Nearly two-thirds of European cybersecurity professionals see insider threats as their biggest security risk – and AI is making things worse.
A new report from Exabeam shows 64% now view insiders, whether malicious or compromised, as a bigger risk than external threat actors.
Notably, a key factor behind this shift in focus is the use of generative AI among cyber criminals, the study found, which is making attacks faster, stealthier, and more difficult to detect.
“Insiders aren’t just people anymore,” said Steve Wilson, chief AI and product officer at Exabeam. “They’re AI agents logging in with valid credentials, spoofing trusted voices, and making moves at machine speed.”
“The question isn’t just who has access — it’s whether you can spot when that access is being abused,” Wilson added.
Over the past year, Exabeam found more than half (53%) of organizations have seen a measurable increase in insider incidents, with 54% saying they expect that growth to continue.
Government organizations are the most concerned about threats of this kind, at 73%, followed by manufacturing (60%) and healthcare at (53%).
Insider threats aren’t the only worry
Unauthorized use of generative AI isn't helping, according to Exabeam, with 67% of organizations reporting some level of unapproved usage.
Those in technology recorded the highest rates of unauthorized use, at 40%, followed by government at 38% and financial services at 32%.
This leads to all sorts of security risks, with a recent report from Palo Alto Networks finding that data loss prevention incidents related to generative AI more than doubled in early 2025 - with 10% of these classified as high risk.
While 88% of organizations told Exabeam that they have insider threat programs, only 44% are using user and entity behavioral analytics, with many continuing to rely on identity and access management (IAM) tools, security training, data loss prevention (DLP) software, and endpoint detection and response (EDR).
These tools, Exabeam said, provide visibility but not the crucial behavioral context necessary to spot subtle or emerging risks.
Virtually all organizations are using some form of AI in their insider threat tooling, yet governance and operational readiness lag far behind.
Similarly, while more than half of executives believe their AI tools are fully deployed, managers and analysts think differently, saying many are still in the pilot or evaluation stages.
“AI has added a layer of speed and subtlety to insider activity that traditional defenses weren’t built to detect,” said Kevin Kirkwood, CISO, Exabeam.
“Security teams are deploying AI to detect these evolving threats, but without strong governance or clear oversight, it’s a race they’re struggling to win. This paradigm shift requires a fundamentally new approach to insider threat defense.”
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
Researchers sound alarm over AI hardware vulnerabilities that expose training dataNews Hackers can abuse flaws in AI accelerators to break AI privacy – and a reliable fix could be years away
-
Are AI PCs becoming the norm?ITPro Podcast As manufacturers increasingly embed NPUs in devices, what are the benefits to businesses?
-
A malicious MCP server is silently stealing user emailsNews Koi Security says it's discovered the first malicious MCP server in the wild, exposing a risk to the entire ecosystem
-
NCA confirms arrest after airport cyber disruptionNews Disruption is easing across Europe following the ransomware incident
-
Cyber skills shortages are pushing firms into dangerous shortcuts – and it’s putting them at huge risk of security breachesNews Chronic cyber skills shortages mean many businesses are implementing quick fixes
-
Pentesters are now a CISOs best friend as critical vulnerabilities skyrocketNews Attack surfaces are expanding rapidly, but pentesters are here to save the day
-
Hackers are disguising malware as ChatGPT, Microsoft Office, and Google Drive to dupe workersNews Beware of downloading applications like ChatGPT, Microsoft Office applications, and Google Drive through search engines
-
Generative AI attacks are accelerating at an alarming rateNews Two new reports from Gartner highlight the new AI-related pressures companies face, and the tools they are using to counter them
-
A terrifying Microsoft flaw could’ve allowed hackers to compromise ‘every Entra ID tenant in the world’News The Entra ID vulnerability could have allowed full access to virtually all Azure customer accounts
-
‘Channel their curiosity into something meaningful’: Cyber expert warns an uptick of youth hackers should be a ‘wake-up call’ after teens charged over TfL attackNews Encouraging youths to engage in positive tech initiatives will guide them down the right path and away from nefarious activities
