In a stark wake-up call for Indian businesses, a recent report by OpenText highlights that nearly half of organisations in India experienced a ransomware incident last year, and the situation is more nuanced and troubling than the headline suggests.
According to OpenText’s 2024 Global Ransomware Survey, conducted across 1,781 senior security professionals in seven countries (including India), about 48% of all respondents reported having experienced a ransomware attack at some point. OpenText+1 Among Indian firms in particular, the incidence appears higher: more than half were hit, and about 71% reported an increase in AI-driven phishing or deepfake attempts.
Â
What’s Leading to This Increase?
- AI-enabled attack vectors
The report emphasises that the majority of Indian organisations (95%) allow employees to use generative AI tools, yet only around half have formal AI usage or dataprivacy policies in place. Threat actors are exploiting this gap: 71% of Indian organisations have observed a rise in phishing or spoofing involving AI.
- Supply chain and third-party exposure
These are not solely internal failures. The survey found that attacks entering via third-party service providers or software supply chains are increasingly common. In India, nearly two-thirds of firms reported such a vector in the past year.
- Overconfidence vs actual resilience
Interestingly, 98.6% of Indian respondents believe their organisation can recover from an attack. Yet only 12% of those attacked fully recovered their data. This gap between confidence and outcome is worrying.
Strategic shifts underway
Despite the grim numbers, there is movement in a constructive direction. Key priorities for Indian firms now include:
- Cloud security (68%), network protection (60%) and backup technologies (58%) are listed as top priorities for 2026.
Vendor assessments: 91% of Indian organisations now perform formal cybersecurity assessments of software suppliers.
- Employee training: 80% conduct regular awareness and simulation training, with more than 76% testing ransomware recovery plans multiple times a year.
Business implications & governance considerations
For the boardroom and senior management in India, the message is unmistakable: ransomware is no longer just a technical IT issue but a strategic business risk. With 84% of executive teams placing it in their top three business risks, this requires a shift in thinking.
From a governance perspective:
- Service-provider risk (third-party and supply chain) must now feed into enterprise risk registers.
- AI governance needs to catch up with adoption. It is insufficient to allow generative tools without clear policy, oversight and accountability.
- Being able to restore operations and data is now a competitive differentiator. Firms that fail to recover may suffer reputational damage, regulatory scrutiny and loss of stakeholder trust.
For business leaders in Sri Lanka and the region
While the data is India-focused, the trends are highly relevant to neighbouring markets like ours in South Asia. Business leaders here should consider:
- Conducting a threat-vector review: how many suppliers/partners have access to critical systems?
- Inspecting AI-use policies: are employees using generative tools? Who controls data fed into them?
- Stress-testing recovery: how quickly could operations be restored if data were encrypted?
- Elevating ransomware and supply-chain cyber-risk to the board agenda, not just the CIO’s.
The OpenText survey’s headline, with nearly half of Indian firms facing ransomware in 2024, is deeply concerning but also instructive. It shows that the threat horizon has shifted: from classic malware to AI-driven phishing, from internal penetration to supply-chain ingress, and from IT nuisance to boardroom risk. Yet with disciplined focus on cloud/backup architectures, third-party risk and AI governance, business leaders can transform from being reactive victims to proactive defenders. For firms in India, Sri Lanka and beyond, the message is clear: cyber-resilience is as strategic as cost-efficiency, and the time to act is now.
