HÀ NỘI — The 2025 Data Security Report from Fortinet and Cybersecurity Insiders shows that many security leaders are moving beyond a purely tech-driven mindset and adopting a more programmatic approach to protecting sensitive data. 

Budget trends are positive, with organisations reporting increased funding for insider risk and data protection last year, reflecting success in making the case for investment.

However, despite adopting smarter strategies and allocating stronger budgets, data loss continues to rise. According to the study, 77 percent of organisations reported at least one insider-related incident in the past 18 months, and 58 per cent reported six or more. The question is, why?

The gap is in the tools. While most organisations rely on some form of data loss prevention (DLP), many of these legacy solutions were built for simpler, perimeter-driven environments. Most lack visibility into how employees actually interact with data — especially in Software as a Service and generative AI tools — and they miss the context that separates accidents from actual risk.

In today’s distributed, cloud-heavy enterprises, those limitations make traditional DLP tools poorly suited for the job.

The report notes that 72 per cent of organisations boosted their budgets to address insider risk and data protection last year, with more than a quarter reporting significant increases. Many also added tools and programmatic initiatives to close gaps. However, nearly half still suffered substantial financial losses, often in the millions of dollars per incident. Thus, despite these aggressive changes, the problem continues to worsen.

The issue isn’t investment. It’s reliance on tools that weren’t built for today’s risks.

Traditional DLP solutions fall short because they lack visibility, miss the context behind data at risk, operate in silos and take too long to deliver value. The result is more alerts, less clarity and a false sense of control.

Modern DLP platforms must connect individual events into risk narratives, enabling teams to identify patterns, prioritise risks and act with confidence. This marks a shift from static enforcement to behaviour-aware visibility that shows what’s happening and why it matters.

Data loss is a business risk, not just a compliance issue — it affects revenue, trust and long-term viability.

Nearly half of organisations reported direct financial losses from insider-driven incidents, with 41 per cent estimating losses of US$1–10 million for their most significant incident, and 9 per cent reporting losses above $10 million. Forty-three percent suffered reputational damage, while 39 per cent experienced operational disruption. 

In sectors like biotech and manufacturing, a single leaked dataset or design file can wipe out years of investment and erase a competitive edge.

Many organisations still run a patchwork of tools — often anchored on legacy DLP — that doesn’t fit today’s complex environments and creates unnecessary complexity and workload for security teams. VNS