16% of executives at financial services firms acknowledge that a lack of experienced IT or security staff is a significant weakness that could slow recovery.

In 2019, organizations took an average of 76 days to restore operations after a ransomware attack.

Businesses typically required around two full months to restore operations following a ransomware attack.

In 2021, organizations took an average of 77 days to restore operations after a ransomware attack.

In 2022, organizations took an average of 43 days to restore operations after a ransomware attack.

In 2023, organizations took an average of 32 days to restore operations after a ransomware attack.

In 2020, organizations took an average of 54 days to restore operations after a ransomware attack.

UK organisations are 11% less likely to have tested their recovery plans within the last month compared to other countries.

Only 18% took more than a month to recover from a ransomware attack, down from 34% in 2024

Over half (53%) of organisations fully recovered from a ransomware attack in a week, up from 35% last year.

70% of organizations use AI for response and recovery.

Nearly three-quarters (74%) of respondents said threat actors were able to partially compromise backup and recovery systems.

35% of respondents said their backup and recovery systems were completely compromised.

49% of affected organizations took up to five business days to recover from a ransomware attack.

Most affected organizations could not recover all of their data after a ransomware attack.

Of the financial institutions who experienced a vendor-related cyber incident, 66% had recovery times under 60 days .

Of the financial institutions who experienced a vendor-related cyber incident, 8% had recovery times more than 90 days .