TAMPA, Fla. – Sep. 4, 2025 – A new study sponsored by OPSWAT, a global leader in critical infrastructure protection, reveals that organizations face escalating risks from insider activity, legacy tools, and the growing complexity of artificial intelligence (AI). Independently conducted by Ponemon Institute, the report found that in the past two years, 61% of organizations have suffered file-related breaches caused by negligent or malicious insiders, at an average cost of $2.7 million per incident.
The research highlights the overall fragile state of file security. While many enterprises are turning to AI for faster detection and cost savings, adversaries are also exploiting generative AI models, e.g. embedding prompts in macros or exposing hidden data through AI parsers. Yet, despite this, fewer than half of organizations report confidence in protecting files at critical points such as uploads, transfers, and third-party sharing.

“As threats continue to accelerate and increase in cost, cyber resilience has shifted from being a technical priority to being a strategic, fiscal imperative. Executives must take ownership by investing in technology that reduces risk and cost while enabling organizations to keep pace with an ever-evolving AI landscape.”
The findings further reveal a sharp shift away from legacy point solutions toward unified, multi-layered platforms that incorporate technologies such as multiscanning, Content Disarm & Reconstruction (CDR), and adaptive sandboxing. By 2026, two-thirds of enterprises expect to be using these advanced technologies.

“A multi-layered defense that combines zero-trust file handling with advanced prevention tools is no longer optional but is the standard for organizations looking to build resilient, scalable security in the AI era. Leveraging a unified platform approach allows file security architectures to adapt to new threats and defend modern workflows and complex file ecosystems inside and outside the perimeter.”
Ponemon Institute is dedicated to independent research and education that advances responsible information and privacy management practices within business and government. The Institute’s mission is to conduct high quality, empirical studies on critical issues affecting the management and security of sensitive information about people and organizations.
Read the full The State of File Security report here.
To learn more about how OPSWAT enables resilient file security across IT and OT environments, visit OPSWAT MetaDefender™ Platform.
About OPSWAT
Since 2002, OPSWAT, a global leader in IT, OT, and ICS critical infrastructure cybersecurity, has continuously evolved an end-to-end solutions platform that gives public and private sector organizations and enterprises the critical advantage needed to protect their complex networks and ensure compliance. Empowered by a “Trust no file. Trust no device.™” philosophy, OPSWAT solves customers’ challenges around the world with solutions and patented technologies across every level of their infrastructure, securing their networks, data, and devices, and preventing known and unknown threats, zero-day attacks, and malware. Discover how OPSWAT protects the world’s critical infrastructure and helps secure our way of life; visit www.opswat.com.
Media Contact
OPSWAT
Kat Lewis
VP of Global Marketing & Communications
kat.lewis@opswat.com