Introduction

Since 2008, the Databarracks Data Health Check has tracked how organisations prepare for – and respond to – IT disruption, cyber threats and data loss.

This year, we’ve broadened the scope of the Data Health Check to provide a more comprehensive view of organisational resilience.

We’ve taken a deeper look at testing and exercising, explored the impact of AI and tracked progress in continuity planning, backup practices and crisis readiness across organisations of all sizes.

In a first for 2025, we asked organisations to identify not just their current resilience priorities but the major challenges they expect to face over the next 5 years.

We also examined attitudes toward integrated IT and business resilience, which is now the top priority for both medium-sized and large organisations.

We hope the insights in this report prove valuable in shaping your resilience strategy for the year ahead, and we look forward to sharing how the landscape continues to evolve in next year’s Data Health Check.

Responsive Image

Cyber still #1 cause of data loss and downtime

For the third year running, cyber is the leading cause of both IT downtime and data loss. It’s a clear reminder that cyber risk remains the most pressing challenge for operational resilience.

Biggest causes of IT downtime

Surge in cyber attacks

We’ve seen a surge in cyber attacks over the last 12 months, with 7 in 10 organisations affected.
Large organisations were the main target – a quarter reporting more than 10 cyber attacks in that period.

Surge in cyber attacks
How many cyber attacks
Responsive Image

Ransomware payments plummet

Only 17% of organisations hit by ransomware attacks paid the ransom. Rather than pay the ransom, most organisations recovered from backups.

In 2024, we reported that twice as many organisations recovered from backups as paid a ransom. This year, the ratio has risen to three times as many.

How did you respond to the ransomware attack?

1 in 4 have a policy to never pay ransoms
Our policy is never to pay the ransom
Responsive Image

Air-gapped and immutable backups for cyber defence

7 in 10 organisations have air-gapping in place for their backups, while 6 in 10 have immutable backups.

Do you have air-gapped backups?
Do you have immutable backups
Responsive Image

Steady growth in cyber insurance uptake

The number of organisations with cyber insurance has increased again – up 10% from last year, meaning that more organisations than ever have cyber insurance.

However, while 4 in 5 large organisations now have cyber insurance, the majority of small organisations – 58% – still don’t have it.


My organisation has cyber insurance
Responsive Image

Deeper AI concerns beneath the surface?

Does the positive sentiment around AI’s security potential mask deeper concerns? The data shows organisations are also acutely aware of the risks it brings.


Deeper AI concerns beneath the surface
Responsive Image

The cornerstone of continuity

85% of organisations now have business continuity plans, and 4 in 5 of them are up to date. It’s an encouraging upward trend – the BC plan remains the cornerstone of continuity.

9 in 10 organisations have tested elements of their recovery process in the last year
Do you have a business continuity plan?
Responsive Image

Clear route to building confidence

More than 90% of organisations see ways to significantly increase the confidence they have in their continuity.

Testing and exercising plans, updating continuity plans and integrating resilience operations were identified as the 3 main ways of doing so.

What were the causes of any data loss over the last 12 months?
Introduction

The message from this year’s survey is clear: while organisations are getting better at responding to disruption, the pressure to stay ahead has never been greater.

Testing has become the gold standard: 9 in 10 organisations now test their recovery capabilities, a considerable rise from last year. Testing and exercising plans is seen as the most effective way to boost confidence in continuity planning and improve recovery from cyber attacks.

Cyber remains the defining challenge. For the third year running, it is the leading cause of both IT downtime and data loss. Attacks are more frequent, more sophisticated and increasingly AI-enabled.

The human impact of cyber attacks is particularly acute. Increased stress, heavier workloads and productivity loss were the most reported effects. If there is a silver lining, it’s that organisations are learning from these incidents. Three-quarters conducted security reviews in direct response to cyber threats – an indication that experience is driving action and improvement.

AI-driven threats – including deepfakes – now top the list of perceived risks, emerging as the leading trigger for security reviews and the biggest resilience challenge organisations expect to face over the next 5 years. Yet, in a striking contrast, 7 in 10 organisations believe that AI is a greater benefit than threat to overall security.

Encouragingly, backup-led recoveries continue to rise, with fewer organisations paying ransoms and more turning to immutable and air-gapped backup solutions – especially in sectors like banking and finance.

Cyber insurance is also playing a growing role, with coverage reaching a record high of 73%. 2 in 3 organisations made claims last year, including 7 cases with payouts exceeding £100 million – a clear sign of the growing scale of cyber threats.

Download full report