Exabeam Research: Insider Threats, Supercharged by AI, Set for Explosive Growth in APJ
AI Is Making Insider Threats More Effective, and 69% Expect Insider Threats to Increase in the Next 12 Months
Exabeam, a global leader in intelligence and automation that powers security operations, has announced the findings of its new multinational report, From Human to Hybrid: How AI and the Analytics Gap Are Fuelling Insider Risk. Based on a global survey of 1,010 cybersecurity professionals across key sectors, the research reveals that insider threats have overtaken external attacks as the top security concern, with Artificial Intelligence (AI) accelerating the shift.
The Asia-Pacific and Japan (APJ) region stands out globally in insider risk awareness, with 69% expecting insider threats to grow in the next 12 months. One in two (53%) APJ respondents now view insiders, whether malicious or compromised, as a greater risk than external actors. Generative AI (GenAI) is a major driver of insider threats, as it makes attacks faster, stealthier, and more difficult to detect.
“Insiders aren’t just people anymore,” said Steve Wilson, Chief AI and Product Officer at Exabeam. “They’re AI agents logging in with valid credentials, spoofing trusted voices, and making moves at machine speed. The question isn’t just who has access—it’s whether you can spot when that access is being abused.”
Growth of Insider Threats Shows No Signs of Slowing
Insider activity is intensifying across industries, driven by both malicious intent and accidental compromise. Over the past year, three in five APJ organisations (60%) have seen a measurable increase in insider incidents. This surge in insider threats is not uniform; risk trajectories vary sharply by geography and sector.
APJ leads in projected insider threat growth (69%), reflecting heightened awareness of identity-driven attacks. The Middle East stands apart, with nearly one-third (30%) anticipating a decrease, a signal of either stronger confidence in current defences or a potential underestimation of evolving risks. These contrasts underscore the complexity of the insider threat landscape and the need for defence strategies that align with regional realities.
AI is Powering Faster, Smarter, and Stealthier Insider Attacks
Artificial Intelligence has become a force multiplier for insider threats, enabling actors to operate with unprecedented efficiency and subtlety. These attacks can adapt in real time, mimic legitimate communications, and exploit trust at a scale and speed human adversaries cannot match. In APJ, 75% of respondents acknowledge that AI is increasing the effectiveness of insider attacks. In particular, AI-enhanced phishing and social engineering (31%) emerged as the most concerning threat vector, followed by privilege misuse or unauthorised access (18%), and data exfiltration (17%).
Unauthorised GenAI use compounds the challenge, creating a dual-risk scenario where the same tools meant to boost productivity can be repurposed for malicious activity. 64% of APJ organisations reported some level of unapproved GenAI tool usage by employees, with 12% indicating this as the top insider concern. Globally, the convergence of insider access and AI capabilities is producing threats that evade traditional controls and demand more advanced behavioural detection.
Most Insider Threat Programmes Still Miss the Mark on Detection
While 82% of APJ organisations say they have insider threat programmes, most lack the behavioural analytics needed to catch abnormal activity early. Less than half of them (37%) use user and entity behaviour analytics (UEBA), the foundational capability for insider threat detection. Many continue to rely on identity and access management, security training, data loss prevention (DLP), and endpoint detection and response (EDR), tools that provide visibility but not the behavioural context necessary to spot subtle or emerging risks.
AI adoption is widespread, with most APJ (94%) organisations using some form of AI in their insider threat tooling, yet governance and operational readiness lag far behind. More than half of executives (55%) globally believe AI tools are fully deployed, but managers and analysts say many are still in pilot or evaluation stages. Compounding the challenge, security teams face persistent barriers: privacy resistance, fragmented tools, and difficulty interpreting user intent remain major blind spots.
“AI has added a layer of speed and subtlety to insider activity that traditional defences weren’t built to detect,” said Kevin Kirkwood, CISO, Exabeam. “Security teams are deploying AI to detect these evolving threats, but without strong governance or clear oversight, it’s a race they’re struggling to win. This paradigm shift requires a fundamentally new approach to insider threat defence.”
Closing the Insider Threat Gap
As insider threats accelerate, driven by AI, identity misuse, and a lack of behavioural visibility, organisations that succeed will be those that align leadership priorities with operational reality. Progress will come from moving beyond surface-level compliance to approaches that focus on context, accurately distinguish between human and AI-driven activity, and foster collaboration across teams to close visibility gaps.
Bridging this divide requires more than policy changes. It demands leadership engagement, cross-functional cooperation, and governance models that keep pace with the speed of AI adoption. Success will be defined by the ability to shorten detection and response times, reduce the window of opportunity for insider activity, and adapt strategies as threats evolve.
To access the full report on the rise of insider threats, From Human to Hybrid: How AI and the Analytics Gap Are Fuelling Insider Risk, visit: exabeam.com/from-human-to-hybrid.
