From Awareness to Action: When AI Acts Like an Employee, It Should Be Managed Like One

By Ashley Rose, CEO of Living Security

As security leaders, we have long been conditioned to harden perimeters, patch vulnerabilities, and scan for anomalies in code and traffic. But the biggest, fastest-growing vector in cybersecurity today isn’t malware or misconfigured cloud storage—it’s people. And now, it’s also the intelligent systems they interact with.

The Human + AI Risk Equation

Living Security and Cyentia Institute’s latest research report, Risky Business: The State of Human Risk Management, reveals that 10% of employees are responsible for 73% of risky behaviors, yet most security programs detect only 12% of those actions. These numbers alone expose a serious blind spot.

But in 2025, there’s a new dimension to that blind spot: Agentic AI—autonomous systems capable of making decisions, executing tasks, and chaining multiple tools—are working side-by-side with humans. These agents don’t just answer questions; they can authenticate, move data, make purchases, spin up cloud resources, and trigger workflows across integrated systems.

Human risk is no longer just about unsafe behaviors like clicking on phishing links. It also includes risks tied to identity and access and the external threat surface—and with Agentic AI entering the workplace, those risks are expanding and accelerating. Security leaders must evaluate all three dimensions to get an accurate view of their true exposure:

• Behaviors – Unsafe actions, such as clicking phishing links, bypassing MFA, or sharing sensitive data in unsanctioned tools.
• Identity & Access – Who or what has privileged permissions, whether those permissions are properly governed, and if they follow least-privilege and time-bound access principles. Every AI agent should have a unique identity, a human owner of record, and an auditable activity trail.
• External Threats – Adversaries exploiting identity or system access, including manipulating AI agents through prompt injection or API compromise. Mitigation requires continuous monitoring, pre-execution policy checks, and a kill switch for unsafe operations.

Expanding Attack Surface, Shrinking Visibility

Traditionally, risk management has focused on operational resilience: Can we prevent data loss? Can we control access? But the attack surface has already begun to expand far beyond traditional endpoints and human actions, and over the next 12 months, it will grow dramatically. A key driver of this shift is Agentic AI: digital co-workers that extend how people do their jobs, interacting with sensitive systems at scale.

As adoption surges, these AI counterparts will take on more autonomous decision-making and operational tasks. Just like any member of the team, they need clear roles, defined responsibilities, and checks and balances to ensure their actions align with policy and protect the organization. The sooner those guardrails are in place, the better prepared security teams will be for the surge of agent-driven activity on the horizon.

The more relevant questions today are:

• Can we identify behaviors, access patterns, and threat exposures—whether from people or AI agents—that could lead to an incident?
• Can we intervene before those risks become costly?
• Can we measure and reduce the probability of repeat events?

Cyber incidents are rarely caused by a single technical failure. More often, they result from cascading risk factors: unsafe human behaviors, overly broad identity access, unmonitored exposure to external threats, and now autonomous agents acting with or without direct human oversight.

These aren’t anomalies, they’re patterns. And patterns are measurable, whether they originate from a person behind a keyboard or an AI agent executing machine-speed actions in your environment.

Human-Centric Risk is Quantifiable

As organizations now face a mix of human and autonomous AI actors, the starting point for risk mitigation will be quantifying what’s visible today, understanding where risky patterns exist, what identities have elevated access, and where external threats can exploit those conditions before expanding governance to cover the fast-growing role of Agentic AI in the enterprise. Analysis of more than 100 million human-centric risk signals across industries reveals clear trends:

• A small subset of users exhibit high-risk profiles.
• Risk patterns persist over time and correlate with roles, departments, and access levels.
• Without continuous monitoring, these risks often remain hidden.

Research with the Cyentia Institute shows that most security tools and training programs surface only a fraction of actual human risk. Left unaddressed, this gap is a vulnerability; when measured and acted upon, it becomes an opportunity to materially reduce risk.

Human Risk Management in a Blended Workforce

Human Risk Management (HRM) shifts security from one-off awareness to sustained action. It doesn’t replace training—it amplifies it with visibility, accountability, and automation across three core pillars: behavior, access, and threat exposure.

In a world where autonomous AI agents are taking on operational tasks alongside human colleagues, these pillars must extend beyond people to the intelligent systems acting on their behalf. The question is no longer just how do we mitigate human risk? but how do we govern a blended workforce of humans and machines sharing decision-making authority?

Behavior

Continuous monitoring should apply to both human and agent activity to detect unsafe patterns—such as repeated failed actions, abnormal data movement, or workflows deviating from intended outcomes. In the near future, this could trigger automated policy updates or the immediate suspension of a risky AI process, much like locking a human account after repeated violations.

Access

AI agents require identity governance as rigorous as that applied to privileged human users: unique identifiers, named ownership, and role-based permissions. Theoretically, HRM could remove privileged access or revoke API tokens in real time if an agent exceeds defined thresholds or operates outside its assigned scope.

Threat Exposure

Defending against external threats now means protecting AI agents from prompt injection, malicious integrations, and API compromise. Future systems could automatically cut off an agent’s interaction with high-risk data sources or shut down a workflow entirely when external manipulation is detected.

By applying these pillars to both human and AI actors, security leaders can build a dynamic risk environment where interventions happen automatically, at the speed of machine activity. This is not just an evolution of HRM, it’s a forward-looking framework for governing all active participants in the enterprise.

• Visibility means knowing who or what poses risk, in what context, and why—across both human and machine identities.

• Accountability uses metrics and scorecards to inform leadership and align incentives.

• Automation triggers interventions, nudges, or access controls dynamically based on multi-dimensional risk thresholds.

This approach doesn’t just reduce risk, it builds trust. Executives gain confidence in the ROI of security investments. Security teams can demonstrate that they are actively lowering the organization’s true risk footprint. And by measuring positive indicators, such as adaptive behavior, secure access practices, and policy-aligned decisions, leaders can reinforce a culture where vigilance is a shared responsibility.

The Agentic AI Challenge

Agentic AI offers enormous upside:

• Speed – Automates repetitive processes instantly.
• Scalability – Executes complex, multi-step workflows at scale.
• Consistency – Eliminates human error in predefined processes.
• Augmentation – Enables smaller teams to achieve more.

It’s why Salesforce predicts 327% growth in AI-agent adoption within two years, with HR leaders expecting to redeploy 25% of the workforce as digital labor. IBM reports C-suites now see these agents as essential, not experimental.

But the risks are different and amplified:

• Machine-Initiated Actions – Harm can occur without a human click.
• New Failure Modes – Prompt injection, goal hijacking, covert data exfiltration, and misuse of connected tools.
• Accelerated Impact – Mistakes or malicious actions can scale instantly.

PwC warns that orchestrating multiple agents with their own permissions creates governance chokepoints. And with 74% of employees using AI at work but only 33% receiving training, many organizations are giving high-powered tools access without guardrails.

Beyond Behavior: A Unified Risk Lens for Humans and Agents

With Agentic AI, security leaders must apply HRM principles to both people and machines:

• Identity & Ownership – Every agent must have a unique ID, a human owner, and a clear business purpose.
• Least Privilege & Time-Bound Access – No standing admin rights; limit tokens and API calls.
• External Threat Defense – Build guardrails against prompt injection and API compromise.
• Machine-Specific Controls – Allow-lists, spending ceilings, pre-execution policy checks, output filtering, and kill switches.
• Continuous Assurance – Regularly red-team agents for bypasses, goal drift, and privilege abuse.

Why This Matters for HRM

As Agentic AI becomes part of the workforce, it must be treated as a governed identity within our Human Risk Management strategies, subject to the same visibility, accountability, and controls as any human counterpart. A single high-risk employee can influence an AI agent with broad access, triggering machine-speed consequences. The solution is a holistic HRM program that unifies behavioral insights, identity governance, and external threat awareness for both human and machine actors.

Getting Ahead of the Curve

To prepare:

1. Measure Risk Holistically – Combine behavioral, identity, and threat exposure data into one model.
2. Tie Metrics to Action – Use risk scores to drive interventions and adjust access dynamically.
3. Align Incentives – Make risk reduction a leadership KPI.
4. Integrate AI Governance into HRM – Apply the same rigor to Agentic AI as you do to human actors.

The New Frontier of Risk Management

In the era of AI, cloud, and hybrid work, your people, and the intelligent systems they interact with are your true perimeter. Governing behaviors, identity access, and threat exposure together is no longer optional. It’s the foundation of modern cyber risk management.

The organizations that embrace holistic human risk management now will be the ones that not only avoid disruption but lead through it.

About the author:

As the CEO of Living Security, Ashley Rose is passionate about helping companies build a positive security culture within their organizations. An adaptable problem solver, Rose is thoughtful and transparent in her approach to running the company and working with clients toward a singular goal: reduce risk by making people a security asset instead of a liability.