Artificial intelligence agents are turning agent risk management into a frontline security priority.

As digital workers begin touching email, financial systems, collaboration tools and business workflows, enterprises need more than traditional awareness training or endpoint defense. KnowBe4 Inc. is framing the shift around a bigger visibility problem: knowing which agents are operating inside the business, what they can access, which processes they support and whether the right guardrails are in place. That push is forcing security teams to treat AI agents less as tools and more as accountable participants in the workforce, according to Scott Hebner, principal analyst at theCUBE Research.

“We just ran an agentic AI futures index, and one of the questions we asked was, ‘As a leader, do you feel you’re the last to actually manage a human-owning workforce?’ Ninety-two percent said yes,” Hebner said. “At the same time, only 49% had a high degree of trust in the agents that are going to be running the organization, yet only 29% actually had a trust and governance framework in place. [If] there was one word I would describe the state of enterprise AI right now, it is the word trust.”

Hebner hosted theCUBE’s exclusive coverage of KB4-CON, KnowBe4’s annual user conference, during a broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. The conversations explored how agent risk management, AI trust and human-centered security are converging as enterprises prepare for a digital workforce built around both people and AI agents. (* Disclosure below.)

Insight #1: Agent risk management is redefining workforce security

KnowBe4 is positioning agent risk management as the next layer beyond security awareness and human risk management. The shift reflects a broader enterprise need to identify which agents are active, understand what systems they touch and apply policy before automation becomes another unmanaged attack surface, noted Bryan Palma, (pictured), chief executive officer of KnowBe4.

“[AI Defense Agents] allows our customers to leverage AI in our platform,” he explained in an interview with theCUBE. “You have an administrator that does all the work, they put groups together, they determine who’s going to get … what training. Now, that can all be done by an AI agent. Interestingly, we have about 1,400 customers now on the AIDA platform. What we’re seeing is that the risk score of the individuals in the company is about four points lower. What that means is that the AI is better at prescribing the training and outlining the system than a human is. That’s the offense side of it. And then the defense side of it is agent risk management.”

That defensive layer depends on visibility before control, Palma continued. For enterprises adopting agents quickly, the first practical hurdle is inventory, followed by mapping permissions, workflows and connections so humans can trust what agents are doing.

“We want to make sure that our customers are able to identify those agents, and then we map what processes are they using, what they call MCPs, what are they connecting to,” he said. “The final step is we help put some policy and guardrails about what the agents can and can’t do. We also keep them up to date with the latest training to make sure they don’t become a vulnerability.”

Here’s the complete video interview with Bryan Palma:

Insight #2: Risk scoring is expanding from humans to agents

Risk scoring is evolving beyond individual behavior to account for the broader realities of hybrid human-agent work. As AI tools gain permissions, memory and workflow responsibilities, security teams need clearer signals around what agents can access, how they interact with people and where they may introduce new exposure, emphasized Matt Duren, vice president of AI and data at KnowBe4, in a discussion.

“As we’re building out new products, new agents, new capabilities, one of the ones I’m most excited about is our new agent risk manager product,” he said. “We have a lot of new signals that are going to be coming into the risk score from that. It’s currently in a tech preview. We’re excited to get some folks using it and see how we can better protect their entire workforce.”

Explainability also becomes part of the security model. If AI-driven risk scores are going to guide training, governance and agent oversight, customers need to understand why a score changed and what actions reduced or increased risk, Duren explained.

“We have a new feature coming out fairly soon that will have analysis of the risk score, recommendations and insights as to why it changed, gone up, gone down on an individual level, on an entire company level,” he said. “We’re actually able to expose that through leveraging AI and give our customers a good understanding of what their risk landscape actually looks like.”

Here’s the complete video interview with Matt Duren:

Insight #3: AI is closing the gap between scanning and pen testing

Vulnerability management company Intruder Systems Ltd.’s perspective adds another layer to the agent risk conversation: AI is expanding the attack surface while also changing how defenders assess exposure. Traditional scanning can find issues, but AI-driven pen testing can add context and help organizations understand which risks matter most, according to Chris Wallis, chief executive officer and co-founder of Intruder.

“The AI can start to understand your whole attack surface and start to reason about it in ways that previously would’ve taken a human to do,” he told theCUBE. “What AI is really doing now is closing that gap between what a pentest is and what scanners have been able to do in the past.”

As more teams create applications, agents and AI-enabled workflows, the exposed surface becomes harder to track with older methods alone. AI pentesting is a way to make deeper investigation more accessible without eliminating the need for human expertise, Wallis pointed out.

“We’re not saying don’t do pentesting,” he added. “I think a lot of companies are still going to do their annual pentest and that’s going to remain an important part of the people’s security assurance program. What it does is it allows them to have more access to that more frequently. It closes the gap between a pentest and a scan.”

Here’s the complete video interview with Chris Wallis:

Insight #4: Shadow AI is becoming the new governance challenge

KnowBe4’s product evolution reflects a broader enterprise pattern in which new tools often spread faster than governance frameworks can mature, observed  Greg Kras, chief product officer of KnowBe4. As workers adopt AI agents and specialized tools across daily workflows, organizations need clearer visibility into shadow AI before it creates security, privacy or compliance exposure.

“The amount of questions that people have probably outweighs the answers and that’s where agent risk management comes in … which is what’s out there so that you can identify these things,” he said. “Right now as a company, you’re going to not do well if you shun AI because your competition is going to just eat your lunch because they’ve got this superpower. Same thing applies if you just open the doors without having any governance or control, you don’t know what’s happening in there. You’ve got to be able to identify these things and take action on that.”

As AI agents become easier to create and deploy, the governance problem is no longer limited to approved tools or known workflows. The bigger concern is that agents can multiply, connect to new systems and take on delegated tasks in ways that make visibility harder for security teams.

“The fact that agents can beget agents, it becomes very interesting,” Kras said. “If you think of traditional human staffing, you usually know when you have a new person on your team, but with agents, an agent could spin up another agent or ingest an MCP that may or may not be what they should be doing. It’s interesting times for sure.”

Here’s the complete video interview with Greg Kras:

To watch more of theCUBE’s coverage of KB4-CON, here’s our complete event video playlist:

(* Disclosure: TheCUBE is a paid media partner for KB4-CON. Neither KnowBe4, the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE