"The workforce is no longer exclusively human." That simple, declarative line from the webinar description frames what is at stake for organizations: employees and AI agents are now co-workers, and both introduce—and both are targeted by—the same dynamic threat environment.
Human and AI agents working side by side
The webinar, hosted by Jinan Budge, VP and Research Director at Forrester, and Bryan Palma, President and CEO of KnowBe4, puts a single operating fact front and center: organizations are "rapidly entering a new operating model where employees and AI agents work side by side, accessing systems, executing tasks, and influencing decisions." That blended workforce changes how access is granted, how tasks are executed, and where trust is placed—creating a converged surface of risk that security leaders must reckon with now.
Why legacy awareness programs are proving insufficient
Speakers warn that "traditional approaches, particularly static and one size fits all security awareness training, are proving insufficient" as AI adoption accelerates. The claim is concrete: static training tied to human-only workflows cannot adequately prepare organizations for threats that target both human behaviors and machine-assisted processes. The webinar frames legacy programs as failing to drive the behavioral change necessary to meet AI-driven threats.
How attackers exploit converging vulnerabilities
The description lists the techniques that bridge human and AI vulnerabilities: phishing, deepfakes, and "prompt based manipulation." It underscores a new symmetry—where employees can be socially engineered, AI agents can be "prompt engineered"—and attackers exploit trust across both. This is not an abstract risk; the organizers emphasize specific attack vectors that leverage trust relationships between humans and automated agents.
Measuring and reporting human-to-AI risk in business terms
One of the webinar's stated objectives is practical: to teach approaches to "measuring and reporting on human and human to AI risk in business terms that support executive decision making." That language signals a shift from technical-only metrics toward risk quantification tied to executive priorities and business outcomes. For security leaders, the implication is a requirement to translate blended-workforce exposures into language and metrics that boards and C-suite executives can act on.
Practical modernization: reduce overhead, scale protection
Beyond diagnosis, the session promises "practical steps to modernize security programs, reducing operational overhead while scaling protection across both human and AI driven workflows." That dual objective—efficiency and scale—frames modernization as both a defensive necessity and an operational imperative. The webinar positions modernization measures as tools to protect a hybrid set of workflows without ballooning staff time or complexity.
What this means for technologists, procurement leaders, and end users
- Technologists and security teams will need to reassess controls for both human-initiated and AI-initiated actions, and to account for "prompt based manipulation" alongside traditional social engineering techniques.
- Procurement leaders and executives must demand risk metrics "in business terms" so that investments in training and tooling map to measurable reductions in blended-workforce risk and to lower operational overhead.
- End users—and the managers who oversee them—should expect training and controls to shift away from static, one-size-fits-all models toward more adaptive programs that address how AI agents interact with human workflows.
The webinar promises a compact agenda: assess the current maturity and trajectory of human risk management; explain why legacy awareness programs fail to change behavior in an AI era; lay out how human and AI vulnerabilities converge and are exploited; describe methods for business-oriented risk measurement; and offer practical, scalable steps to modernize security programs. For security leaders facing immediate decisions about tools, training, and reporting, the message is clear: rethink human risk with AI on the roster, and align defenses and metrics to the realities of a hybrid workforce.
Original: https://www.govinfosecurity.com/webinars/security-leaders-must-rethink-risk-now-w-7053
