Safetica Data Protection Trends Report 2025
Safetica Data Protection Trends: What insider risk looks like in 2026
4 takeaways from the Safetica Data Protection Trends report
1. Data risk is embedded in everyday workflows
2. Data loss has moved beyond documents
3. Users adapt faster than static controls
4. Most insider risk is behavioral, not exceptional
The new risk battleground is Microsoft + Google
+6.1%
Blocked activity grew QoQ on Microsoft sites (+6.1%) and Google sites (+4.4%), signaling risk is shifting into trusted productivity ecosystems.
AI risk is consolidating fast
20.1%
ChatGPT represents 20.1% of blocked AI tool activity (+9.3% QoQ). Risk is concentrating in fewer mainstream tools embedded in daily workflows.
Screenshots + text files are now frontline risk
.txt #1
.txt became the #1 blocked extension (17.5%, +5.1% QoQ) and .png is #2 (15.7%, +4.0% QoQ)—a shift toward unstructured and visual data exposure.
USB is back as a “quiet” channel
36.1%
External USB accounts for 36.1% of unusual activity triggers in Q4 (+7.7% QoQ), signaling increasing offline transfer behavior.
Most violations happen in everyday collaboration tools
20.6%
Top data policy violation channels: web apps (20.6%), email (20.5%), instant messaging (19.8%). Routine collaboration is the risk surface.
Encrypted messaging is the dominant risky channel
64.4%
Encrypted messaging is 64.4% of risky app triggers (+15% QoQ), reflecting migration
Want the full story + practical next steps?
Download the full report for benchmarks across AI tools, screenshots/text, USB, and collaboration channels—or join the webinar for the “what to do next” action plan.
Download the report
Get the full 2025 Safetica Data Protection Trends Report.