Australia And New Zealand Lag In Ransomware Recovery Despite High Confidence, Crowdstrike Finds

Blog Single

Despite strong confidence in their preparedness, organisations in Australia and New Zealand (ANZ) are among the slowest globally to recover from ransomware incidents, according to findings from CrowdStrike’s 2025 State of Ransomware Survey.

The report highlights a striking gap between perception and reality. More than half (55%) of respondents from ANZ said they felt “very prepared” to respond to a ransomware attack. Yet, when such attacks occur, few organisations meet their recovery expectations. While 86% of ANZ participants believed they could restore operations within 24 hours, only 9% have actually managed to do so – a dismal and concerning statistic.

In contrast, recovery speeds in other regions tell a different story. The United Kingdom leads globally, with 35% of organisations recovering within a day of an attack. Germany (25%), France (23%), and the United States (17%) also outpace ANZ counterparts.

The report also underscores the scale of ransomware exposure in the region. Seventy-eight percent of Australian and New Zealand organisations reported being hit by ransomware in the past year, making ANZ the third most targeted area worldwide—behind Germany (89%) and the United States (81%).

CrowdStrike’s survey, which included responses from 1,100 senior IT and cybersecurity leaders globally—100 of them from the ANZ region—also points to the growing role of artificial intelligence in the cyber threat landscape. Nearly nine in ten respondents worldwide said AI is making social engineering attacks more convincing and difficult to detect. In ANZ, about half (49%) agreed, with one Australian executive noting how rapidly compromise can occur when defences falter.

The findings paint a picture of a region confident in its cyber readiness but struggling to match that confidence with real-world recovery performance. As ransomware groups deploy more sophisticated tools and AI-driven techniques, the gap between expectation and execution could become even more costly for organisations that underestimate the complexity of modern incident response.

Source: CrowdStrike, “2025 State of Ransomware Survey.”