"Yes it seems that 67 per cent [of businesses] are able to resolve breaches. However, I must admit that I was quite surprised by that number.
"What I think it does reflect is that we are seeing organisations put more layers of defence in and making sure that they are covering most of the basics," she said.
Walton said the other 33 per cent of businesses that were not so lucky faced serious disruption as a result of attacks.
"Ransomware is a matter of when, not if, for New Zealand businesses," she said.
"Whether your business chooses to pay a ransom or not, these types of attacks have the potential to be very costly - when you factor in loss of productivity, revenue and reputation damage, you can quickly start to see how an attack can impact your bottom line."
Walton said the Privacy Commissioner did not recommend paying ransoms, but 64 per cent of businesses would be willing to pay to regain access to their data.
She also added that working from home amplified the risk of attacks.
"As people work more and more from home and the attack surface increases, there are opportunities hackers have only scratched the surface of: home routers with out-of-date software and firmware, more sophisticated attacks on cloud services, social engineering via other people in the home - the list goes on," Walton said.
Walton said businesses needed to not only know how to defend against cyber attacks, but also know what to do afterwards.