The landscape of cybersecurity is increasingly challenged by the flawed assumption that once a system is connected, security issues are resolved. This belief—a fundamental premise underlying many security programs—has been revealed as inadequate, contributing to stagnation in Zero Trust initiatives. Recent research from Everfox, drawn from a survey of 500 security leaders across government, defense, and critical infrastructure sectors in the U.S. and UK, highlights a pressing concern: 84% of government IT security executives acknowledge that sharing sensitive data across networks elevates cyber risk. Alarmingly, more than half—53%—still depend on manual processes for data transfer, even in the rapidly evolving landscape of 2026, where AI accelerates operational activities on both sides of the security equation.
This gap in Zero Trust—concerning the movement of data itself rather than identity or endpoint security—is especially worrisome. The findings from the Cyber360 report indicate a significant increase in cyber threats, with an average of 137 attempted or successful cyberattacks weekly against national security organizations in 2025, up from 127 in the previous year. With U.S. agencies witnessing a 25% rise in these incidents, the data is corroborated by Verizon’s Data Breach Investigations Report, which notes a doubling of third-party involvement in breaches, now accounting for 30% of all incidents. Furthermore, IBM’s Cost of a Data Breach Report places the average financial damage at $5.05 million across environments, which is approximately $1 million more than breaches affecting only on-premise systems.
The demarcation between IT and operational technology (OT) environments is where vulnerabilities are increasingly prevalent, as attackers exploit these boundaries. When data crosses crucial thresholds—be it from an OT network to an enterprise security operations center (SOC), or across classified and unclassified domains—the challenge shifts from routing to establishing trust. Data must undergo validation, filtering, and adherence to policy before it can trigger actions downstream, a process where modern architectures often falter.
The Cyber360 survey elucidates the core areas of vulnerability among security professionals. Notably, 78% of respondents identified outdated infrastructure as a primary source of cyber risk, particularly stressing the weaknesses associated with analog systems and manual processes. Furthermore, 49% pointed to ensuring data integrity and preventing tampering during transit as the most significant challenge faced when transferring information across classified networks, while 45% highlighted difficulties in managing identity and authentication across multiple domains. The persistence of manual processes and the complexity of maintaining integrity in data movement underscores a critical attack surface that adversaries have been exploiting consistently for years.
Data from other reports further corroborates this alarming trend. According to Dragos’ OT Cybersecurity Report for 2025, 75% of OT attacks emanate from IT breaches, with around 70% of OT systems anticipated to connect with IT networks within the next year. As the traditional IT/OT separation erodes, incidents such as the MOVEit breach—which compromised over 2,700 organizations and revealed personal data of approximately 93 million individuals—demonstrate the significant repercussions of breached data transfers between trust boundaries.
Despite a common myth that speed and security are mutually exclusive in data transfers, the reality is that organizations frequently opt for security at the cost of operational speed. This approach may be feasible when decision-making cycles are measured in minutes but becomes impractical when time is measured in seconds or milliseconds. With 53% of national security organizations still relying on manual data movement, the disparity between the rapid demand for AI capabilities and the slow, analog nature of current processes presents a widening attack surface. The efficiency of artificial intelligence models, which support functions such as threat detection and response, hinges on the timely and trustworthy movement of data.
To address these vulnerabilities, the adoption of cross-domain technologies is essential. When correctly implemented, these solutions eliminate the artificially imposed dilemma between speed and security. By enforcing trust at system boundaries rather than after-the-fact, organizations can create a cohesive environment where systems operate collaboratively instead of relying on fragile integrations susceptible to large-scale dismantling by attackers. The necessary architectural response includes a layered model that synergizes Zero Trust, Data-Centric Security, and Cross Domain Solutions. No single approach suffices in closing the gaps; collaboration among these domains enables real-time, secure data sharing across various operational settings.
Ultimately, the assumption that data is inherently trusted upon entry is an exploited vulnerability by adversaries. With over half of national security organizations still employing manual methods for moving sensitive data, the struggle between achieving mission speed and maintaining robust control is not merely a bottleneck but a critical weakness. Everfox is committed to enhancing the security of data access, transfer, and movement across environments at the pace required for critical operations, ensuring that organizations can navigate the complexities of modern cybersecurity threats effectively.
Note: This article is written by Petko Stoyanov, Chief Technology Officer, Everfox.