Proofpoint’s inaugural 2026 AI and Human Risk Landscape report finds rapid AI adoption—87% of organizations have AI assistants beyond pilot and 76% are rolling out autonomous agents—while security integration lags, with only 48% embedding security in AI strategy from the start. The report highlights gaps between deployed controls and confidence, multi‑channel AI-related incidents (email, SaaS, AI assistants, collaboration tools), and specific threats including OAuth consent abuse and prompt injection #Proofpoint #OAuthConsentAbuse
Keypoints
- 87% of organizations report AI assistants deployed beyond pilot, and 76% are actively rolling out autonomous agents, indicating fast AI adoption.
- Only 48% of organizations embedded security into their AI strategy from the start; many describe their posture as catching up, inconsistent, or reactive.
- Over 90% have AI security funding, but existing controls were often built for pre‑AI threat models and may not address new risks.
- 63% report having AI security controls, yet 52% are not fully confident those controls would detect a compromised AI; half of organizations with controls still experienced an AI-related incident.
- AI-related threats are multi‑channel: 67% see activity in email, 57% in SaaS/cloud apps, 53% in AI assistants/agents, and 49% in collaboration tools, social platforms, or file-sharing.
- Investigation readiness is low: only about one‑third feel fully prepared to investigate AI/agent incidents; 94% find managing multiple security tools at least moderately challenging, and 41% cannot correlate threats across channels.
MITRE Techniques
- [None ] No MITRE ATT&CK technique IDs (Txxxx) were explicitly mentioned in the article.
Indicators of Compromise
- [IP addresses ] None provided – the article does not list any IP address examples.
- [File hashes ] None provided – no file hashes are included in the summary.
- [Domains ] None provided – the article does not supply domain examples.
- [Other observable threats ] Behavioral indicators mentioned as examples rather than technical IOCs – OAuth consent abuse, AI-built phishing infrastructure, prompt injection (no specific artifacts, hashes, domains, or IPs listed).