- Exabeam report claims AI is driving insider threats, that are now outpacing external cyberattacks
- Most firms have insider programs, but lack advanced behavioral analytics needed for early detection
- Generative AI agents create faster, stealthier risks that traditional defenses cannot easily catch
How organizations view insider risk is changing, according to a new report from Exabeam which claims insider threats have overtaken external attacks to become the number one security concern, and it’s mostly down to AI.
Nearly two thirds (64%) of respondents said they now see insiders, whether malicious or compromised, as a bigger danger than outside actors – and Generative AI is behind a rise in faster and stealthier attacks that are far harder to detect.
“Insiders aren’t just people anymore,” warned Exabeam Chief AI and Product Officer, Steve Wilson. “They’re AI agents logging in with valid credentials, spoofing trusted voices, and making moves at machine speed. The question isn’t just who has access – it’s whether you can spot when that access is being abused.”
AI-enhanced phishing and social engineering
Over half of organizations reported an increase in insider incidents in the past year, with most expecting that growth to continue.
Government, manufacturing, and healthcare are among the sectors bracing for sharper rises, while Asia-Pacific and Japan are anticipating the biggest regional increases.
The Middle East region is the outlier here, with nearly one-third of organizations expecting a decline, something Exabeam suggests could be down to either stronger defenses or an underestimation of new AI risks.
AI-enhanced phishing and social engineering are now among the top insider tactics, able to adapt in real time and mimic trusted communications at scale.
Unauthorized use of generative AI makes the challenge facing firms even harder, with three-quarters of organizations reporting unapproved activity.
Technology, government, and financial services show the highest levels of concern.
Despite widespread adoption of AI in security tooling, insider threat programs remain a mixed bag, as Exabeam found while 88% of organizations have such programs in place, only 44% actually make use of user and entity behavior analytics.
“AI has added a layer of speed and subtlety to insider activity that traditional defenses weren’t built to detect,” said Kevin Kirkwood, CISO, Exabeam. “Security teams are deploying AI to detect these evolving threats, but without strong governance or clear oversight, it’s a race they’re struggling to win. This paradigm shift requires a fundamentally new approach to insider threat defense.”
Exabeam’s report noted its findings “point to a clear and consistent challenge” in which “organizations are aware of insider threats, but most lack the visibility and cross-functional alignment needed to address them effectively.”
“As AI becomes more embedded in enterprise workflows, the emergence of AI agents adds a new layer of complexity. These agents are not inherently malicious, but their ability to act independently introduces risks that traditional controls may miss. To keep pace, organizations must evolve their insider threat strategies”, the report concludes.