Research Perspective

The Interpretation Gap

The security industry spent billions on visibility and detection. In the age of agentic AI, the real challenge isn't seeing what happened. It's understanding why it matters.

Jason Hoenich
April 2026
12 min read

Something Just Changed

Security teams have spent years chasing visibility. More signals, more dashboards, more alerts. And for most of the last decade, that was the right fight. You can't protect what you can't see. But we've crossed a threshold, and most of the industry hasn't caught up to what that means.

A compromised account can do things it's allowed to do. A rogue AI agent can follow the rules it was given. A bad outcome can look completely normal in the logs. That means the question is no longer just "Can we see what happened?" but "Can we understand the intent, the context, and the risk behind behavior that appears legitimate?"

Three forces are converging right now that make this urgent:

$201.9B
Projected enterprise spend on agentic AI in 2026
80%
Of enterprises will have AI agents in production by year-end (Gartner)
$3.6B
Raised by agentic AI security startups through Q1 2026
300+
Behavioral signals analyzed by leading HRM platforms today

AI agents are creating a new attack surface that expands faster than security teams can monitor. Detection platforms are ingesting more signals than ever. And the operational work of running a security awareness program is being automated out from under the people who do it.

Everyone is building faster detection. Almost nobody is building interpretation.

What the Market Is Actually Building

The human risk management space has moved fast. If you haven't looked at it closely in six months, you're behind. Here's what's shipping right now, and what each approach gets right and wrong.

KnowBe4 AIDA

8 AI agents

The Orchestration Agent (Feb 2026) autonomously creates, schedules, and manages personalized phishing tests and training. Adapts to each user's risk profile using 316 indicators. Claims 3x risk reduction vs. non-AIDA customers. They're calling it "the first fully autonomous agent for human risk management."

The approach: Automate the entire campaign operations layer. Get the human out of the loop on the repetitive work. Strength is scale and installed base. Weakness is depth -- those 316 indicators are primarily interaction data (clicks, completions, timing), not behavioral science.

The AI-Native Entrants

$31M-$136M raised

A new wave of well-funded startups is approaching human risk from the AI-native side. Behavioral indexes synthesizing signals across identity, access, cloud, endpoint, and productivity systems. Auto-generated interventions: video briefings, nudges, two-way chats. Real-time deepfake simulations across voice, video, and SMS. One company reported 13x faster behavior change and 85% phishing click reduction in enterprise A/B tests.

The approach: Build the intervention engine. Use AI to generate, personalize, and deliver the right nudge at the right time. Strength is speed and measurable results. Weakness is dependency on other systems for signal input and limited behavioral science depth.

Behavioral Science Platforms

70+ behaviors mapped

The most intellectually rigorous approach. Platforms built on dedicated security behavior databases, measuring 70+ specific behaviors across eight scientifically validated risk dimensions. Culture assessment through surveys alongside behavioral data. AI advisors built on a decade of proprietary data combined with 30+ years of behavioral science research.

The approach: Understand why people do what they do, not just track what they click. Strength is genuine scientific foundation. Weakness is that measured behavior only covers instrumented systems, and surveys measure stated beliefs -- not actual ones.

Cognitive Security / Real-Time

Early stage

The newest entrants are moving the intervention point from after the incident to before it. Real-time behavioral observability with browser-level enforcement. Just-in-time nudges when someone is about to share sensitive data with a GenAI tool or interact with a SaaS app in a risky way.

The approach: Don't train people after they make a mistake. Intercept the behavior in the moment. Strength is the shift from reactive to preventive. Weakness is narrow scope -- you can only intercept what you can instrument.

Every one of these companies is automating a piece of what the security awareness practitioner does today. And none of them are building tools for that practitioner. They're building tools that go around them.

Five Things Nobody Is Solving

1. Organizational Context

Every platform collects signals from systems. None of them collect signals from the organization itself. Culture, politics, informal authority structures, project dynamics, relationship networks, strategic priorities -- this is the context that gives behavioral signals meaning.

When someone accesses a system they're allowed to access, the only way to flag it as suspicious is knowing it contradicts their current project scope, their team's priorities, or their relationship graph. No amount of behavioral ML generates that context from login timestamps and API calls.

The leading platforms learn your org's policies. But policies are the org chart version of security. The real organization runs on relationships, projects, informal authority, and unwritten rules. That's where intent lives. No platform captures it.

2. The Interpretation Layer

The output of every HRM platform in 2026 is a risk score, a confidence number, and a recommended action. The CISO or analyst must still interpret what that means in their specific context. Is a 78 risk score bad? Compared to what? Does this anomaly matter given what's happening in the business right now?

The platforms generate answers. Nobody is helping organizations develop the judgment to evaluate those answers.

3. Agent Intent Delegation Chains

When Agent A delegates to Agent B which calls Agent C, intent degrades at every hop. It's a telephone game. Current platforms monitor individual agents and measure blast radius. But blast radius is a static metric.

The real question: when an agent acts on behalf of a human, through a chain of delegated authority, does the resulting action align with what the organization actually intended? Agents don't have intent. They have instructions. The security model for something with instructions is fundamentally different from the security model for something with intent. Nobody in the market is making this distinction cleanly.

4. Measurement Validity

Click rates go down because people learn to spot the simulation, not necessarily because they develop security judgment. Culture surveys measure what people say they believe, not what they actually believe. Intervention response rates measure behavior within the platform, not whether behavior changed in unmonitored contexts.

The entire industry is optimizing for measurable behavior change without a reliable way to validate that the measurements map to actual security outcomes. The vendor dashboard doesn't tell you what matters. An AI-powered vendor dashboard still doesn't tell you what matters -- it just sounds more convincing.

5. The AI-Watching-AI Problem

We now have AI making risk decisions about other AIs. ML models monitoring ML agent behavior. AI agents managing human risk from AI agents. At some point this recursion needs a human trust anchor. But humans can't operate at agent speed.

The answer isn't "put a human in the loop for every decision." It's giving humans a structured framework for judgment that lets them set the parameters, validate the reasoning, and intervene at the right abstraction level. That framework doesn't exist yet in any commercial product.

What Happens to the People Doing This Work

This is the part nobody in the vendor community wants to talk about directly, so I will.

The operational work of running a security awareness program -- selecting phishing templates, scheduling simulations, assigning training, tracking completion, pulling reports -- is being automated right now. Not "will be automated." AIDA Orchestration shipped in February. The content creation side (training materials, awareness campaigns, internal newsletters) is next. AI content generation is a core feature of every platform in 2026.

That work represents the majority of what most security awareness practitioners do day-to-day. Especially at organizations that are still in the compliance-driven, completion-rate-focused stage of program maturity. Which, according to Forrester's own framework, is most organizations.

So what happens?

01

The Role Shrinks to Oversight

The practitioner becomes a "program owner" who configures the AI, reviews outputs, approves major decisions, and handles exceptions. Think of how marketing automation changed the email marketing coordinator role. The person went from manually building campaigns to reviewing what Marketo generated. The title changes. The work gets thinner. The risk is that judgment atrophies because you're reviewing, not deciding.

02

The Role Evolves Into Strategic Advisory

The practitioner stops managing campaigns and starts managing human risk as a business function. They sit in meetings with HR about onboarding design. They advise the CISO on how organizational changes affect the threat surface. They translate between security's technical reality and the rest of the organization's operational reality. This is the Forrester/Gartner SBCP vision. It's also aspirational for most: only 13% of organizations have a fully operational Security Behavior and Culture Program, and 68% say getting executive buy-in for SBCP is harder than for traditional awareness training.

03

The Role Disappears and the Work Gets Distributed

If AI runs the simulations, generates the interventions, and produces the reports, the remaining relationship work gets absorbed. HR handles the onboarding security component. Comms handles campaigns. IT handles integration. The CISO handles executive relationships. No single "awareness program manager" because there's no single program to manage. This already happens at organizations under 1,000 employees. AI makes it viable at larger ones.

The uncomfortable truth: many practitioners ended up behind the dashboard because that's where they were comfortable, and the dashboard work was the only thing justifying their existence to leadership. If the AI takes the dashboard work, some will level up into strategic advisors. Others will be exposed.

What Survives Across All Three Scenarios

Regardless of which future plays out, certain capabilities remain valuable. Organizational psychology -- not as academic theory but as practical navigation of how decisions actually get made. Data interpretation -- not pulling reports (that's automated) but the judgment to say "this metric is improving but the underlying behavior hasn't changed, here's why." Stakeholder translation -- reframing a risk finding in language that HR, Legal, or the CFO will act on. Strategic program design -- accounting for culture, politics, and constraints that no platform models.

Those are all skills that are hardest to develop, hardest to assess, and hardest to hire for. They're also the skills that no certification program teaches and no vendor platform develops.

The Behavioral Science Question

There's a counterargument to everything I've said about the practitioner's value, and it deserves a fair hearing.

The most sophisticated platforms in the market have built their entire approach on genuine behavioral science. Databases mapping 70+ security behaviors to real-world risks. Eight measurement dimensions scientifically validated as predictors of human cyber risk. AI advisors built on decades of research in behavioral economics and cyberpsychology. Culture assessment that goes beyond training completion to measure how people think, feel, and approach security.

If this works as designed, it means the "understanding why people do what they do" layer can be systematized and measured by a platform. The behavioral science expertise gets encoded into the product, not carried by the individual running the program.

That's the strongest argument for the practitioner role disappearing entirely.

Where It Breaks Down

Every behavior these platforms track is behavior they can observe through their instruments. The most consequential human risk behaviors often happen where no platform has visibility: the hallway conversation where someone shares a credential, the decision to plug in a found USB drive, the moment someone decides to trust a caller who sounds like their CEO.

Their culture surveys have the same limitation every survey has. Nobody tells the security culture assessment "I think password policies are pointless and I reuse passwords everywhere." They tell the survey what they know the right answer is. Social desirability bias is real and it's strongest in exactly the domain these platforms measure.

And behavioral models trained on known patterns struggle with genuinely novel situations. The next social engineering approach won't look like anything in the training data. What catches it isn't pattern recognition. It's skepticism and judgment -- the kind that comes from understanding organizational context, not from a behavioral database.

The behavioral science approach is real and it's valuable. But it measures what it can measure and assumes it maps to what matters. The gap between measured behavior and actual behavior is where the most consequential risks live -- and that gap doesn't close with more data.

So What Do We Do With This

I don't have a clean answer. I think anyone who does is selling something. But I do have a few convictions coming out of this analysis.

The interpretation gap is real and it's growing. Every dollar spent on detection without a corresponding investment in judgment makes the gap wider. The first wave of fully autonomous awareness programs will produce spectacular results on their own metrics and a false sense of security in the organizations running them.

The practitioner's value was never the dashboard work. It was always the organizational navigation, the stakeholder relationships, the judgment calls. Most practitioners never got to develop those skills because they were buried in campaign operations. Automation is both the threat and the opportunity: it removes the work that was holding them back, but it also removes the justification most organizations had for the role.

Nobody is building the organizational context layer. Not the behavioral science platforms, not the AI-native entrants, not the autonomous orchestration engines. Every one of them stops at the boundary of what their instruments can see. The organization itself -- how it actually works, not how the org chart says it works -- remains invisible to the platforms that are supposed to protect it.

The "AI watching AI" recursion needs a trust anchor. And that anchor is structured human judgment -- frameworks that let humans set parameters, validate reasoning, and intervene at the right level of abstraction. The teams that build those frameworks will navigate this era. The teams that outsource judgment entirely to automated systems will discover what it means to optimize for the metric instead of the outcome.

In the next era of cybersecurity, the winners will not be the teams with the most dashboards. They will be the teams that can tell the difference between expected behavior and dangerous behavior hiding inside it.

That requires interpretation. And interpretation requires context, judgment, and organizational understanding that no platform has automated yet.

The question is whether the industry will invest in building that capability -- or whether it will keep buying faster dashboards and calling it progress.