Dubai, United Arab Emirates, June 30th, 2026 – KnowBe4, the global leader in digital workforce security, securing both AI agents and humans, today announced the launch of its new research report, "From Agentic Risk to Human Wins: Building a Culture of Security in the Era of Agentic AI." The findings expose a dangerous reality for modern organisations in the United Arab Emirates and Saudi Arabia: autonomous AI tools are expanding the corporate attack surface faster than security teams can implement guardrails.
With agentic AI now widely embedded in day-to-day work, 84% of cybersecurity leaders in the UAE & Saudi Arabia report that AI agents are already taking actions within organisational workflows. However, a lack of governance is leaving organisations exposed; the report shows that around 1 in every 4 organisations (24%) report their use of AI is unapproved or ungoverned. This unmanaged "Shadow AI" effectively operates as an invisible layer of shadow employees handling sensitive organisational data without oversight.
Key Findings from the Report:
88% of employees in the UAE & Saudi Arabia say that deepfake voice and video content is now so realistic it is impossible to know what to trust and 52% openly admit they could be tricked by a deepfake scam at work.
More than half (54%) of cybersecurity leaders in the UAE & Saudi Arabia report that mistakes during everyday work have had the greatest impact on their organisation’s cybersecurity in the past 12 months. Compounding this, 44% of employees acknowledge that time pressures and workplace distractions actively drive them to make critical security mistakes, even when they know the safe protocol.
36% of cybersecurity leaders in the UAE & Saudi Arabia identify AI-enabled attacks as a key driver of future human-related cybersecurity risks.
41% of employees reported that they commonly source their own agentic AI tools where options are unavailable or restrictive, leaving organisations vulnerable to cyberattacks. Concurrently, 52% of cybersecurity leaders report that the use of unsanctioned software and AI apps has actively impacted their security posture over the past 12 months.
Although 76% of security leaders feel "very well prepared" to handle unexpected or emerging AI-driven threats over the next year, 84% of them confirmed that improvements are still needed to ensure AI tools and agents operate within organization’s security policies and approved risk limits.
The report shows that organisations making progress are those who prioritise cybersecurity as a culture over a mere function, seamlessly incorporating secure behaviours into daily work. These organisations are creating environments where employees feel safe reporting mistakes, with 82% of employees agreeing.
"Cybersecurity has entered a volatile phase where organisations are trying to secure a hybrid human and AI workforce that’s changing more quickly than security leaders can keep up," said Dr. Martin Kraemer, CISO Advisor at KnowBe4. "Attackers are moving at machine speed, using attacks such as deepfakes to target employees and prompt injections to hijack AI agents. Leaving almost a quarter of your corporate AI usage ungoverned is a massive open invitation to threat actors."
The "From Agentic Risk to Human Wins: Building a Culture of Security in the Era of Agentic AI" report concludes that achieving "Wins" requires organisations to design systems that guide behaviour, build supportive cultures, and shift from tracking failures to reinforcing positive actions, and extending a security-first mindset across both AI agents and humans.
Download the UAE & Saudi Arabia data insights here and the Global report here.
This research is based on a global survey conducted by Vanson Bourne, polling 4,000 professionals: 800 security decision makers and 3,200 employees, across the Americas, EMEA, and APJ regions, representing organizations with 250 or more employees.
KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.
More info at www.knowbe4.com. Follow KnowBe4 on LinkedIn and X.
Media Contact: knowbe4@activedmc.com