Privileged access management (PAM) vendor Delinea has surveyed 1000 IT and security executives, finding that nearly seven in ten hail from organisations breached by ransomware in the last year.
“Ransomware attacks have continued to surge over the past year, despite fewer victims paying,” the vendor said in a press announcement.
In addition, almost one in three got attacked more than once. That’s according to Delinea’s 2025 State of Ransomware Report, which you can download here.
Partly because “critical security gaps” persist, criminals are increasingly succeeding with attacks based on AI, ransomware as a service, and credential theft. AI in particular can help cybercriminals “automate, scale and sharpen” their operations.
“While only 57% of (surveyed) organisations paid ransoms, down from 76% in 2024, the frequency and impact of attacks continued to grow,” Delinea said.
“Threat actors turned to other tactics like extortion; 85% of ransomware victims were threatened with exposure.”
Organisations should look to their defences, the vendor noted.
Accordingly, Delinea’s platform is all about securing human and machine identities through centralised authorisation and privileged access controls. Also, its solutions are based on zero-trust and least-privilege approaches, the vendor said.
Proactive privileged access and identity security
In order to protect themselves, organisations must “fight AI with AI”, according to Delinea. AI can work well within security operations centres (SOCs), where teams can use AI to analyse indicators of compromise and to prevent phishing.
Also, organisations should embrace proactive identity security with zero trust architecture, PAM, and continuous credential monitoring, the vendor said.
Meanwhile, threat actors use AI to automate phishing, impersonate trusted individuals via deepfakes, and accelerate attacks.
In fact, 90% of the executives surveyed said they worried about ransomware. In addition, failing to act was expensive – 75% of those admitting an attack took up to two weeks to recover.
However, only 34% enforced least privilege access controls and just 57% used application control measures, Delinea said.
“In a ransomware context, least privilege helps to reduce the attack surface and blast radius.”
( Image by Mohamed Hassan from Pixabay )
