Cybersecurity Awareness Month: Redefining Insider Risk in the Age of AI

Cybersecurity Awareness Month has always been about education. In its early years, that meant urging employees to spot phishing emails and update passwords. Later, the focus shifted to insider threats: recognizing that employees and contractors could inadvertently, or deliberately, compromise sensitive data.

This year demands a new lens. The definition of “insider” no longer stops at people. AI systems — from generative chatbots to autonomous agents — are now acting inside the enterprise with the same access and influence as human insiders, carrying comparable risks: being manipulated, hallucinating, or acting negligently without intent. Without governance, they can expose intellectual property, execute tasks without approval, or be hijacked by adversaries to persist undetected. 

The “so what” for this Cybersecurity Awareness Month is clear: awareness must extend beyond human behavior to include governance of AI systems already embedded in daily operations.

The new insider profile: from human to non-human

The insider threat has traditionally been framed around people. In today’s modern, complex world, however, the definition of “insider” has broadened. Artificial intelligence now sits alongside employees, contractors, and partners as an insider risk in its own right. AI is viewed as an efficiency partner, even a colleague — and AI agents can act autonomously. The risks are already evident in areas such as:

• Everyday employees using AI tools. Well-intentioned staff paste proprietary code into public chatbots, sync meeting transcripts to unvetted services, or use AI plugins that quietly store data in unsecured locations.
• Autonomous agents and service accounts. These non-human actors operate continuously, executing tasks across cloud and endpoint environments without the friction of human approval. A single misconfiguration, compromise, or unintentionally negligent action can cascade at machine speed.
• Nation-state and criminal actors. Adversaries now weaponize generative AI to automate reconnaissance, personalize social engineering, and exploit the data already leaking into uncontrolled platforms.

The result: the insider threat has evolved from being exclusively human to a mix of human and non-human actors, often intertwined and indistinguishable without governance and visibility.

Why AI governance must be a priority

The conversation around AI often begins with productivity. AI governance is how enterprises bring discipline to that adoption. It establishes the rules of the road:

• Which AI systems can be used. 
• What data they may process.
• How their outputs are validated.
• Who is accountable for their actions.
• Who is allowed to do what with them.

Without governance, AI becomes a shadow insider — operating with reach and autonomy but without accountability. With governance, AI can be directed responsibly, ensuring innovation and security move in parallel.

Strong governance also provides the foundation for trust. It signals to employees, customers, regulators, and shareholders that AI use has boundaries — and that those boundaries are enforced consistently.

AI governance in action: from policy to protection

For AI governance to deliver value, it must be more than a policy statement. It becomes meaningful only when backed by adaptive controls that reflect how work — and risk — actually occur. In a fast-moving enterprise shaped by AI, static approaches that treat all data transfers the same cannot keep pace.

Risk-adaptive protection brings governance to life. Instead of asking only what information is moving, it evaluates why it is moving, who or what initiated the action, and whether the behavior aligns with policy. This shift transforms governance from aspiration into execution, ensuring the rules leaders set in the boardroom are applied consistently across endpoints, cloud services, and AI agents.

The result is not added friction, but greater confidence. Employees and AI systems can operate at speed while sensitive information remains under control.

By pairing governance with adaptive protection, enterprises turn AI into a driver of resilience rather than a source of uncertainty.

The cost of standing still

Ponemon Institute’s study underscores the stakes: the average breach cost now exceeds $10.22M, and when unmanaged AI is involved, costs rise by nearly $2M more.

Organizations with AI in their security stack cut containment times by almost three months and reduced breach losses dramatically.

• For CEOs, that is a resilience and trust issue.
• For CISOs and CIOs, it’s about unifying fragmented controls.
• For CFOs, it’s direct financial exposure.
• For boards, it is governance and fiduciary duty.

And for governments and critical infrastructure, the implications extend further: non-human risk has become a national security concern. DTEX i³ research has documented how DPRK IT workers have used generative AI and false identities to gain footholds in global enterprises — blending human tradecraft with AI-enabled tools to persist undetected. These campaigns illustrate a broader trend noted by U.S. and allied governments, where adversaries are actively testing AI-driven capabilities to probe infrastructure and supply chains.

What executives should do this Cybersecurity Awareness Month

• Redefine insider risk. Expand insider risk programs to explicitly include AI systems, service accounts, and autonomous agents.
• Establish AI governance. Put in place clear boundaries for where AI may act, what data it may touch, and who is accountable.  Put in place clear boundaries for where AI may act, what data it may touch, and who is accountable.
• Modernize data protection. Replace static DLP with risk-adaptive capabilities that adjust policies dynamically to context and behavior.
• Invest in visibility. Ensure monitoring captures both human and non-human activity, enabling leaders to validate compliance and respond quickly.
• Lead from the boardroom. Make AI governance and insider risk management (with AI explicitly scoped into the definition of “insider”) a standing agenda item for security and privacy alongside financial and compliance oversight.

Awareness into action

Cybersecurity Awareness Month is a chance to move the conversation forward. Insider risk is evolving with AI, and so are the solutions to manage it. With strong governance and risk-adaptive protection, organizations can safeguard their data, enable innovation, and build trust that lasts. The enterprises that act now will not only reduce risk — they will define resilience in the AI era.

This Cybersecurity Awareness Month, make insider risk a boardroom priority. Contact DTEX to learn how risk-adaptive security and AI governance can strengthen resilience, safeguard data, and equip your leadership team with strategies that protect and enable growth.