The rise of generative AI is creating new cybersecurity blind spots inside corporations, as IT heads themselves have become one of the biggest risks to their own networks.
A new global report by security firm Arctic Wolf finds that the majority of IT leaders are now feeding sensitive data directly into AI tools.
The company’s 2025 Human Risk Behavior Snapshot, based on a survey of 1,700 IT leaders and employees worldwide, paints a picture of escalating breaches fueled by human behavior rather than external hackers.
“80% of IT leaders and 63% of employees are using generative AI tools for work—60% of leaders and 41% of staff admit to feeding these tools confidential data.”
The data also reveals that confidence among IT leaders for corporate security remains misplaced as they fall for phishing traps.
“Nearly two-thirds of IT leaders and half of employees admit to clicking malicious links, yet three-quarters of leaders still believe their organizations are safe. Alarmingly, 1 in 5 leaders who clicked didn’t report it.”
Adam Marrè, the company’s chief information security officer at Arctic Wolf, warns that the same overconfidence driving risky AI usage is amplifying vulnerability to basic phishing scams.
“The rise of generative AI has created powerful new tools—but also powerful new risks. When leaders are overconfident in their defenses while overlooking how employees actually use technology, it creates the perfect conditions for mistakes to become breaches.”
The survey also finds that organizations taking a corrective rather than punitive approach to employee mistakes saw dramatically lower risk. Firms emphasizing retraining instead of termination reported an 88% reduction in incidents, compared with those threatening dismissal.
Despite rising threats, only 54% of organizations enforce multi-factor authentication across all users, leaving large portions of their systems open to attack.
Disclaimer: Opinions expressed at CapitalAI Daily are not investment advice. Investors should do their own due diligence before making any decisions involving securities, cryptocurrencies, or digital assets. Your transfers and trades are at your own risk, and any losses you may incur are your responsibility. CapitalAI Daily does not recommend the buying or selling of any assets, nor is CapitalAI Daily an investment advisor. See our Editorial Standards and Terms of Use.