Social engineering remains the most reliable way into an organization—and attackers are getting better at it every day.
According to the 2025 Verizon Data Breach Investigations Report, up to 68% of breaches involve social engineering. AI has only widened the gap. More than 95% of cybersecurity professionals say AI-generated phishing is harder to detect, and Microsoft reports that AI-generated phishing emails are 4.5x more successful than manually created ones.
The problem isn’t awareness of the threat. It’s the reality that traditional security awareness programs can’t adapt fast enough to keep pace.
The Limits of Manual Security Awareness Programs
Most organizations face two significant limitations when it comes to managing security awareness:
- They’re using scheduled campaigns, static training paths and manual decision-making
- They’re security awareness training program isn’t leveraging human risk data from across their security ecosystem
Security leaders struggle to demonstrate measurable reductions in human risk to executives and boards. Awareness administrators spend countless hours building phishing templates, tuning difficulty levels and refreshing content—only to fall behind again as threats evolve.
IT and security teams face alert fatigue, while users receive generic training that feels disconnected from their day-to-day work. The disconnect between training and real-world risk leaves gaps attackers are happy to exploit.
Introducing the AIDA Orchestration Agent
To close that gap, KnowBe4 is introducing the AIDA™ Orchestration Agent—the newest addition to KnowBe4’s Artificial Intelligence Defense Agents (AIDA) suite.
The Orchestration Agent marks a fundamental shift in how human risk is managed. Instead of manually running campaigns and reacting to results, organizations can now move to an always-on, AI-driven model that continuously assesses risk and automatically takes action to reduce it.
The Orchestration Agent coordinates KnowBe4’s AIDA agents under a single intelligent, goal-driven system. It continuously evaluates individual user risk and autonomously determines who to test, which attack vectors to use, what training to assign and when to deliver it—all without manual intervention.
The AIDA™ Orchestration Agent delivers automated capabilities that include:
- Phishing, which autonomously creates and delivers personalized phishing simulations
- Remedial and Ongoing Training, which ensure users receive relevant, engaging content when and where it has the greatest impact
You define the guardrails. AIDA handles the execution.
How Orchestration Changes the Game
Powered by SmartRisk Agent,KnowBe4’s risk score engine, the Orchestration Agent leverages behavioral data across the KnowBe4 HRM platform to maintain a real-time view of human risk. This allows AIDA to prioritize risk dynamically and adjust interventions as user behavior changes.
With AIDA™ Orchestration Agent in place, security teams move away from static, calendar-based programs and toward continuous risk reduction. Phishing tests, remedial training, ongoing education and reinforcement are automatically tailored at the individual level—based on real behavior, not assumptions.
Supporting agents work seamlessly under orchestration, including:
- Template Generation and Callback Template Generation Agents, producing realistic, AI-driven templates aligned with current attack techniques and the NIST Phish Scale Framework
- Knowledge Refresher and Policy Quiz Agents, reinforcing critical concepts and organizational policies over time
- Deepfake Training Content and Custom SAPA Agents, preparing users for advanced AI-driven attacks and assessing risk using organization-specific context
Together, these agents shift security awareness from periodic training to continuous human risk management.
Real Impact for Security Teams—and the Business
The AIDA Orchestration Agent dramatically reduces the operational burden placed on security and awareness teams. Tasks that once took hours—campaign creation, content alignment, user targeting—now happen automatically in seconds.
Just as importantly, Orchestration helps organizations demonstrate real progress. By continuously aligning training and testing with measurable human risk, security leaders gain clearer insight into what’s working, where risk remains, and how investments are reducing exposure over time.
For users, the experience improves as well. Training becomes relevant, timely and contextual—no longer a generic exercise, but guidance they can actually apply in their daily work.
A New Standard for Human Risk Management
Human risk isn’t static. Attackers aren’t waiting. And manual programs can’t keep up.
With the launch of the AIDA Orchestration Agent, KnowBe4 is setting a new standard for human risk management—one that’s automated, adaptive and always on.
