An autonomous workforce arrived before anyone agreed to hire it

An autonomous agent inside a modern enterprise does not wait for a morning stand-up. It reads, decides and acts on company data at machine speed, often before any human reviews what it has touched. From the US to Dubai to Singapore, that scene has moved out of the innovation lab and into the ordinary working day, and the people nominally in charge of it are discovering how little of it they can actually see.

KnowBe4's new global research, From Agentic Risk to Human Wins, surveyed 4,000 professionals across the US, Europe, the Middle East and Asia-Pacific, and the picture it returns holds across every region it touched. AI agents have become a parallel workforce, frequently operating without approval, oversight or any record of what they are doing. The efficiency arrived first everywhere, and the guardrails are still being drawn.

The agents are already acting, and a fortune of them answer to no one

The headline shift in the data is not that organisations are experimenting with autonomous AI, but that they have already handed it operational authority. Globally, 58% of cybersecurity leaders confirmed that AI agents are taking actions within their organisational workflows, executing tasks rather than merely suggesting them. The technology has crossed from advisory tool to active participant, and it has done so inside systems that hold sensitive corporate data.

What unsettles the security leaders surveyed is how much of that activity sits outside any formal control. More than half of organisations worldwide, 52%, reported that their use of AI is unapproved or ungoverned, a figure KnowBe4 describes as an invisible layer of shadow employees handling sensitive information without oversight. In the United Arab Emirates and Saudi Arabia, where agentic adoption has run particularly hot, 84% of cybersecurity leaders said AI agents are already taking actions within their workflows, while around 1 in 4 organisations admitted that their AI usage is entirely unapproved or lacks corporate governance.

Dr. Martin Kraemer, CISO Advisor at KnowBe4, sees the imbalance between speed and control as the defining condition of the moment. “Cybersecurity has entered a volatile phase where organisations are trying to secure a hybrid human and AI workforce that’s changing more quickly than security leaders can keep up with,” he said. The pressure, in his account, comes from both directions at once, against the people and against the machines they have deployed. “Attackers are moving at machine speed, using attacks such as deepfakes to target employees and prompt injections to hijack AI agents,” he added. His assessment of the governance gap was blunt. “Leaving almost a quarter of your corporate AI usage ungoverned is a massive open invitation to threat actors,” he explained.

When tools feel slow, employees go and find their own

The ungoverned layer is not an accident of policy so much as a predictable response to friction. When sanctioned tools feel restrictive or slow, workers route around them. More than a third of employees globally reported that they commonly source their own agentic AI tools where official options are unavailable or limiting, building a private supply chain of unvetted software that no security team approved or can monitor.

The regional readings sharpen the same behaviour. Across the UAE and Saudi Arabia, 41% of workers said that if corporate AI tools are restricted or too slow, they will actively source their own unapproved agentic AI tools to bypass administrative blocks. The consequence shows up directly in the security posture leaders are trying to defend, with 52% of cybersecurity decision-makers in the two markets reporting that unsanctioned software and rogue AI applications had degraded or actively compromised their security over the preceding 12 months.

While agents expand the attack surface from the inside, the nature of the external threat has changed in parallel. The manipulation that lands on employees is no longer the clumsy phishing email of a decade ago, but synthetic media convincing enough to defeat ordinary human judgement. In the UAE and Saudi Arabia, 88% of employees said deepfake voice and video content has become so realistic that it is harder to know what to trust, and 52% openly acknowledged that they could be deceived by a sophisticated deepfake masquerading as an internal stakeholder or executive.

That admission matters because it inverts a long-standing assumption about awareness. Employees who know the danger exists are conceding that knowing is no longer enough to protect them, and the data on everyday error explains why. Globally, 42% of cybersecurity leaders identified AI-enabled attacks as a key driver of future human-related cybersecurity risk, placing the deepfake problem at the centre of how the threat will evolve rather than at its margins.

The breaches come from ordinary days, not exotic exploits

The most consequential finding in the research is also the least dramatic. The damage is not arriving mainly through sophisticated zero-day exploits, but through tired people making ordinary mistakes under pressure. In the UAE and Saudi Arabia, 44% of employees confessed that time constraints, cognitive overload and everyday workplace distractions drive them to cut corners and make critical security errors, even when they are fully aware of the safe protocol.

The leaders responsible for those perimeters confirmed the pattern from their own vantage point. More than half of cybersecurity leaders in the two Gulf markets, 54%, reported that mistakes during everyday work, rather than exploit kits, had the greatest impact on their organisation's cybersecurity over the past 12 months. The threat, in other words, is being manufactured inside the building by the compounding collision of human fatigue with low operational maturity, and no amount of perimeter hardening addresses it.

Confidence is high, and readiness is not the same thing

What makes the picture precarious is the confidence sitting on top of it. In the UAE and Saudi Arabia, 76% of security leaders said they feel “very well prepared” to handle unexpected or emerging AI-driven threats over the coming year. Yet 84% of those same leaders conceded that improvements are still needed to ensure AI tools and agents operate within their organisation's security policies and approved risk limits, an acknowledgement that the preparedness they feel outpaces the controls they have actually built.

The global maturity data exposes how wide that gap runs. Only 19% of organisations worldwide have reached what KnowBe4 calls the Gold Standard, an integrated, culture-embedded approach to managing human and agent risk together. The remaining four in five are operating a hybrid human and AI workforce without the unified discipline the research identifies as the marker of genuine resilience, which means the prevailing sense of readiness rests, for most, on ground that has not yet been laid.

The win is cultural, or it is nothing

The organisations pulling ahead, in KnowBe4's reading, are not the ones with the most tools but the ones that have made security a property of their culture rather than a function bolted onto it. They embed secure behaviour into ordinary work and, critically, build environments where people feel safe owning their mistakes, with 89% of employees in those organisations agreeing they can report errors without fear. That psychological safety is what converts a fragile workforce into a defensive one.

Perry Carpenter, Chief Deception Strategist at KnowBe4, situates the entire shift in those terms. “Cybersecurity is entering a new phase where every organisation must think about both human behaviour and AI behaviour,” he said. The companies adapting fastest, in his account, are the ones treating their newest workers, the agents, with the same expectations they hold for people. “The companies leading this shift are creating cultures where trust is reinforced through everyday actions, where employees feel safe speaking up, and where AI agents are treated as part of the workforce that also needs guidance, guardrails, and accountability,” he explained.

The conclusion the research drives toward is that employees and AI agents now operate as a single, interconnected layer of defence, and that securing one without the other leaves the whole exposed. Organisations that align awareness, behaviour and culture around a clear picture of their risk do more than manage their exposure; they become harder targets. The threats are not going to recede, but on the evidence of this study, they will increasingly run into organisations that decided, ahead of the incident, to take the human and the agent equally seriously.

Sindhu V Kashyap

Global Technology Journalist & Multimedia Storyteller | Covering Founders, Investors & Leaders Reshaping Tech | Writer · Interviewer · Moderator · Editor

Previous
Previous

Magna AI Builds Out Saudi Sovereign AI Stack With EEC Infrastructure Deal and Arabic.AI Partnership

Next
Next

From Framework Debates to Operational Compliance: How AI Regulation Grew Up