Exabeam claims insider threats have overtaken external attacks as the primary security concern for organisations, driven largely by advancements in artificial intelligence (AI).
The report, From Human to Hybrid: How AI and the Analytics Gap are Fueling Insider Risk, reveals that 74% believe AI is enhancing the effectiveness of insider threats, with 53% expecting an increase in such incidents.
“Insiders aren’t just people anymore,” stated Steve Wilson, chief AI and product officer at Exabeam. “They’re AI agents logging in with valid credentials, spoofing trusted voices, and making moves at machine speed. The question isn’t just who has access—it’s whether you can spot when that access is being abused.”
The report highlights that 64% of respondents now perceive insiders, whether malicious or compromised, as a greater risk than external actors.
This shift is particularly pronounced in sectors such as government, manufacturing, and healthcare, where over half of organisations reported a measurable increase in insider incidents over the past year.
Notably, government organisations anticipate the steepest rise, with 73% expecting more insider threats.
Geographically, the Asia-Pacific region and Japan lead in projected insider threat growth at 69%, while the Middle East stands apart with 30% expecting a decrease in threats. This variation highlights the diverse landscape of insider risk and the need for tailored defence strategies.
AI's role in this evolution cannot be overstated. It has enabled malicious actors to operate with unprecedented efficiency, with AI-enhanced phishing and social engineering emerging as primary tactics.
“More than three-quarters of organisations report some level of unapproved usage of generative AI,” noted the report, indicating a dual-risk scenario where tools intended for productivity can be weaponised.
Despite 88% of organisations claiming to have insider threat programs, many lack the behavioural analytics necessary for early detection, with only 44% employing user and entity behaviour analytics (UEBA). “AI has added a layer of speed and subtlety to insider activity that traditional defenses weren’t built to detect,” explained Kevin Kirkwood, CISO at Exabeam.
To effectively combat these evolving threats, organisations must align leadership priorities with operational realities. “This paradigm shift requires a fundamentally new approach to insider threat defence,” Kirkwood added.
Bridging the gap between AI capabilities and governance will be crucial for shortening detection times and reducing opportunities for insider activity. As the threat landscape continues to evolve, a proactive and collaborative approach will be essential for organisations to safeguard their assets.
