Ransomware continues to be a major threat to businesses worldwide. Attacks are becoming more sophisticated and many organizations are being repeatedly hit with serious consequences as a result. In Barracudas new Ransomware Insights Report 2025 presents fresh insights from 2,000 IT and security leaders in the US, Europe and Asia-Pacific. The aim is to see how ransomware has impacted organizations globally over the past year – and what it says about today's security efforts.

The results clearly show that many organizations struggle with complex and sprawling security environments where key protections are missing or not working together, creating gaps that attackers quickly exploit, often with success.

Some global findings from the report:

• 31 percent of affected organizations were compromised more than once in the past year. Of these, 74 percent said they have too many security tools, and 61 percent said the tools are not integrated – which makes it difficult to see and leaves vulnerable areas.
• Protection is often inadequate where it’s needed most. Only 47 percent of ransomware victims had email security in place – compared to 59 percent of those not affected. This is particularly concerning given that 71 percent of those who suffered an email breach were also exposed to ransomware.
• One in three chooses to pay. 32 percent of ransomware victims paid to get their data back. Among organizations that have been attacked multiple times, the figure rose to 37 percent.
• Paying is no guarantee. 41 percent of those who paid failed to recover all their information. The reasons vary: the tools don't work, the key is incomplete, the data has been corrupted, or the decryption tools don't exist at all.
• Attacks often go beyond data encryption. In addition to encrypting data (24 percent), attackers steal information (27 percent), publish it (27 percent), install additional malware (29 percent) or back doors for future access (21 percent).
• The consequences are both technical and business. In addition to damaged trust (41 percent), organizations report lost business opportunities (25 percent) and pressure directed at customers, partners, shareholders (22 percent) and even employees (16 percent).

Focus shifts from protection to resilience
Attackers are taking advantage of a lack of security coordination—and they’re doing it effectively. That’s why protection alone is no longer enough. Businesses need to be able to detect breaches quickly, respond effectively, and recover without prolonged disruption.

Advertisement

The key is resilience.

This means building an integrated and multi-layered protection for the entire digital the environment, including:

• Backup and recovery that works in practice
• Strong access controls and authentication
• Regular patching
• Ongoing cybersecurity training
• Network segmentation
• Advanced email and application protection
• A current and well-rehearsed incident plan

But above all, to reduce complexity. A unified security platform provides better overview, faster response – and fewer opportunities for attackers to hide.

About the study
The study is based on responses from 2,000 IT and cybersecurity decision-makers at companies with between 50 and 2,000 employees. The survey was conducted by independent research firm Vanson Bourne in April and May 2025, and covers companies in the US, UK, France, DACH (Germany, Austria, Switzerland), Benelux, Nordics (Denmark, Finland, Norway, Sweden), Australia, India and Japan.

For more information and all results, download the report here »

A key challenge highlighted in the report is fragmented security environments. In total, 66 percent of Nordic respondents state that the companies that they are managing too many different tools and vendors, and 55 percent say their security solutions cannot integrate with each other. The report also shows that those companies that have been hit by a successful ransomware attack are more likely to experience this problem.