SecurityBrief Canada - Technology news for CISOs & cybersecurity decision-makers
Canada

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Canadian office building digital locks network servers data recovery ransomware
#
Firewalls
#
Ransomware
#
Network Security

Confidence high but few Canadians fully recover from ransomware

Fri, 24th Oct 2025
Author image
By Jed Nykolle Harme, Editor

New data from OpenText's Global Ransomware Survey indicates that while 94% of Canadian organisations are confident in their ability to recover from ransomware attacks, only 25% have actually been able to fully restore their data after an incident.

The survey, which engaged nearly 1,800 security practitioners and business leaders worldwide, including 190 Canadian respondents, revealed growing pressure between organisations' perceived preparedness and the actual challenges posed by ransomware, especially as artificial intelligence (AI) becomes a bigger factor in cyber threats.

Incidence of attacks

According to the findings, almost one in three (31%) Canadian organisations experienced a ransomware attack in the past year. Of those impacted, nearly half (48%) suffered more than one attack, and 12% reported experiencing more than five incidents. Attacks initiated through software vendors accounted for 11% of these cases.

Ransom payments were reported by 32% of affected organisations, with 21% of these paying USD $250,000 or more. However, paying the ransom did not guarantee successful data recovery; only a quarter of organisations regained all their data following an attack, and 3% were unable to recover any data.

AI-related threats

Almost four in ten (39%) respondents indicated they saw a rise in phishing or ransomware linked to AI capabilities, with 30% noting deepfake-style impersonation attempts. The report notes that AI is not only providing productivity benefits but is also raising the stakes for cybersecurity professionals by adding complexity and enabling more sophisticated attacks.

Canadian security leaders highlighted data privacy (30%) and the risk of AI-enabled ransomware or phishing (25%) as their chief concerns regarding AI. Despite these concerns, only 36% said their current employee security training was "very effective" at addressing these emerging threats.

"Organisations are right to be confident in their progress in security posture, but they can't afford to be complacent. AI fuels productivity while also heightening risk through insufficient governance and its expanding use in attacks. Managing information securely and intelligently is essential to building resilience in organizations of any size," said Muhi Majzoub, Executive Vice President, Security Products at OpenText. 

Boardroom focus

The research found that cybersecurity threats, including ransomware, are increasingly being recognised as top business risks at the executive level. Sixty percent of Canadian respondents said ransomware now ranks among the top three business concerns for their executive teams. Additionally, nearly half (48%) reported being queried by customers or partners about their preparedness for such incidents in the past year.

Organisations are increasing investments in protection, with 2026 priorities including network security (54%), cloud safety solutions (53%), and backup technologies (48%). Regular security awareness training has been implemented by 64% of Canadian firms, though 11% admit to offering no such training at all.

Supply chain and governance gaps

The report also underscores the risks posed by insecure supply chains, with attacks often originating through vendors and unmanaged digital connections. Eleven percent of Canadian organisations experienced attacks stemming from a software vendor. To mitigate these dangers, 67% assess the cybersecurity of their software suppliers, and 75% have patch management systems in place.

The survey found that while 82% of organisations allow employees to use generative AI tools, only 40% have fully implemented formal policies governing their use. Internal use of such tools continues to increase alongside the potential vulnerabilities associated with their mismanagement.

Recovery and resilience

Despite high confidence levels in ransomware readiness, almost half (44%) of Canadian organisations said they feel more concerned about ransomware this year than previously. This reflects a growing awareness that confidence alone may not correspond to actual recovery capabilities, particularly as cyber threats continue to evolve.

Canadian respondents see ongoing employee education as a fundamental part of their cyber defence strategy, but acknowledge that most programmes have room for improvement when faced with sophisticated and AI-powered threats.

The survey underscores the need for organisations to not only focus on internal security but also foster collaboration with partners, vendors, and technology providers to effectively address vulnerabilities before they can be exploited.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Fortinet reports strong Q3 revenue growth & SASE adoption surge
Apptio unveils FinOps tools to tackle soaring AI cloud costs
Seven critical ChatGPT flaws expose users to data theft risks
Inside Harvey AI’s Toronto strategy with CBO John Haddock
Check Point scores 99.59% in top firewall security report by NSS

Top stories

Avanade unveils suite of Microsoft-powered tools for midmarket firms
Forrester predicts AI errors to cost B2B firms over USD $10 billion
Ping Identity launches platform to secure & manage AI agents
Gigamon unveils quantum-safe cryptography in GigaVUE update
Barracuda unveils AI assistant to boost security team efficiency