Indian firms report more AI-linked cyber security threats, finds study

OpenText has released findings from its fourth annual "Global Ransomware Survey", revealing that more than half of Indian enterprises experienced ransomware attacks in the past year. Over seven in ten (71%) respondents also reported an increase in AI-driven phishing or deepfake attempts, positioning India among the most frequently targeted and AI-exposed markets worldwide.

The survey indicates that Indian organisations are strengthening their cybersecurity posture, with cloud security (68%), network protection (60%), and backup technologies (58%) identified as top investment priorities for 2026. These trends suggest a proactive approach to safeguarding hybrid and AI-enabled environments.

The research, conducted with nearly 1,800 security practitioners and business leaders across seven countries, including more than 200 from India, found that ransomware incidents remain widespread. In India, almost 70% of affected organisations admitted to paying a ransom to regain access to their data, one of the highest rates globally. Despite this, 98.6% of Indian respondents expressed confidence in their organisation’s ability to recover, highlighting a growing disparity between perceived resilience and actual risk exposure.

The report also outlines the expanding role of artificial intelligence in both cyberattacks and defence. Over 71% of Indian organisations observed an increase in AI-linked phishing or ransomware attempts, while 66% encountered deepfake-style impersonation attacks, such as voice or video spoofing. This surge in AI-enabled threats coincides with the widespread adoption of generative AI tools—permitted by 95% of organisations—although just over half have formal AI-use or data privacy policies in place.

Muhi Majzoub, Executive Vice President of Security Products at OpenText, noted that while organisations are right to be confident in their improved security posture, complacency remains a risk. He emphasised that AI enhances productivity but also introduces greater exposure through inadequate governance and its use in increasingly sophisticated attacks.

Evolving Technologies, Emerging Threats

The findings highlight an emerging “AI confidence gap”, with enterprises rapidly adopting AI to drive efficiency and innovation but slower to establish governance frameworks ensuring compliance, privacy, and security. Among Indian organisations hit by ransomware, only around 12% fully recovered encrypted or stolen data, suggesting that preparedness often falls short in practice.

Ransomware incidents in India are also becoming more complex, frequently entering through third-party service providers or software supply chains. Nearly two-thirds of surveyed organisations reported being affected by a vendor or managed-service partner breach in the past year. In response, 91% now conduct formal cybersecurity assessments of software suppliers, and 83% outsource elements of their security operations to managed service providers. However, growing dependence on third-party ecosystems continues to create cascading risks, particularly in technology, financial services, and manufacturing sectors.

Encouragingly, ransomware is increasingly recognised as a board-level business issue rather than a purely IT concern. Eighty-four per cent of Indian executive teams rank ransomware among their top three business risks, significantly higher than the global average of 71%. In addition, 80% of organisations conduct regular security awareness training and simulations, and more than 76% test their ransomware recovery plans multiple times a year, reflecting a stronger culture of cyber readiness.

Overall, the survey reinforces that protection against ransomware depends not only on internal defences but also on the ability of organisations, partners, and technology providers to collaborate in addressing vulnerabilities before they are exploited. As AI continues to shape the cybersecurity landscape, readiness in India will increasingly be measured not just by recovery speed, but by the strength of governance, visibility, and shared responsibility across the digital ecosystem.