File security risks increasing due to insider threats, malware, and AI

Breaches related to file access are increasingly common, leading to significant financial repercussions for many organisations. Over the past two years, numerous companies have experienced multiple file-related incidents, resulting in losses that can reach millions. The consequences of these breaches often include the theft of customer data, diminished productivity, and the exposure of intellectual property. A recent study by Ponemon Institute highlights that data leakage from insiders poses a substantial threat, driven by both negligence and malicious intent. This risk is exacerbated when access controls are inadequate or when file activity remains obscured. Additional concerns include the presence of malicious files from vendors and insufficient oversight of file-sharing practices.

Organisations express weak confidence in the security of file transfers and uploads, with fewer than half reporting strong assurance that files remain secure during these processes. In fact, downloading files from unknown sources garnered higher confidence scores than uploads and transfers, illustrating the challenges in managing these activities. Storage systems, particularly traditional repositories like on-premises systems, NAS, and SharePoint, are identified as major risk points. Furthermore, evolving malware threats, such as macro-based and zero-day malware, continue to pose significant challenges for detection. Many organisations struggle to respond effectively to file-based threats, with only about 40 per cent able to act within a day or a week. To combat these issues, organisations are increasingly adopting defensive tools, including Data Loss Prevention strategies and AI technologies, to enhance file security and mitigate risks.