Rawpixel.com - stock.adobe.com
Collaboration security and governance must be proactive
Collaboration tools are prime targets for attackers eager to gain access to enterprises. A proactive security strategy not only protects tools but also boosts ROI.
Attackers are increasingly setting their sights on collaboration applications and platforms. According to Metrigy's annual "Workplace Collaboration and Contact Center Security and Compliance: 2026" global study of 305 organizations, two primary truths emerged: Attacks on collaboration applications and platforms are rapidly increasing, and a proactive security strategy centered on collaboration security and governance correlates with success.
Security threats on the rise
Since 2021, the percentage of companies in Metrigy's research reporting attacks has more than tripled -- to almost 30% in 2025. The real percentage is likely higher, owing to companies' reluctance to disclose that they've been attacked, as well as those that do not detect an attack.
The nature of attacks is changing as well. Gone are the days when companies only had to worry about voice attacks such as toll fraud and telephony denial-of-service (TDoS). Today's attack vectors are as complex as the applications themselves.
Study respondents tell us their primary concerns now are deepfakes, where customer and employee identities are impersonated, and data leakage through AI bots and attacks -- combined with social engineering -- designed to gain access to company, employee or customer data through the use of stolen credentials. Insider attacks are another primary concern, especially in the contact center where agents may have access to customer data.
A new way to measure success
Though many companies still consider security to be a necessary expense, only a few see it as an enabler. The basic idea is to proactively secure collaboration platforms. This approach both eliminates risk and speeds the adoption of emerging technologies that deliver measurable business value. Failure to be proactive may drive employees to use unapproved applications, which creates additional risk of data loss and regulatory action.
To determine success, Metrigy examined data from organizations that had measured cost savings, revenue improvements and/or productivity gains associated with their investments in collaboration technologies. Once we identified those with gains, we examined their security management strategies to identify a success group of companies with above-average ROI.
Characteristics of strategy success
We found a number of correlations between companies with high ROI from their collaboration spend and their strategic approach designed to ensure their collaboration apps remained secure, including:
1. Involve CISOs in collaboration app evaluation and purchase. Nearly 90% of companies in the success group (compared to 77% of those outside of the success group) include security teams when evaluating applications. Almost 74% require security team approval before purchase (compared to 62% of those not in the success group). Including security teams early in the application evaluation and selection process ensures proper vetting and minimizes risk.
2. Have a plan. The success group was more likely to either have a security plan in place or to be developing one to govern their collaboration app strategies. This split was even stronger for AI-specific security plans. Fortunately, almost half of the companies polled in our 2025 study have a security plan, compared to only 35% in 2024.
Among the success group, nearly 54% had a security plan in place, compared to just 48% of the non-success group. Security plans typically cover identity and access management, content classification (including AI), remote worker security, endpoint security and application access restrictions. For those managing their own PSTN access, TDoS and toll-fraud protection are often part of the security framework as well.
3. Have a budget. A collaboration security and governance plan without a budget is a recipe for failure. Successful companies are almost 25% more likely to be increasing their spend on collaboration security in 2026, with an average increase of just over 20%. Spending is often driven by the need to ensure security of emerging apps, including AI, as well as to meet regulatory requirements and an ever-expanding array of collaboration tools.
4. Use third-party tools. Nearly 51% of the success group uses third-party specialty platforms for collaboration security, compared to just 39% of the non-success group. Third-party tools include those with the specific ability to manage multiple collaboration applications to ensure common policy enforcement and governance, as well as those with specific capabilities such as compliance and voice protection. Those using third-party tools report significant reductions in both mean time to detect a security breach and the time to resolve incidents.
A proactive collaboration security and governance plan protects organizations from the rising tide of threats. It also helps companies realize positive ROI by ensuring that security is an integral component of applications most likely to deliver measurable business benefits.
Editor's note: This article was updated in April 2026 to reflect new trends in security and governance and to improve the reader experience.
Irwin Lazar is president and principal analyst at Metrigy, where he leads coverage on the digital workplace. His research focus includes unified communications, VoIP, video conferencing and team collaboration.
