- The Exabeam report says that AI leads threats to initiates, which are now exceeding external cyber attacks
- Most companies have initiate programs, but lack advanced behavioral analysis necessary for early detection
- Generative AI agents create faster and more stealthy risks that traditional defenses cannot easily catch
The way in which organizations consider the risk of initiate change, according to a new Exabeam report which affirms that the threats of initiates have exceeded external attacks to become the first security problem, and it is mainly due to AI.
Almost two -thirds (64%) of respondents said they now saw initiates, whether malicious or compromised, as a more important danger than external actors – and generating AI is at the origin of an increase in faster and furtive attacks which are much more difficult to detect.
“The initiates are no longer just people,” said Exabeam IA chief and product agent Steve Wilson. “These are AI agents who connected with valid identification information, the usurpation of confidence voice and movements at the speed of the machine. The question is not only that has access – it is if you can locate when this access is abused.”
Improved phishing and social engineering AI
More than half of the organizations have declared an increase in initiate incidents in the past year, most expected growth.
Government, manufacturing and health care are among the sectors that are preparing for sharper increases, while Asia-Pacific and Japan anticipate the largest regional increases.
The Middle East region is the aberrant value here, with almost a third of organizations expecting a decline, something Exabeam may suggest is due to stronger defenses or an underestimation of new AI risks.
Improved phishing and social engineering are now among the main tactics of initiates, capable of adapting in real time and imitating the communications of large -scale trust.
The unauthorized use of the generative AI makes the challenge facing even more difficult companies, with three -quarters of the organizations reporting an unprepared activity.
Technology, government and financial services show the highest levels of concern.
Despite the widespread adoption of AI in security tools, initiate threat programs remain a mixed bag, as Exabeam has noted, while 88% of organizations have such programs in place, only 44% really use the analysis of user behavior and entities.
“The AI added a layer of speed and subtlety to the activity of initiates that traditional defenses were not built to detect,” said Kevin Kirkwood, Ciso, Exabeam. “The security teams deploy AI to detect these evolving threats, but without strong governance or clear surveillance, it is a race that they find it difficult to gain. This paradigm shift requires a fundamentally new approach to the defense of initiate threats. ”
Exabeam’s report noted its conclusions “point to a clear and coherent challenge” in which “organizations are aware of the threats of initiates, but most of them do not have visibility and the interfunctional alignment necessary to resolve them effectively”.
“While AI becomes more anchored in corporate workflows, the emergence of AI agents adds a new layer of complexity. These agents are not intrinsically malicious, but their ability to act independently introduces risks that traditional controls may fail.
