




















Raja Mukerji is the Co-Founder and Chief Scientist of ExtraHop.

getty
Today, generative and agentic AI are working alongside humans. AI can help with everything from taking manual tasks off employees’ plates to automating workflows and spotting potential threats. AI can drive better efficiency gains and better business outcomes, but only if it’s applied to workflows as intended. At the same time, it adds another layer of complexity, especially for already-stretched-thin security teams.
Managing AI and humans should follow the same fundamentals. Both depend on visibility, context and high-quality data to ensure actions are safe, accurate and aligned with the priorities of the overall business.
Risk doesn’t come from just one place, as both AI and human behavior introduce vulnerabilities to the organization. AI models can still hallucinate, misread information or draw conclusions from inaccurate data. Humans are just as vulnerable and can easily fall victim to sophisticated scams like AI-generated phishing emails.
If both AI systems and humans can “break” security, how can organizations adopt new technology with confidence while strengthening defenses?
Generative AI applications are one of the most significant cyber risks across all attack surfaces, given that these systems are increasingly embedded into workflows that deal with sensitive data, critical infrastructure and operational decision-making.
Despite the hype around AI, capabilities are fundamentally dependent on the quality of data it’s given. While AI can be extremely effective at organizing and correlating information, it still cannot reason beyond the data it’s given. Similarly, large language models are power tools for interpretation and pattern recognition, but they aren’t decision engines capable of navigating complex environments independently.
Agentic AI, for example, can meaningfully help security teams improve incident response workflows, develop playbooks or accelerate investigations. However, these systems are still prone to hallucinations when there are data gaps. In more complex activities like threat hunting or active intervention, that can introduce more risk rather than reduce it.
When AI is deployed without the right underlying data, outputs are unpredictable. Decisions may be made from incomplete context, which leads to inaccurate conclusions or missed threats. While operational data provides the context to identify anomalies like rogue agents, unauthorized automation or suspicious activity, without reliable data at the foundation, AI cannot be a force multiplier, but rather just another source of risk.
While AI is often framed as the “next great cybersecurity challenge,” human behavior remains the most persistent source of risk. Even in more mature security environments, employees still represent the most unpredictable and exploitable factor in the organization.
Phishing, social engineering, credential exposure and unauthorized tool usage are all common entry points for attackers. The rise of easily accessible AI tools has only increased the likelihood of employees interacting with unapproved platforms or unintentionally sharing sensitive information.
Organizations with perfectly patched infrastructure cannot fully eliminate the risk introduced by employee activity. Technology itself cannot solve the problem, as human decisions, motivations and habits change constantly. Even properly trained employees still click on phishing links in a seemingly legitimate email, while others may integrate a new, unsanctioned AI tool to complete their tasks more efficiently. Understanding this level of risk requires more than traditional security alerts. It requires behavioral insight.
Behavioral analysis helps identify patterns in how people interact with systems and data. By providing baselines of “normal” activity, security teams can quickly detect deviations that signal risk. Common indicators like authentication patterns, access behaviors, data movement or system integration can collectively reveal when activity isn’t aligned with expected behavior.
Operational telemetry, like activity across systems, delivers valuable context for building these baselines of normal behavior. Leaders must remember that the real value involves analyzing how actions change over time and what those shifts reveal about potential risk.
In today’s threat landscape, cyber strategies must account for human behavior, potential gaps in training and user intent. These elements are just as critical as technical defenses. Visibility into how people interact with systems often makes a world of difference between detecting a threat early and discovering it only after damage is done.
As organizations adopt AI tools and capabilities, the most effective strategies combine AI insights and human expertise, resulting in a more resilient security posture. Data should be at the center of this strategy as it not only fuels AI performance but also grants security teams the necessary situational awareness to interpret machine-driven behavior insights.
Security protocols driven by knowledge and data become essential in this environment. Organizations need to understand what is happening across their environments, where data is flowing between systems and how people interact with both. Without this shared visibility, security teams risk operating with fragmented intelligence.
Equally important is integration across security tools and platforms. Insights into potential threats are easily lost when systems operate independently. Sharing intelligence across platforms ensures that both humans and AI systems can access better context to work from and operate to their fullest potential as a result. The organizations that can align AI capabilities, human expertise and rich data insights will be in a far better position to identify emerging threats, respond quicker and adapt to evolving risks.
Whether AI or human, data will always be king. Leaders cannot focus solely on chasing the next shiny AI tool. They must account for building stronger situational awareness. Security operations driven by stronger data and clear visibility will always outperform those who build strategies around hype.
Data not only enables organizations to detect threats earlier, respond faster and make informed decisions about how AI should be deployed and governed. It also provides the needed context for managing both machine-driven actions and human behavior. As AI adoption continues, strong visibility across both operational systems and user activity is essential. Whether a threat originates from a human or a machine, the organizations with the best data will always have the strongest defenses.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。