Technology

Rubrik Research reveals 80% of ransomware-hit Indian organizations paid a ransom to recover their data or to stop the attack

Rubrik Zero Labs Survey says 90% of Global IT and Security Executives Report Cyberattacks in the Past Year 

Data sprawl drives spike in cyber incidents across AI, cloud, SaaS, and on-premise environments, according to Rubrik Zero Labs Report

New Delhi – New research from Rubrik Zero Labs finds that Indian organizations are facing a wave of cyberattacks. In the past one year, 80% of Indian organizations that experienced a ransomware attack paid a ransom to recover their data or to stop the ransomware attack. Significantly, 52% of Indian organizations paid a ransom due to data extortion threats while 44% of Indian organizations reported that cyber attackers successfully affected their backup and recovery options.

Accepting that cyberattacks are a constant threat, the RZL research, “The State of Data Security in 2025: A Distributed Crisis,” also notes that 65% of organizations in India store their sensitive data across 2-3 multiple environments (on-premises, Cloud, or SaaS) while 38% respondents say that one of the biggest challenges they face in securing their data is securing sensitive data across multiple environments. As many as 44% of Indian organizations reported that cyber attackers successfully affected their backup and recovery options. The consequences of these attacks were that 29% of respondents reported financial losses, 31% noted reputational damage and loss of customer confidence, and 36% experienced a forced leadership change following a cyber incident.

“The State of Data Security in 2025: A Distributed Crisis” is based on insights from over 1,600 IT and security leaders across 10 countries (half of whom were CIOs or CISOs) from the US, UK, France, Germany, Italy, Netherlands, Japan, Australia, Singapore and India. From India 125 IT respondents participated in the survey conducted by Wakefield Research.

RZL research — “The State of Data Security in 2025: A Distributed Crisis,” – states that globally, 90% of the IT and security leaders reported cyberattacks in the past year. It also reveals the hazards that hybrid environments are creating, leading to a cloud security crisis that organizations are unprepared to address.

“Many organizations that move to the cloud assume their providers will handle security,” said Joe Hladik, Head of Rubrik Zero Labs. “The persistence of ransomware attacks, coupled with the exploitation of hybrid cloud vulnerabilities, shows that threat actors are always one step ahead. Companies must take action and adopt an attacker’s mindset by identifying – and protecting – the most valuable data before it’s too late. The need for a data-centric security strategy that prioritizes visibility, control, and quick recovery has never been more urgent.”

“The latest RZL report serves as a wake-up call for Indian IT leaders, this highlights the urgent need for data resilience and security in today’s complex hybrid environments—where data is increasingly spread across on-premises infrastructure, public clouds, and SaaS platforms. This distributed model significantly expands the attack surface, making sensitive data more vulnerable to sophisticated and fast-evolving ransomware threats,” said Ashish Gupta, Managing Director, India, & Head of Engineering, Rubrik.

“Modern cyber threats are no longer limited to malware—they’re increasingly driven by social engineering and identity-based attack strategies. With identity now at the center of nearly 80% of breaches reported by organizations, this signals that attackers are shifting focus to strategies that include: compromising credentials, hands-on-keyboard intrusions, and moving laterally across hybrid environments. In this landscape, organizations need architectural solutions that not only deliver unified visibility and rapid recovery but also place identity at the core of their cyber resilience strategy,” he added.

AI, Cloud Adoption and Greater Data Complexity Create New Challenges Globally

Protecting sensitive data across multiple systems has become increasingly nuanced as the widespread adoption of AI has significantly exacerbated the challenge of data sprawl. An overwhelming 90% of IT and security leaders report managing hybrid cloud environments, and half of IT leaders say the majority of their workloads are now cloud-based.

As a result, “The State of Data Security in 2025: A Distributed Crisis” found:

  • 35% of respondents cite securing data across these varied ecosystems as their top challenge, followed by a lack of centralized management (30%), and a lack of visibility and control over cloud-based data (29%).
  • 36% of sensitive files are classified as high risk and are largely composed of Personally Identifiable Information (PII), such as Social Security numbers and phone numbers; followed by digital data and business data, such as intellectual property and source code. (Rubrik telemetry data)

Ransomware and Identity Threats Evolve in Tandem

Ransomware remains a persistent and evolving threat:

  • Of the organizations that experienced a successful ransomware attack last year, 86% admitted they paid a ransom to recover their data.
  • Nearly three-quarters (74%) said threat actors were able to partially compromise backup and recovery systems, while 35% said their systems were completely compromised.

 Identity threats are intensifying, fueled by the complexity of today’s hybrid environments:

  • With 92% of organizations using between two and five cloud and SaaS platforms, attackers are exploiting weak points in identity and access management to move laterally and escalate ransomware attacks.
  • Insider threats – often driven by compromised credentials – were cited by 28% of IT leaders, underscoring the growing difficulty of maintaining strong access controls across distributed systems.
  • Rubrik telemetry reveals that 27% of high-risk sensitive files contain digital data such as API keys, usernames, and account numbers – exactly the kind of information threat actors seek to hijack identities and infiltrate critical systems.

To read the full report, visit https://zerolabs.rubrik.com/. For more information, register for the webinar, Notions Behind the Numbers: Viewpoints on Rubrik Zero Labs Latest Report, taking place May 14, 2025 at 9 a.m. PT.

Methodology

“The State of Data Security in 2025: A Distributed Crisis” is based on insights from over 1,600 IT and security leaders across 10 countries (half of whom were CIOs or CISOs), conducted in partnership with Wakefield. The findings are amplified by Rubrik telemetry data, including an analysis of 5.8 billion total files across cloud and SaaS environments, with over 175 million sensitive files classified across customer environments. Data covers the period from January 1, 2024, through December 31, 2024.

About Rubrik

Rubrik (NYSE: RBRK) is on a mission to secure the world’s data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.

For more information, please visit www.rubrik.com

Show More

Related Articles

Meta Reportedly Eyeing ‘Super Sensing’ Tech for Smart Glasses

18 minutes ago

Porter closes Series F funding round led by Kedaara Capital, Wellington Management

8 hours ago

Samsung confirms major camera spec for Galaxy S25 Edge before launch – and a free preorder deal

12 hours ago

Create React App with Multiple Entry Points

16 hours ago
Back to top button