Overview

• US organizations reported an average of eight insider-driven file incidents over two years, encompassing both negligent and malicious activity.
• Confidence is lowest when files are uploaded, transferred, or shared externally, and traditional storage such as on‑prem NAS and SharePoint ranked as the riskiest locations.
• Fewer than half of respondents said they can detect and respond to file-based threats within a day or even a week.
• Enterprises are shifting to layered, platform approaches that combine content disarm and reconstruction, multiscanning, sandboxing, DLP, and provenance checks.
• About one third already use AI for file security and another third plan to adopt it, yet only 25% have formal GenAI policies and 29% report outright bans.