For decades, business continuity planning emphasized preparation for anomalous physical events such as hurricanes, floods, tornadoes, or regional power outages. IT teams developed playbooks, ran annual tests and maintained plans in the expectation that these events would be rare. That framing shaped disaster recovery practices and the way organizations approached continuity across operations.
In recent years the risk picture has shifted. Cyber incidents, particularly ransomware, have become a persistent threat and are described in the article as now more common and often more damaging than physical disasters. The piece cites a survey of more than 500 CISOs in which almost three-quarters (72%) said their organization had dealt with ransomware in the previous year. It also notes that earlier in 2025, ransomware attack rates on enterprises reached record highs, signaling a change in the frequency and impact of continuity events organizations must plan for.
Voices from the field underscore that shift. Mark Vaughn, senior director of the virtualization practice at Presidio, observed differing responses when asking conference audiences about disaster recovery versus ransomware. For disaster recovery, he said, a few hands go up, while when asked about ransomware a little over a year ago, easily two-thirds of the hands went up. The article concludes with a disclosure that the content was produced by Insights, the custom content arm of MIT Technology Review, and that it was researched and written by human contributors. It also states that Artificial Intelligence tools that may have been used were limited to secondary production processes that passed thorough human review.
