From Human to Hybrid: How AI and the Analytics Gap Are Fueling Insider Risk

In the Middle East, unauthorised GenAI is the top insider concern (31%).

More than three-quarters of organisations (76%) report some level of unapproved Generative AI (GenAI) usage.

Government organisations are bracing for the steepest rise (73%) in insider threats.

The majority (54%) of organisations expect insider threat growth to continue.

Unapproved GenAI usage rates are highest in technology (40%), financial services (32%), and government (38%).

AI-enhanced phishing and social engineering are the most concerning tactics (27%) for insider threats.

53% of cybersecurity professionals expect insider threats to increase.

Over the past year, more than half of organisations (53%) have seen a measurable increase in insider incidents.

64% of cybersecurity professionals view insiders (whether malicious or compromised) as a greater risk than external actors.

88% of organisations state they have insider threat programmes.

Just 44% of organisations use user and entity behaviour analytics (UEBA) for insider threat detection.

97% of organisations use some form of AI in their insider threat tooling.

Two of the top three current insider threat vectors are now AI-related.

74% of cybersecurity professionals report that AI is making insider threats more effective.

Asia-Pacific and Japan lead in projected insider threat growth (69%).

In the Middle East, nearly one-third (30%) of organisations anticipate a decrease in insider threats.

Manufacturing expects a 60% rise in insider threats.

Healthcare expects a 53% rise in insider threats.

More than half of executives believe AI tools are fully deployed, contrasting with managers and analysts who report many are still in pilot or evaluation stages