National Cyber Warfare Foundation (NCWF)


Warning: Undefined array key "PeopleID" in /var/www/html/includes/libUser.php on line 492

AI Emerges as the New Insider Threat: Thales Releases the 2026 Data Threat Report
0 user ratings		2026-03-03 16:37:45
milo
Developers , Blue Team (CND)

AI Emerges as the New Insider Threat: Thales Releases the 2026 Data Threat Report

madhav

Tue, 03/03/2026 - 15:00



Over the past year, I’ve watched AI move to operational reality across nearly every industry we work with. The conversation is no longer about whether AI will transform business. It already has.



AI Emerges as the New Insider Threat






Todd Moore


Todd Moore | Global VP of Data Security Products at Thales

More About This Author >






Over the past year, I’ve watched AI move to operational reality across nearly every industry we work with. The conversation is no longer about whether AI will transform business. It already has.


What concerns me, and what this year’s Thales Data Threat Report confirms, is how profoundly it is transforming risk.


The report's findings send a clear message: AI has moved from an innovation driver to a primary security concern.


According to the report, 61% of organizations now cite AI as their top data security risk. At the same time, 70% of IT and security professionals say the pace of AI-driven transformation is their most significant security challenge.


AI is embedded in workflows, connected to cloud platforms, accessing sensitive data, and increasingly acting with autonomy. However, AI does not introduce entirely new weaknesses. It scales existing ones.


And security teams are struggling to keep up.



AI Is Acting Like a Trusted Insider



One of the most striking findings in this year’s report is how organizations are treating AI systems.


AI tools and agents are increasingly granted broad, automated access to enterprise data, often with fewer controls and less oversight than human users.


What stands out to me this year is how quickly AI has shifted from being viewed as a productivity enhancer to being treated like a trusted insider. Insider risk is no longer just about people. It now includes automated systems that are being trusted too quickly and often too broadly.


When identity governance, access policies, or data protections are weak, AI does not simply inherit those weaknesses; it amplifies them at machine speed.



Visibility and Encryption Gaps Are Exposing Organizations



This year’s findings highlight a troubling reality: many organizations lack foundational data visibility and protection.



  • Only 34% know where all their data is stored

  • Just 39% can fully classify their data

  • 47% of sensitive cloud data remains unencrypted


As AI systems ingest, process, and act on enterprise information across cloud and SaaS environments, these visibility and encryption gaps create significant exposure.


AI increases data discoverability. Without strong data governance and encryption, that discoverability becomes a risk.


I firmly believe that organizations that succeed in this next phase will treat data security as an enabler of innovation, not a barrier.



Identity Has Become the Primary Attack Surface



As AI systems depend on API keys, tokens, and machine credentials, identity is emerging as the most critical control layer.


The report finds that identity and access management is now ranked as the top security skills priority, ahead of cloud and application security.


Credential theft was cited as the leading attack technique against cloud management infrastructure by 67% of organizations that experienced cloud attacks.


In an AI-driven environment, compromising identity is often the fastest route to sensitive data.


In my view, this shift elevates identity governance from a technical discipline to a board-level priority.



AI-Powered Threats Are Escalating Business Impact



Besides expanding internal risk, AI is reshaping external threats.



  • Nearly 60% of organizations report experiencing deepfake-driven attacks

  • 48% report reputational damage linked to AI-generated misinformation


AI-powered impersonation, misinformation, and automated attack techniques are increasing the speed, scale, and sophistication of cyber threats.


Security teams are no longer protecting infrastructure alone. They are protecting trust, brand integrity, and digital authenticity.



Investment Is Growing — But the Model Is Still Evolving



I’m encouraged to see organizations responding to these threats.



  • 30% now allocate dedicated AI security budgets, up from 20% last year

  • However, 53% are still relying on existing security funding models


The data makes one thing clear: continuous visibility, classification, and protection are no longer optional. They are foundational requirements for operating safely in an AI-driven environment.


The real problem is not investment; it’s inefficient investment. AI security cannot be treated as an add-on. It requires an architectural shift toward enterprise-wide visibility, strong encryption, identity governance, and data security posture management.



2026 is a Defining Year for Data Security



For me, the key takeaway of the 2026 Thales Data Threat Report is that it reveals a pivotal transition:



  • AI is becoming a trusted insider.

  • Identity is the primary attack surface.

  • Data remains the ultimate target.


The organizations that succeed will be those that build security architectures designed for autonomous systems, not just human users.


We already know AI will continue to reshape business.


The real question is whether our security strategies are evolving at the same pace.



Download the 2026 Thales Data Threat Report



Explore the full findings, global insights, and expert analysis in the 2026 Thales Data Threat Report and discover how leading organizations are adapting their security strategies to manage AI-driven risk.






Schema

{

"@context": "https://schema.org",

"@type": "BlogPosting",

"mainEntityOfPage": {

"@type": "WebPage",

"@id": "https://cpl.thalesgroup.com/blog/cybersecurity/ai-insider-threat-2026-data-threat-report"

},

"headline": "2026 Data Threat Report: AI Emerges as Insider Threat | Thales",

"description": "AI is now the top data security risk. Explore key findings from the 2026 Thales Data Threat Report on identity, encryption gaps, and AI-driven threats.",

"image": "",

"author": {

"@type": "Person",

"name": "Todd Moore",

"url": "https://cpl.thalesgroup.com/blog/author/tmoore"

},

"publisher": {

"@type": "Organization",

"name": "Thales Group",

"description": "The world relies on Thales to protect and secure access to your most sensitive data and software wherever it is created, shared, or stored. Whether building an encryption strategy, licensing software, providing trusted access to the cloud, or meeting compliance mandates, you can rely on Thales to secure your digital transformation.",

"url": "https://cpl.thalesgroup.com",

"logo": "https://cpl.thalesgroup.com/sites/default/files/content/footer/thaleslogo-white.png",

"sameAs": [

"https://www.twitter.com/ThalesCloudSec",

"https://www.linkedin.com/company/thalescloudsec",

"https://www.youtube.com/ThalesCloudSec"

]

},

"datePublished": "2025-03-03",

"dateModified": "2025-03-03"

}


studio








THALES BLOG

AI Emerges as the New Insider Threat Thales Releases the 2026 Data Threat Report


March 03, 2026












The post AI Emerges as the New Insider Threat: Thales Releases the 2026 Data Threat Report appeared first on Security Boulevard.



madhav

Source: Security Boulevard
Source Link: https://securityboulevard.com/2026/03/ai-emerges-as-the-new-insider-threat-thales-releases-the-2026-data-threat-report/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Developers
Blue Team (CND)


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.