The gap between confidence and outcome is the central finding of Veeam's Data Trust and Resilience Report 2026, published today. Drawing on responses from more than 900 senior IT, security and risk leaders, the report puts the share of organisations that express confidence in recovery from a cyber incident at 90%. The share of ransomware victims that fully restored their data sits at 28%. Average recovery, across the affected sample, was 72%.
Sitting underneath those headline numbers is a softer alignment problem: 69% of respondents said their recovery time objectives are fully aligned with business continuity goals, leaving roughly a third of organisations operating with RTOs that do not match what the business needs to keep running. Of organisations that experienced a cyber incident, 42% reported customer or constituent disruption, 41% logged financial or revenue impact, and 38% saw extended downtime of critical systems.
The report also tracks how AI deployment is changing the data risk picture. Forty-three percent of respondents said AI adoption is outpacing their ability to secure data and models; 42% reported limited visibility into AI tools or models in use across the organisation; 40% said security policies have not been updated to address AI-specific risks; and a quarter named shadow IT and unauthorised AI tool usage as a primary concern. Regulatory pressure is treated alongside cyberattacks as a top emerging threat: 33% cited regulation, against 36% citing attacks themselves.
Confidence in recovery from a ransomware attack is high, but the data tells a different story, and AI is only widening that gap. Even the most sophisticated organizations are discovering that confidence in recovery and proof of recovery are fundamentally different capabilities.
The report identifies four practices that correlate with stronger ransomware outcomes: visibility into both production and backup data, enforced (rather than declared) security controls, validated recovery testing, and executive alignment on what recovered means in business terms. Organisations using data loss prevention tooling were more likely to maintain visibility as AI usage scaled. Budgets matter too: 49% of respondents reported year-on-year cybersecurity budget increases, and full data recovery was 40% in that group versus 16% in organisations that held budgets flat.
A note on framing. The report is a Veeam-commissioned survey, with the obvious interest in steering customers toward data resilience tooling, and the Securiti AI acquisition referenced in Eswaran's comments is one Veeam closed earlier this year. Even allowing for that, the 28%-versus-90% gap is a meaningful finding regardless of who funded the survey, and it tracks with the direction of travel in the Sophos and Coveware ransomware datasets over the past two years: confidence is rising faster than measurable recovery capability.
The full report is available at go.veeam.com/data-trust-resilience-report.
