SYDNEY, AUSTRALIA – 28 May 2026: More than half of ANZ organisations surveyed say they have paid a ransomware demand following a cyberattack, outpacing global peers and highlighting a growing disconnect between confidence in recovery plans and real‑world outcomes, according to new research from Veeam® Software, the Data and AI Trust Company.

ANZ and France lead all regions surveyed, with more than half of organisations in both markets — ANZ at 52% and France at 51% — having paid a ransomware demand, well above the global average of 40% and significantly ahead of the United States (27%), the United Kingdom (37%) and Germany (36%).

The findings, based on a survey of 752 senior technology and business leaders across ANZ, conducted as part of a broader global study of more than 4,200 respondents, come as Australia’s mandatory ransomware payment reporting regime enters active enforcement under the Cyber Security Act, requiring eligible organisations to report ransomware and cyber extortion payments within 72 hours.

Despite the high incidence of payments, most respondents expressed confidence in their organisation’s resilience posture. About 61% of ANZ leaders said they would consider paying a ransom in the future, while just over four in five (81%) said they expect their organisation to have a robust data-resilience strategy capable of avoiding ransom payment. That apparent contradiction points to what Veeam describes as a growing “ransom economy” – an environment in which organisations do not plan to pay ransoms but increasingly feel compelled to do so under operational pressure.

The research suggests that decision‑making during live incidents, rather than strategy design, is driving ransom payments. Nearly half of respondents (47%) said they would not know who to contact or what steps to take if a major data incident occurred tomorrow, and 51% said they were not confident they could restore critical data within 24 hours.

“There is a dangerous gap between having a recovery plan on paper and being able to execute it under pressure,” said John Wood, head of systems engineering at Veeam. “When organisations discover critical gaps in their data recovery plans, the ransom starts to feel like the fastest way back to operations – even if it runs counter to policy or intent.”

Looking ahead, 62% of ANZ organisations expect to experience a significant cyberattack or data breach in 2026, about 15 percentage points higher than the global average. This signals heightened expectations of disruption across the region and adds pressure on organisations to demonstrate that recovery plans will hold under real-world conditions.

While many organisations have increased cyber‑resilience spending and elevated cyber risk to the board agenda, they still find themselves paying ransoms when recovery timelines slip. “The issue isn’t awareness or intent,” Wood added. “It’s whether organisations can prove, under live conditions, that they can recover quickly enough to remove ransom payments from the decision set altogether.”

The operational and human costs of ransomware incidents also extend beyond system downtime. Veeam’s research indicates that ransomware and major outages can have lasting workforce impacts, with 2 in 3 ANZ organisations reporting staff burnout or turnover following incidents, almost 10 percentage points above the global average.

The findings come as regulatory scrutiny around cyber incidents and ransom payments intensifies across ANZ, raising the stakes for boards and executives. “Ransom decisions are no longer just operational crisis responses,” Wood said. “They increasingly carry governance, disclosure and reputational consequences that extend well beyond the immediate incident.”

About the Survey

The Veeam Data Resilience Survey was conducted by Censuswide, among a sample of 4283 CISO, CFO, CIO, VP of IT, IT Director (natural fallout of exact job role) in companies with min 250 employees in the UK, USA, Germany, France Australia and New Zealand The data was collected between 03.11.2025 – 11.11.2025. Censuswide abides by and employs members of the Market Research Society and follows the MRS code of conduct and ESOMAR principles. Censuswide is also a member of the British Polling Council.

About Veeam Software

Veeam is the Data and AI Trust Company, specializing in helping organizations ensure their data and AI are fully understood, secured, and resilient to enable the acceleration of safe AI at scale. As the market leader in both data resilience and data security posture management, Veeam is built for the convergence of identity, data, security, and AI risk.

Veeam delivers deep contextual intelligence across every data asset, identity, and AI model. The company governs access for both humans and AI agents, automates privacy, compliance, and remediation processes, and protects and recovers organizations from modern threats – including ransomware, disasters, AI errors, and ensuring the restoration of clean, trusted data. Veeam empowers organizations to move beyond simply protecting data, enabling them to activate and unlock its full potential.

Headquartered in Seattle with offices in more than 30 countries, Veeam protects over 550,000 customers worldwide, including 82% of the Fortune 500, who trust Veeam to keep their businesses running.  Learn more at www.veeam.com or follow Veeam on LinkedIn @veeam-software and X @veeam.