r/Kiteworks

Just read through SailPoint's "" and the numbers around AI agent security are concerning.

Key findings from the report:

• Non-human identities outnumber human ones 45:1 in enterprise environments

• Only 39% of organizations have governance controls for AI agents

• 35% expect AI agent growth over 30% in next 3 years

• Average breach cost when AI agents compromised: $4.9M

• 60% of orgs say non-human identities pose greater risk than humans

The maturity gap is real:

• 63% of organizations still in early stages (Horizons 1-2)

• Only 10% reached advanced levels (Horizons 4+)

• Even advanced orgs report 44% have data quality gaps affecting security

What's working according to the report:

Identity Management: Moving from static API keys to dynamic credentials (OIDC) with regular rotation

Behavioral Monitoring: Establishing baselines for normal AI agent activity and flagging deviations

Access Controls: Just-in-time permissions instead of persistent access, that consider what data is being accessed, not just who's asking

Results for mature organizations:

• 80% more likely to have fewer audit findings

• 70% risk reduction in security incidents

• 90% more likely to see productivity improvements

• 10x ROI on identity security investments

Industry breakdown: Healthcare advancing fast (regulatory pressure), manufacturing lagging (61% in basic stage), financial services struggling with audit requirements for AI trading systems.

The report emphasizes that retrofitting security gets exponentially harder as AI populations grow. Organizations implementing governance now see faster AI deployment since security is built-in rather than bolted on later.

Anyone else seeing similar patterns in their environment? We're definitely seeing the but governance is playing catch-up. Curious how others are handling the human accountability aspect -- every AI needs an owner but that's easier said than done at scale.

Financial services executives love to promote their “innovation stories.” New platforms. Smarter analytics. Faster decision-making. But the cuts through the hype with a number that should make every customer and regulator nervous: only 7% of financial firms fully monitor their data systems once they go live.

That means 93% of the industry is operating blind. And in an environment where trillions of dollars and millions of sensitive records are at stake, that’s not a gap—it’s a crisis.

The blind spot no one wants to talk about

Without real-time monitoring, systems drift, bad data creeps in, and attackers exploit openings long before anyone notices. The report also shows that:

• 62% of executives say their systems are unpredictable at scale.

• 58% admit they hit storage and processing limits.

• More than a third say they can’t track systems in real time at all.

If you can’t see what your systems are doing, you can’t control them. And if you can’t control them, you can’t protect customers.

Compliance chaos

It gets worse. Only 12.7% of firms have fully integrated compliance standards into daily operations. The rest are juggling what insiders call “101 different standards”—fragmented policies spread across departments.

Yes, many firms have created governance committees. But most are less than two years old, underfunded, and lack authority. That’s not governance—it’s compliance theater. Regulators won’t tolerate that for long.

Privacy slipping through the cracks

Customers already sense the fragility. 57% of financial leaders say breaches are their biggest fear. Nearly two-thirds admit they worry about systems misbehaving in production and exposing sensitive data. Vendor systems and multi-platform connections only make it worse.

Privacy is more than encryption or a policy statement. It’s about controlling data flows, auditing every transaction, and ensuring customers aren’t blindsided when things go wrong. Right now, too many firms are failing that test.

Misalignment draining value

Even when projects get off the ground, most don’t deliver what the business actually needs. Less than 6% of executives say their initiatives fully align with business goals. Meanwhile, 72% admit business and IT fail to collaborate effectively.

The result: millions wasted solving the wrong problems while critical risks remain untouched. Misalignment isn’t just inefficiency. It’s risk dressed up as progress.

The way out: unified platforms

Here’s the upside: more than 75% of executives believe unified platforms can increase ROI by 50% or more. The key is eliminating silos and enforcing accountability through a central backbone.

That’s where a with an comes in. The network provides the secure environment. The gateway acts as the checkpoint, controlling who sees what, redacting sensitive information, and logging every move for regulators. Together, they replace fragmentation with discipline.

Industry weak link

When only 7% of firms monitor their data systems, the financial sector is gambling with security, compliance, and customer trust. Add the fact that most executives openly fear breaches, and the message is clear: the industry knows its weaknesses—it just isn’t fixing them.

The choice is simple: keep building flashy systems without oversight and hope nothing breaks, or enforce standards, monitor continuously, and unify platforms before it’s too late.

The new Ponemon Institute " just dropped, and the findings are making me rethink everything about enterprise security. Turns out we've been looking in the wrong direction this whole time.

The headline stat that surprised us: 45% of file security breaches come from insider threats. Not external hackers. Not nation-state actors. The people we give badges and passwords to every morning.

Numbers That Keep CISOs Up at Night

• Average cost: $2.7 million in total damages over 2 years

• Average incidents per org: 8 over the same period

• Detection time: 60% of organizations can't spot these threats within a WEEK

• File transfer confidence: Only 39-42% feel secure during uploads/transfers/sharing

Here's what's really happening: The negligent insider is more dangerous than the malicious one. These aren't corporate spies -- they're employees emailing databases to personal Gmail accounts to "work from home." They're using Dropbox because your approved file sharing has a 10MB limit. They're creating shadow IT workarounds because your official tools make their jobs harder.

Where Traditional Security Falls Apart

Visibility Crisis: 39% of organizations admit they lack basic visibility into file access. You literally can't protect what you can't see.

The Transfer Trap: Every time a file moves - from internal storage to email, from email to external partner, from partner to wherever -- it's vulnerable. Most orgs have different security controls (or none) at each stage.

Malware Evolution: The top threats aren't sophisticated:

• Macro-based malware (44%)

• Zero-day/unknown malware (43%)

• Ransomware (39%)

They don't need to be sophisticated when employees invite them in by opening "important" spreadsheets.

Compliance Theater

Organizations juggle SOX (27%), (25%), (23%), (21%), and more. Yet only 51% say they're effective at compliance.

The real kicker? 46% measure security success by whether they avoid fines, not whether they prevent breaches. That's like measuring your health by whether you've been to the doctor, not whether you're healthy.

AI: Making Everything More Complicated

The report shows organizations are split:

• 33% have integrated AI for security (brave souls)

• 25% have formal GenAI policies (trying to be responsible)

• 29% ban GenAI outright (probably smart, honestly)

Every prompt to ChatGPT is a potential data leak. But banning AI just drives . Organizations implementing AI need prompt scanning (41% do this), data masking (38%), and strict guardrails (35%).

What Actually Works: The Private Data Network Approach

The organizations getting this right aren't adding more security tools -- they're rethinking the whole architecture. A creates one secure environment for all sensitive data movement instead of trying to secure dozens of channels separately.

Key components:

• Unified data governance: One set of rules, everywhere

• Integrated DLP at network level: Protection built into data flow, not bolted on

• Zero-trust verification: Every access validated in real-time

• Behavioral analytics: AI watching for anomalies in user behavior

This isn't about not trusting employees. It's about acknowledging that insider threats exist - whether through malice, negligence, or compromised credentials - and building systems that protect against them without making work impossible.

Bottom Line for 2025

Perimeter security is dead when half your threats already have legitimate access. The future belongs to organizations that understand insider threat protection is an architecture, not a product.

Three immediate actions from the report:

1. Audit your file visibility -- you're probably blind to more than you think

2. Map actual user workflows -- find out how work really gets done

3. Identify your riskiest processes -- what would hurt most if compromised?

The full report is worth reading if you're in security, IT, or leadership. Your next breach is probably already in motion, carried out by someone you're paying. The question is whether you'll see it coming.

TL;DR: 45% of breaches come from insiders, cost $2.7M over 2 years, take a week+ to detect. Traditional security misses insider threats completely. with integrated DLP and behavioral analytics are the only architecture that addresses the real threat landscape of 2025.