Cybersecurity startup Living Security says enterprises are reaching a turning point in how they manage the human layer of cybersecurity, as AI-powered social engineering and phishing campaigns accelerate the pace of attacks.
The Austin-based company this week announced the launch of a Human Risk Management (HRM) Purchasing Toolkit, designed to help CISOs and governance teams evaluate and deploy HRM strategies as organizations confront increasingly automated threat campaigns.
According to Living Security, AI-generated phishing, deepfake impersonation, and automated social engineering tactics are compressing the traditional cyberattack timeline. Compromise, credential abuse, and lateral movement that once unfolded over weeks can now occur in hours.
Traditional security awareness training under pressure
Research cited by the company from the Cyentia Institute’s 2025 State of Human Cyber Risk Report suggests many organizations lack visibility into workforce-driven risk.
The report found that organizations relying solely on traditional security awareness training maintain visibility into only 12% of human risk activity, highlighting what analysts describe as a growing gap between training-based approaches and real-time threat behavior.
Further findings suggest risk exposure is often concentrated among a small portion of users: 10% of employees account for 73% of risky behavior inside organizations, according to the research.
For security leaders, that concentration is shifting attention away from broad training campaigns toward targeted monitoring and intervention.
AI expands the workforce attack surface
The issue is becoming more complex as generative AI tools become embedded in enterprise workflows. In addition to human employees, organizations increasingly operate with AI agents and automated systems that can access data and perform actions on behalf of users.
That shift expands potential risk exposure beyond phishing clicks to include identity misuse, automated decision errors, and unintended data access.
Industry forecasts for 2026 suggest organizations will need to move beyond awareness metrics and adopt continuous risk measurement frameworks that monitor workforce behavior and access patterns in real time.
Ashley Rose, CEO and co-founder of Living Security, said the company sees this transition already underway among enterprise security teams.
“AI has industrialized social engineering,” Rose said in a statement. “Without continuous human risk intelligence, organizations are operating reactively. HRM brings measurable governance to the human layer of cybersecurity.”
A new category is emerging in enterprise security
Human Risk Management has increasingly been recognized as its own cybersecurity category by analysts. In The Forrester Wave: Human Risk Management Solutions Q3 2024, Living Security was named a leader among HRM vendors.
The company’s platform combines behavioral telemetry, identity signals, and threat intelligence to score workforce risk and trigger automated security interventions.
Living Security says enterprise deployments using its platform have reduced high-risk user exposure within the first 90 days, although independent verification of those results was not provided in the announcement.
A toolkit for CISOs evaluating HRM
The newly launched HRM Purchasing Toolkit aims to help security leaders operationalize the shift from awareness programs to measurable workforce risk governance.
The toolkit includes:
- An HRM maturity framework and readiness assessment
- An executive business case with ROI modeling guidance
- RFP and vendor evaluation templates
- A 90-day deployment playbook
- GDPR and works council consultation templates for EU organizations
The company says the toolkit is designed for CISOs, GRC teams, and board-level stakeholders seeking structured guidance for evaluating HRM platforms.
The bigger shift
As AI-driven threats continue to reshape the cybersecurity landscape, many security leaders argue that the human layer of enterprise infrastructure — employees, contractors, and increasingly AI agents — is becoming the most critical attack surface.
For vendors like Living Security, the next phase of cybersecurity may depend less on perimeter defenses and more on continuous behavioral risk intelligence across the workforce.
