61% of organizations hit by insider breaches; OPSWAT-backed research calls for unified, multi-layered defense strategies
Organizations are facing unprecedented risks to file security as insider activity and AI-driven complexities push costs to new highs, according to a new study sponsored by OPSWAT and conducted independently by the Ponemon Institute. The report reveals that in the past two years, 61% of enterprises suffered file-related breaches caused by negligent or malicious insiders, at an average cost of $2.7 million per incident.
The study underscores that insiders remain the biggest single threat to file security, with 45% of respondents identifying them as the most serious risk—well ahead of external actors. Alarmingly, only 40% of organizations can detect and respond to file-based threats within a week, highlighting critical gaps in resilience.
“Cyber resilience has shifted from being a technical priority to being a strategic, fiscal imperative.”
– Dr. Larry Ponemon, Founder, Ponemon Institute
The report also highlights the double-edged role of AI. Adversaries are embedding malicious prompts in macros or exploiting AI parsers to expose hidden data, while enterprises are beginning to use AI defensively. One-third (33%) of organizations already use AI in file security, with another 29% planning adoption by 2026. However, governance lags, as just 25% have a formal Generative AI policy, and nearly 30% have banned GenAI altogether.
“A multi-layered defense is no longer optional but the standard for resilient security in the AI era.”
– George Prichici, VP of Products, OPSWAT
File transfers, uploads, and third-party sharing are identified as the weakest links in security. Only 39% of respondents feel confident files remain secure during third-party transfers, and just 42% during uploads. The riskiest environments include on-premises storage, NAS, and SharePoint (42%), as well as public portals and web forms (40%).
Dr. Larry Ponemon, Founder of the Ponemon Institute, emphasized the urgency:
“Executives must take ownership by investing in technology that reduces risk and cost while enabling organizations to keep pace with an ever-evolving AI landscape.”
The findings signal a clear shift away from outdated point solutions toward unified, multi-layered platforms integrating multiscanning, Content Disarm & Reconstruction (CDR), and adaptive sandboxing. By 2026, two-thirds of enterprises expect to adopt these advanced protections.
George Prichici, VP of Products at OPSWAT, noted: “Leveraging a unified platform allows file security architectures to adapt to new threats and defend modern workflows inside and outside the perimeter.”
The study makes clear that as AI accelerates both risks and defenses, resilient file security is now a board-level priority for enterprises worldwide.
