A new study sponsored by OPSWAT, a critical infrastructure protection, revealed that organizations are facing growing risks from insider activity, legacy tools, and artificial intelligence (AI).

Independently conducted by Ponemon Institute, the report found that 61% of organizations experienced file-related breaches caused by negligent or malicious insiders in the past two years, at an average cost of $2.7 million per incident.

The research highlighted that insiders are now the single biggest risk to file security. Forty-five percent of respondents cited negligent or malicious insiders as the most serious threat, far exceeding external actors. Alarmingly, only 40% of organizations said they could detect and respond to file-based threats within a day (25%) or within a week (15%).

The study also revealed that adversaries are exploiting generative AI models, embedding prompts in macros, or exposing hidden data through AI parsers. To counter these threats, many enterprises are adopting AI for faster detection and cost savings. Currently, 33% of organizations have integrated AI into their file security strategies, while an additional 29% plan to do so by 2026.

Organizations primarily deploy prompt security tools (41%) and masking techniques (38%) to protect sensitive data. However, governance remains inconsistent, with only 25% having a formal Generative AI policy and 29% banning GenAI entirely.

The report also showed that files are most vulnerable during critical exchanges. Only 39% of respondents expressed confidence that files remain secure during third-party transfers, while 42% felt confident during uploads. High-risk environments include on-premises storage, NAS, SharePoint (42%), and web file uploads via public portals and forms (40%).

Dr. Larry Ponemon, Founder of Ponemon Institute, said, “As threats accelerate and costs rise, cyber resilience is now a strategic, fiscal imperative. Executives must invest in technologies that reduce risk while keeping pace with AI advancements.”

The study also noted a shift from legacy point solutions to unified, multi-layered platforms using multiscanning, Content Disarm & Reconstruction (CDR), and adaptive sandboxing. By 2026, two-thirds of enterprises expect to adopt these advanced technologies.

George Prichici, VP of Products at OPSWAT, added, “A multi-layered defense combining zero-trust file handling with advanced tools is now essential. Unified platforms help organizations defend modern workflows and complex file ecosystems inside and outside the perimeter.”

Key Points:

• Insider threats now pose the biggest risk to file security, surpassing external attacks.
• AI is both a tool and a threat in file protection strategies.
• Enterprises are shifting toward unified, multi-layered cybersecurity platforms to enhance cyber resilience.

Related post

View all