03 March 2026

Irvin Shillingford, Regional Manager Northern Europe, Hornetsecurity

The report reveals that nearly a quarter (24%) of businesses fell victim to ransomware attacks last year, a sharp increase from 18.6% in 2024. As businesses navigate this cyber landscape, the findings highlight the need for continuous employee education, investment in advanced security measures, and the integration of AI to combat sophisticated cyber threats. The rise demonstrates why it’s essential for business leaders to fully understand how they can avoid falling victim to a ransomware attack.

The risk has never been higher

The resurgence in ransomware incidents is a warning for organisations across all sectors. The increasing number of businesses being targeted underscores how cybercriminals are becoming more advanced, organised and persistent. Last year alone, NatWest bank described the “continuous arms race” as its systems are targeted by around 100 million cyberattacks every month. This threat landscape is characterised by global groups who are targeting specific vulnerabilities of technology and human behaviour and acting systematically to exploit them.

While the rise in ransomware attacks is a warning cry to businesses, it seems they are not taking sufficient proactive steps. Only 46% of businesses are insured against ransomware attacks last year, compared to 54.6% in 2024. This decline is linked to more stringent requirements on the part of insurers and yet it comes at a time when the financial stakes are escalating dramatically.

Global ransomware payments reached a significant estimate of $1.1 billion in 2025, a figure amplified by the use of AI-driven attack methods. Advanced spoofing techniques now use legitimate brand email addresses in ways that can elude detection, and AI can mimic the language of colleagues to make the communications seem even more legitimate.

Analysts recently named the Jaguar Land Rover hack the costliest cyber-attack in UK history, with the impact of their manufacturing shutdown having a domino effect throughout their supply chain and the economy. Robust insurance, coupled with a strong security strategy and proactive tactics, is essential not only for businesses to protect themselves but also to keep afloat.

Your employees are assets with potential waiting to be unlocked

As cyberattacks become more frequent and complex, traditional forms of defence are no longer sufficient. It is crucial for organisations to protect their people and their data with multi-layered, robust, AI-powered solutions. As part of this, immutable backup storage is a must as part of any sound Disaster Recovery Plan.

Tech is a critical defence, but people are too. One wrong click can bring a business to a halt, making the human firewall of employees trained to recognise and respond to cyber threats just as vital as any technology.

Security awareness training continues to be a key pillar of ransomware defence. Almost three-quarters of organisations now provide some form of end-user training to counter threats, recognising that cybersecurity is not the sole responsibility of the IT department, but a shared obligation across all levels of an organisation. Employees of every skill set and seniority must undergo comprehensive, ongoing education to remain alert to evolving tactics.

Building this human firewall requires sustained commitment. Training programmes must be ongoing, relevant, and tailored to each individual to keep pace with the changing threat environment. This approach transforms employees from potential weak points into proactive defenders who strengthen an organisation’s overall resilience.

AI and advanced training are essential

Organisations must adopt next-gen solutions that combine the strengths of AI and adaptive learning technology to create a strong security culture.

Although 74% of organisations report offering end-user training against ransomware, 42% of security leaders admit that their training is insufficient. AI can address this gap by enabling personalised learning experiences that are both scalable and effective. Through simulation-based exercises such as regular spear phishing tests, employees gain hands-on experience in recognising and responding to realistic attack scenarios. Such training helps to prevent “false compliance” - a superficial level of cybersecurity awareness with low-quality, check-the-box training which lacks adequate follow-up and contributes to ongoing human error.

AI-powered training platforms offer a transformative approach to cybersecurity education. These systems ensure that employees receive the most relevant and timely training possible by automating the delivery of content and tailoring it to each individual’s behaviour and role.

Businesses need to protect themselves

There can be no room for complacency. Businesses should have strong cybersecurity tech provisions to address ransomware across the board by having the right security infrastructure, appropriate insurance, building a strong human firewall to mitigate the risk of costly breaches, and leveraging AI-driven solutions that personalise training.

Integrating AI with a culture of cybersecurity awareness will enable businesses to transform their workforce into a security asset against the growing wave of ransomware attacks.