular have been proactive, especially when it comes to taking remedial measures against such onslaught, including securing hybrid and AI-powered environments. The prioritisation for 2026 of cloud security, network protection and backup measures is indicative of this.
“Organisations are right to be confident in their progress in security posture, but they can’t afford to be complacent,” said Muhi Majzoub, executive vice president (security products) of OpenText, a global firm engaged in information management for AI, which conducted this survey. “AI fuels productivity while also heightening risk through insufficient governance and its expanding use in attacks. Managing information securely and intelligently is essential to building resilience in organisations of any size.”
Rush to include AI, slow to add security
The Canada-based company’s survey points to a disturbing trend amidst Indian businesses in particular—quick to embrace AI for productivity and innovation, but slower to implement governance frameworks that ensure compliance, privacy, and security.
In fact, amidst Indian organisations hit by ransomware, just about 12 per cent were able to fully recover their stolen data, indicating that preparedness often falters in practice.
Ransomware incidents in India are also becoming more complex, with attacks frequently entering through third-party service providers or software supply chains.
The seriousness is indicated in the fact that most businesses now look at it not as an IT or tech issue, but a broad-level business management issue. The survey revealed that Indian companies listed it amongst the top three risks, which is way higher than the global average.
The findings of this survey reinforces that protecting against ransomware now depends not just on internal defences, but also on how effectively organisations, partners, and technology providers collaborate to close security gaps before they are exploited,” a statement released on OpenText said, adding, “As AI continues to shape the future of cybersecurity, readiness in India will increasingly be measured not only by recovery speed, but by the strength of governance, visibility, and shared responsibility across the digital ecosystem.”