#insider-threats

#insider-threats

OPSWAT has released the State of File Security Report 2025, a study conducted by the Ponemon Institute to assess the file security landscape. The report discovered that 61% of organizations faced insider file breaches in the last two years, with each incident costing an average of $2.7 million. Furthermore, in the past two years, 40% of organizations experienced a cybersecurity incident costing over $1 million.

Nearly two-thirds of European cybersecurity professionals see insider threats as their biggest security risk - and AI is making things worse. A from Exabeam shows 64% now view insiders, whether malicious or compromised, as a bigger risk than external threat actors. Notably, a key factor behind this shift in focus is the use of generative AI among cyber criminals, the study found, which is making attacks faster, stealthier, and more difficult to detect. "Insiders aren't just people anymore," said Steve Wilson, chief AI and product officer at Exabeam. "They're AI agents logging in with valid credentials, spoofing trusted voices, and making moves at machine speed."

All individuals with access to or knowledge of an organization's computers, networks, facilities, information, or personnel are potential insider threats, including vendors and contractors. The ability to intentionally use or accidentally misuse any of this information can breach confidentiality, reveal trade secrets, cause a data security incident, or harm an organization's personnel, ultimately impacting its reputation and ability to do business.

Insider threats often stem from inadequate offboarding processes, with nearly 90% of former employees retaining access to sensitive systems post-departure, highlighting security vulnerabilities.

Being able to imitate anyone's voice with only a few seconds of audio or create a nefarious video of someone with only a few pictures found online - that's the scary part.