Insider breaches hit 61 percent of enterprises

A new study sponsored by OPSWAT, a specialist in critical infrastructure protection, reveals that organizations face escalating risks from insider activity, legacy tools, and the growing complexity of artificial intelligence (AI).

Based on research carried out by the Ponemon Institute, the report finds that in the past two years, 61 percent of organizations have suffered file-related breaches caused by negligent or malicious insiders, at an average cost of $2.7 million per incident.

54 percent of respondents say these breaches and incidents had financial consequences.
66 percent of respondents say the average cost of all incidents in the past two years was between $500,000 and more than $10,000,000.

“As threats continue to accelerate and increase in cost, cyber resilience has shifted from being a technical priority to being a strategic, fiscal imperative,” says Dr Larry Ponemon, founder of the Ponemon Institute. “Executives must take ownership by investing in technology that reduces risk and cost while enabling organizations to keep pace with an ever-evolving AI landscape.”

The most serious risk is caused by malicious and negligent insiders who leak data (45 percent of respondents). Other top risks are file access visibility and control (39 percent of respondents) and vendors providing malicious files and/or applications (33 percent of respondents). Only 40 percent of respondents say their organizations can detect and respond to file-based threats within a day (25 percent) or within a week (15 percent).

Only 39 percent of respondents are confident that files are secure when transferring files to and from third parties and only 42 percent of respondents are confident that files are secure during the file upload stage.

AI is being used to mitigate file security risks and reduce the costs to secure files. 33 percent of respondents say their organizations have made AI part of their organizations’ file security strategy and 29 percent plan to add AI in 2026. To secure sensitive corporate files in AI workloads, organizations primarily use prompt security tools (41 percent of respondents) and mask sensitive information (38 percent of respondents).

The findings also reveal a shift in defensive strategy away from legacy point solutions toward unified, multi-layered platforms that incorporate technologies such as multiscanning, Content Disarm & Reconstruction (CDR), and adaptive sandboxing.

“A multi-layered defense that combines zero-trust file handling with advanced prevention tools is no longer optional but is the standard for organizations looking to build resilient, scalable security in the AI era,” says George Prichici, VP of products at OPSWAT. “Leveraging a unified platform approach allows file security architectures to adapt to new threats and defend modern workflows and complex file ecosystems inside and outside the perimeter.”

You can get the full report from the OPSWAT site.

Image credit: photonphoto/depositphotos.com