KnowBe4 Japan Survey Reveals Employee Security Awareness Regarding AI Agents

Frequently Asked Questions

Q: What are AI agents?

A: AI agents are AI that autonomously perform tasks. This refers to AI that can perform tasks such as information gathering, schedule management, and data analysis without human instruction.

Q: What are the main security risks associated with AI agents identified in this survey?

A: The main risks identified include leakage of confidential information, infringement of copyrights, etc., and hallucinations (generation of misinformation). Human risks, stemming from human judgment errors or operations in AI use and management, ranked highest.

Q: What is the level of employee understanding regarding the risks of AI agents?

A: Only 30% of respondents answered that employees "understand" the security risks when using AI agents. This figure has remained largely unchanged since last year's generative AI survey.

Q: What is the perception regarding the location of security responsibility for AI agent use?

A: Only 25% of respondents believed that security responsibility for AI agent use lies with "everyone." This suggests a "governance vacuum" where the locus of responsibility is ambiguous.

Q: Is the awareness of threats from AI-enabled cyberattacks increasing?

A: Yes, the percentage of respondents who felt "threatened" reached 83%, an increase from 74% last year. There is heightened vigilance against the AI-driven sophistication of social engineering attacks such as phishing emails, ransomware, and Business Email Compromise (BEC).

Q: What measures are being prioritized to mitigate risks associated with AI agent use?

A: The most frequently chosen measure was "implementation of security education/literacy training," followed by "establishment and dissemination of usage regulations (policies)" and "strengthening access control to agents." Emphasis is placed on human-centric approaches, not just technical measures.