Blancco Report Reveals Rising Enterprise Spending on Data Protection Amid Growing Cybersecurity Anxiety

Cybersecurity Anxiety Is Costing Enterprises a Fortune—And the Planet

Fear is a powerful motivator. In the corporate world, it’s currently driving a massive, expensive, and often counterproductive shift in how companies handle their end-of-life IT assets. A new report from Blancco suggests that as cybersecurity anxiety reaches a fever pitch, global enterprises are throwing money at data protection in ways that are actively sabotaging their own hardware sustainability and operational efficiency.

We’re seeing a trend where panic-driven decision-making is overriding common sense. Instead of relying on verifiable, software-based sanitization, too many organizations are defaulting to the "smash it with a hammer" approach. They’re physically destroying perfectly functional hardware, burning through cash and environmental goodwill, all while failing to guarantee the very data security they’re so worried about.

The Anatomy of Corporate Security Anxiety

Why the sudden urge to shred everything in sight? The correlation between the fear of a headline-grabbing data breach and the deployment of bloated, complex security infrastructure is undeniable. Digital threats are evolving fast—especially with the rapid, often reckless integration of artificial intelligence—and leadership is reacting by throwing the kitchen sink at the problem.

AI adoption is now near-universal, with 90% of organizations bringing these tools into the fold over the last year. But this speed has a downside. Sensitive training datasets and non-human identity credentials can, in theory, be reconstructed from improperly sanitized hardware. The result? A massive 99% of AI-adopting organizations admit they’ve destroyed drives or devices specifically because they’re terrified of what might be lurking on them.

The 'Sanitization Paradox'

The Blancco report highlights a strange "sanitization paradox": companies report sky-high confidence in their internal data protocols, yet they continue to engage in behaviors that create massive security gaps and mountains of e-waste.

While 90% of firms claim they’ve got their sanitization down to a science, they’re often relying on manual logs that are prone to human error. They aren't using automated, tamper-proof certificates. They’re using spreadsheets and guesswork.

The preference for physical shredding is the biggest culprit here. It’s viewed as the "gold standard" of security, but it’s often a complete failure. Shredding can leave behind fragments that are still susceptible to forensic recovery, and it provides zero digital audit trail for regulators. Worse, holding onto decommissioned hardware in a warehouse somewhere creates a "dormant" attack surface—a ticking time bomb of data that contradicts every ESG mandate a company claims to uphold.

The scale of this destruction among AI-adopting firms is staggering:

When 'Secure' Isn't Secure

The financial and operational fallout of these current decommissioning habits is mounting. With 38% of organizations suffering a data leak in the last year alone, the pressure to get it right is immense. But here’s the kicker: 32% of those leaks were traced back to hardware that was "sanitized" and then redeployed.

The industry is still leaning on outdated methods that don't hold up to modern scrutiny. Only 32% of organizations use certifiable erasure for mobile devices. Meanwhile, a full third of laptops and desktops are handled with simple reformatting—a process so flimsy that any halfway-decent actor can recover the data in minutes.

This isn't just a security failure; it’s a sustainability roadblock. Over half of all organizations (56%) now admit that their own data security fears are the single biggest barrier to achieving their circular economy goals. They want to be green, but they're too scared to let go of the hardware.

A New Playbook for IT Asset Disposition

To bridge the gap between keeping data safe and keeping the planet clean, enterprises need to stop the "destroy-by-default" cycle. As outlined in the 2026 State of Data Sanitization Report, the shift toward automated, software-based erasure isn't just an IT upgrade—it’s a business necessity.

Think of device decommissioning with the same rigor you apply to hiring a new employee. It’s a lifecycle process, not an afterthought. To fix this, organizations should consider:

• Audit Your ITAD Vendors: If your third-party asset disposition partner can’t give you a transparent, tamper-proof report, find someone who can.
• Automate Everything: Manual logs are a relic of the past. Use software-based erasure tools that create an immutable audit trail.
• Standardize Your Protocols: Move away from simple reformatting and the shredder. Certified, forensic-level erasure is the only way to ensure data is gone while keeping the hardware viable for reuse.
• Align ESG with Security: Stop treating sustainability as a secondary goal. When you align your data security policies with your environmental mandates, you stop the needless destruction of perfectly good assets.

As cybersecurity anxiety continues to drive organizations toward costly data protection measures, the pivot to automated sanitization is the only way to reconcile the need for security with the reality of responsible hardware management. Far too many security anxiety behaviors regarding data sanitization are resulting in nothing more than wasted capital and hidden vulnerabilities.

Ultimately, the AI-driven data anxiety pushing enterprises to destroy working devices is a systemic issue that demands better education and more robust, verifiable frameworks. By letting go of the myth that physical destruction is the only secure path, organizations can shrink their attack surface and finally meet their sustainability targets. It’s time to stop the shredding and start managing.