惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园 - 【当耐特】
Help Net Security
Help Net Security
P
Proofpoint News Feed
J
Java Code Geeks
爱范儿
爱范儿
Last Week in AI
Last Week in AI
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
F
Full Disclosure
Google DeepMind News
Google DeepMind News
H
Help Net Security
G
Google Developers Blog
Jina AI
Jina AI
Vercel News
Vercel News
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
L
Lohrmann on Cybersecurity
S
Schneier on Security
Microsoft Azure Blog
Microsoft Azure Blog
IT之家
IT之家
Security Archives - TechRepublic
Security Archives - TechRepublic
阮一峰的网络日志
阮一峰的网络日志
N
News and Events Feed by Topic
GbyAI
GbyAI
B
Blog
O
OpenAI News
博客园_首页
Cisco Talos Blog
Cisco Talos Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Hacker News: Ask HN
Hacker News: Ask HN
TaoSecurity Blog
TaoSecurity Blog
腾讯CDC
MongoDB | Blog
MongoDB | Blog
M
MIT News - Artificial intelligence
C
Cybersecurity and Infrastructure Security Agency CISA
Cyberwarzone
Cyberwarzone
Webroot Blog
Webroot Blog
Simon Willison's Weblog
Simon Willison's Weblog
Y
Y Combinator Blog
C
Cisco Blogs
A
Arctic Wolf
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
T
The Exploit Database - CXSecurity.com
Security Latest
Security Latest
AI
AI
W
WeLiveSecurity
aimingoo的专栏
aimingoo的专栏
The Register - Security
The Register - Security
Project Zero
Project Zero
H
Hackread – Cybersecurity News, Data Breaches, AI and More
N
Netflix TechBlog - Medium
Blog — PlanetScale
Blog — PlanetScale

The Last Watchdog

News alert: Reflectiz partners with Taboola to host webinar on AI-driven marketing security risks | The Last Watchdog News alert: OpenMatter launches platform to verify AI activity across enterprise systems | The Last Watchdog News alert: SpyCloud report finds phishing surge exposing employee data at Fortune 100 companies | The Last Watchdog News alert: Heimdal study finds executives are more confident than frontline IT teams on AI risk | The Last Watchdog News alert: Aembit secures Copilot Studio agents with identity-based access controls and audit trails | The Last Watchdog News alert: GitGuardian adds endpoint protection as developer laptops become credential troves | The Last Watchdog News alert: Varist announces AI-scale malware detection for healthcare and medical imaging | The Last Watchdog News alert: Cloud security report finds fragmented tools widening the cloud complexity gap - The Last Watchdog News alert: Halo Security recognized for helping MSPs manage customers’ external attack surfaces - The Last Watchdog FIRESIDE CHAT: Deepfakes exploit human emotion, making employee reflex training essential - The Last Watchdog News alert: TVC Analyst Group names 12 vendors to watch ahead of Gartner’s security summit - The Last Watchdog GUEST ESSAY: AI pipelines are shattering network security — most companies haven’t even noticed yet - The Last Watchdog GUEST ESSAY: AI can speed up communication, but it can also weaken human connection - The Last Watchdog News alert: Orchid Security study finds invisible identities now outnumber managed accounts - The Last Watchdog LW ROUNDTABLE: Microsoft Edge normalizes credential exposure — security pros push back - The Last Watchdog FIRESIDE CHAT: Cyber insurers deepen SMB security role as supply chain attacks spread - The Last Watchdog News Alert: Lyrie.ai joins Anthropic verification program, unveils protocol for securing AI agents - The Last Watchdog
MY TAKE: AI agents force a rethink of enterprise service lines as vendors move up the tech stack - The Last Watchdog
2026-05-19 · via The Last Watchdog

By Byron V. Acohido

ORLANDO — Companies are pulling AI agents into their daily operations through a dozen side doors.

Related: SaaS and AI agents converge

One of them was in focus at KB4-CON, KnowBe4’s annual customer conference at the Marriott World Center here last week.

The Clearwater, Fla.-based cybersecurity training vendor used the conference to lay out a pivot from a training-focused company to a workforce security platform — built through extending its core services to adjacent IT operations.

The logic holds. It’s a way to help its existing customer base leverage AI to streamline vital employee training and also boost protective filtering of company email.

But that’s just the starting line, CEO Bryan Palma told me. The company is stepping forward to help companies mitigate the cascading risks of a hybrid workforce where humans and AI agents share the same workflows.

“People say the agentic era is comparable to the Industrial Revolution. I think it’s true,� said Palma, who took over as CEO in May 2025. “It’s probably one of the biggest inflection points in humanity. For KnowBe4 that’s a lot of fun. We’ve been anticipating it.�

Training becomes orchestration

KnowBe4 spent 15 years selling security awareness training. It now sells agentic email security alongside it, with the email product feeding behavioral data back into the training engine. Agent Risk Manager, launched April 30, extends the platform into governing the AI agents customers are deploying to handle routine tasks across HR, finance, IT administration and customer support.

KnowBe4 is deploying AI agents on both sides of its own business. On the vendor side, agents build phishing simulation modules, update training content, and personalize delivery to individual employees. For customers, agents handle the routing and configuration work that the old training model imposed on IT administrators.

Alex Ziegelmeier, walking me through the product on the exhibit floor Wednesday, was specific about how the customer-side automation works. Aida Orchestration, the company’s training-side agent layer, picks the training modules, builds the phishing simulation templates, schedules the deployment and personalizes the content per employee — work that used to require a human administrator.

“The AI running the platform is more effective than a human administrator,� Palma said in a Thursday interview. “That’s what we’re finding.�

The new risk equation

KnowBe4 appears to be in the vanguard of B2B vendors recognizing an opportunity that did not exist before generative AI arrived in late 2022. The opening is to apply AI’s force-multiplier capacity in two directions — rebuilding how the vendor itself operates, and guiding customers through the same retooling across the dozens of functions where AI agents are now landing.

The market backdrop helps explain the urgency. Deloitte’s 2026 State of AI in the Enterprise report found agentic AI deployment accelerating sharply, with only about one in five companies operating a mature governance model for autonomous agents. A KPMG survey found 75 percent of enterprise buyers rank security, compliance and auditability as the most critical requirements for agent deployment. A fraction say they have the controls in place.

The analytical case for why a training vendor is now selling agent governance came from Perry Carpenter, KnowBe4’s chief human risk management strategist, in a Wednesday interview.

“Human risk management is an incomplete equation,� Carpenter said, “because of the addition of agentic AI.� AI agents, he argued, carry many of the same vulnerabilities humans do. They can be socially engineered. They can act on poisoned inputs. They can operate with excessive privilege.

What changes is speed. “When a human makes a mistake, they do it at human pace and human scale,� Carpenter said. “When an AI agent makes a mistake, it does it at agent scale.�

Exposures on the rise

The attack surface side of the equation confirms the timing. Chris Wallis, CEO of Intruder, attended KB4-CON as an exhibitor and gave me an unvarnished read Thursday morning. CVE counts are on track to hit 60,000 this year, up from roughly 50,000 in 2025.

That is before counting API exposures, orphaned services and unmanaged agent footprints that do not make the official list. Attackers are using AI to scale their operations the way enterprises are using it to scale theirs. “Anytime the difficulty level goes down for the attacker, it’s bad news for defenders,� Wallis said.

Recent intrusions illustrate the human-channel exposure. The Shiny Hunters group worked breaches at Google and Canvas (Instructure’s learning management platform) by calling employees, claiming to be from IT, and walking them through credential resets, Wallis noted. The technical defenses held. The humans on the phone did not.

A 2026 Gravitee State of AI Agent Security report found 88 percent of organizations reported confirmed or suspected AI agent security incidents in the last year. A separate Writer enterprise survey found 39 percent of companies have no formal strategy for AI adoption. Thirty-five percent are not confident they could pull the plug on a rogue agent if one started causing damage. Thirty-five percent are not confident they could pull the plug on a rogue agent if one started causing damage.

The platform pull

What KnowBe4 is doing is not unique to security training. Workday is running the same play in HR and finance, with internal AI agents accelerating product development and external agents handling scheduling, accounting and supplier contracts for customers. ServiceNow has told the market its internal AI specialist resolves IT service desk cases 99 percent faster than human staff and is shipping the same capability to customers across IT operations, HR, finance and procurement.

Every category that has spent the last decade serving as a necessary line item is staring at the same choice. Rebuild around AI-driven internal operations and extend the retooling into adjacent governance work, or watch the line item get rationalized into someone else’s platform in the next procurement cycle.

Whether KnowBe4 executes depends on decisions Palma’s team will make in the next 18 months. But the opening is real. Orlando offered a working preview of how AI agents are likely to reshape other necessary line items across the enterprise.

Seems very likely the pattern is about to show up a lot of other places. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(Editor’s note: I used Claude and ChatGPT to assist with research compilation, source discovery, and early draft structuring. All interviews, analysis, fact-checking, and final writing are my own. I remain responsible for every claim and conclusion.)

May 18th, 2026 | My Take | Top Stories