How AI Agents Are Redefining the Insider Risk Threat Model

Proofpoint CEO Sumit Dhawan on Applying Human Insider Risk Safeguards to AI Agents Michael Novinson (MichaelNovinson) • March 27, 2026

Artificial intelligence agents behave like humans and carry the same risk profile. They operate non-deterministically and can be manipulated through prompt engineering, so they require a purpose-built integrity framework to govern their behavior, said Sumit Dhawan, CEO at Proofpoint.

See Also: Why Healthcare Faces Rising Risks From Shadow AI

Traditional security controls were designed for Boolean, pattern-based logic. AI agents don't follow predictable paths. That makes behavioral drift detection the operative defense model. Dhawan compared this directly to enterprise insider risk programs: When a human's behavior deviates from its expected pattern, controls escalate. AI agents demand the same mechanism.

"With AI, there is no code of conduct. There's no form of integrity, per se - and it's something that has to be coded up into a technology layer ...