Delinea report finds 69% of firms hit by ransomware last year | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

A new report out today from privileged access management firm Delinea Inc. finds that more than two-thirds of organizations faced ransomware breaches last year and that recovery time stretched to two weeks.

Those were among the findings from Delinea’s 2025 State of Ransomware Report, based on input from more than 1,000 security leaders. It found that 69% of organizations suffered at least one ransomware breach in the past year, with U.S. breach rates climbing from 53% in 2023 to 71% last year.

More than a quarter of firms said that they had been targeted by ransomware multiple times over the same period.

In some good news, the report finds that fewer U.S. firms paid ransoms last year, with the figure coming in at 57%, down from 76% in 2023. The report explains that the willingness to pay reflects the urgency a given organization faces to regain access to critical systems and data.

Though some still choose to pay, the report warns that payment does not guarantee success. More than a quarter of organizations that paid a ransomware demand failed to retrieve all their data, a rate that rises to one in three among U.K. firms.

Recovery timelines were found to remain a major challenge, with only 18% of victims fully restoring operations within 24 hours. Nearly half of breached organizations were back online within one week — 42% in the U.S. and 50% in the U.K. — but three-quarters required up to two weeks to recover fully. The extended timelines highlight the operational disruptions that follow a successful ransomware attack.

Growing awareness coupled with growing ransomware attacks also resulted in a rise in companies taking out cyber insurance polices. Some 85% of all firms reported coverage in 2024, though the uptake varies by the size of the company. Some 91% of companies with $250 million to $499 million in revenue were found to hold policies, versus only 65% for companies generating less than $10 million annually. The disparity demonstrates how resource constraints shape risk-management strategies across different revenue brackets.

The report’s findings confirm that ransomware is a pervasive threat affecting organizations of every size and sector. The authors of the report encourage security leaders to adopt layered defenses such as least-privilege identity controls, multifactor authentication, robust disaster-recovery planning and offline backups to counter increasingly sophisticated extortion campaigns. Ongoing staff training and tabletop exercises can further sharpen incident response capabilities.

Additionally, enterprises are advised to integrate AI-enhanced detection and response platforms that reduce dwell time and expedite forensics.

Image: SiliconANGLE/Reve