When AI becomes the insider: Rethinking federal risk in 2026 - Federal News Network

COMMENTARY When AI becomes the insider: Rethinking federal risk in 2026 Insider risk at the federal level is no longer just about detecting human insiders. It is about securing the entire ecosystem that runs the federal mission. Michael Rider May 12, 2026 6:05 pm           Federal agencies are facing a fundamental shift in what the word “insider” means. In 2026, artificial intelligence systems themselves have become insiders, executing sensitive tasks at machine speed. This evolution is forcing agencies to rethink insider risk. Earlier in January, the Cybersecurity and Infrastructure Security Agency released new guidance on insider threats, urging critical infrastructure to take action. For agencies themselves, the threat now extends beyond malicious human actors to include misconfigured AI, synthetic identities, and non-malicious behaviors that quietly enable data exfiltration. The recently deployed Cyber Strategy from the White House also underlines the pivotal need to secure critical infrastructure, further expressing the innate change needed to protect our overall cyber health. The ‘insider’ expands beyond humans AI systems are now performing sensitive, mission-critical tasks once reserved exclusively for cleared personnel, yet they introduce a volatile form of risk that operates at speeds far outpacing traditional human-centric controls. Organizations like the National Institute of Standards and Technology and the Office of Management and Budget have specifically warned that misconfigured or manipulated AI can cause operational harm in milliseconds, making AI risk management that encompasses behavioral monitoring and AI governance an immediate priority. Because these autonomous systems operate with significant delegated authority but without the governance historically applied to people, they create a massive regulatory vacuum. This shift indicates a growing risk where malicious or compromised AI can evade standard identity governance and security controls designed for human federal identities. Without a fundamental update to these frameworks, agencies risk a total collapse of operational control as these digital insiders execute complex, unauthorized actions before a human supervisor can even detect an anomaly. Trust and identity in federal agencies are collapsing at scale Contending with a fundamental collapse of trust, federal agencies are struggling to keep pace with a dual threat: AI-powered deception and a staggering explosion of non-human identities. Deepfake impersonation and AI-driven social engineering have evolved rapidly, significantly increasing the risk that federal personnel will be deceived into granting unauthorized access or disclosing sensitive mission data. The gravity of this situation is underscored by recent CISA and FBI warnings regarding sophisticated synthetic identity abuse and targeted impersonation campaigns that mimic senior officials. As law enforcement and cybersecurity experts have noted, “Available defenses currently lack robust assurances that fully mitigate the risks. We are encouraging the community to come up with better defenses.”         Join us June 10 and 11 for Federal News Network's Cloud Exchange where agency and industry leaders will discuss a whole-of-government approach to cloud modernization. Register today! This erosion of trust is further complicated by “identity sprawls,” where non-human identities, including bots, service accounts and automated AI agents, now outnumber human personnel by more than 20 to one. These machine-level entities often operate with significant privileges but without the oversight necessary to detect a compromise. This lack of visibility is a persistent vulnerability. The GAO continues to flag these machine identities as poorly governed and rarely audited across the federal enterprise. Without a shift in how agencies manage this massive non-human workforce, the infrastructure remains highly susceptible to “silent” insiders that can be exploited by adversaries to bypass traditional human-centric security controls. The human factor still drives risk Despite the rapid advancement of autonomous technologies, the core drivers of insider incidents remain stubbornly human. Federal personnel operating under constant fatigue, distraction and mission pressure are increasingly prone to errors that compromise security. In fact, three in four (74%) chief information security officers (CISOs) surveyed by Proofpoint identified human error as their primary cybersecurity risk, underscoring that technical defenses are only as strong as the people managing them. However, the emergence of AI fundamentally and exponentially changes this insider threat potential. This vulnerability is no longer just about the accidental slips, but about the potential for AI agents to collude with one another at a speed previously impossible. Previous exploits with OpenClaw highlight this shift, demonstrating how malicious processes can coordinate to bypass traditional defenses. If driven by a malicious human insider with nefarious political or nation-state intent, these AI-driven tactics would have significant adversarial consequences. Furthermore, human error is also compounded by “privilege creep” within federal identity, credential and access management (ICAM) programs, where employees accumulate excessive permissions over time. These over-permissioned accounts significantly expand the potential of an insider incident, turning a simple mistake into a systemic failure. Because humans still configure, approve and oversee the AI and machine identities across federal networks, behavioral risk remains an unavoidable factor that requires continuous, proactive monitoring. Organizations need to treat corporate and agentic AI as high-risk systems, enforcing approved use cases, least-privilege access, layered security controls, adversarial testing and strong governance to prevent data leakage, misuse and emerging AI-driven threats. As agentic AI tools increasingly act autonomously on behalf of users, standards such as the Center for Internet Security (CIS) Controls, NIST Special Publication 800-53, and International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 27001 reinforce restricting scripting and command-line access to essential users, while organizations must monitor prompts, autonomous actions and behavioral patterns to detect insider risk, support investigations and maintain security and compliance as AI autonomy expands. Closing the insider risk gap In 2026, insider risk at the federal level is no longer just about detecting human insiders. It is about securing the entire ecosystem that runs the federal mission: The humans making decisions under pressure, the AI systems executing tasks at scale and the machine identities operating quietly in the background. Agencies that fail to evolve their insider risk strategies accordingly risk losing not just data, but trust, resilience and operational control. Federal organizations must rapidly distinguish machine from human identities across their environments, understand which identities can access and control sensitive data and treat both corporate and agentic AI as insider risks. Strengthening access controls now is essential. The next major cyber incident could strike the federal sector without warning, and reducing insider‑driven exposure is one risk we can control. Michael Rider is a senior solutions engineer, federal, at DTEX.         Sign up for our daily newsletter so you never miss a beat on all things federal Copyright © 2026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.           Sign up for breaking news. Related Stories Federal cyber resilience requires containing the core, not adding more tools COMMENTARY Read more Getty Images/Userba011d64_201 Agentic AI needs platform discipline to deliver measurable mission performance COMMENTARY Read more Derace Lauderdale/Federal News Network Why empathy, not tech, drives federal IT service delivery success COMMENTARY Read more Related Topics ARTIFICIAL INTELLIGENCE COMMENTARY CYBER STRATEGY CYBERSECURITY CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY DTEX FBI GOVERNMENT ACCOUNTABILITY OFFICE IDENTITY CREDENTIAL AND ACCESS MANAGEMENT IT MODERNIZATION MICHAEL RIDER NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY OFFICE OF MANAGEMENT AND BUDGET OPENCLAW TECHNOLOGY Around the Web After 60, Leg Strength Comes From One Simple Daily Move ApexLabs Cardiologists: 2 Veggies Will Kill Your Belly Fat Like Crazy (Try It) Health Weekly Surgeons: This Simple Method Will End Knee Pain & Arthritis Quickly (Try It) Health Weekly The USA 250th Anniversary Hat Everyone is Talking About Yifare Neurologists Beg Seniors With Neuropathy: Stop Doing This Now Health Weekly Honey: The Greatest Enemy of Memory Loss (See How to Use It) Health Weekly The Liberty Bell Whiskey Decanter Going Viral Before America's 250th peoasis Weird Stool, Bloating or Diarrhea? A Pharmacist Says Try This (Watch) HealthMotion Top Doctor: "Do This Before Bed to Clear Years of Old Moles." BHSkin Dermatology UPCOMING EVENTS Modernizing government ERP, part 2: Reducing risk while preparing for what’s next Audit ready, mission ready: Sustaining and modernizing federal finance in support of the mission and warfighter Building cyber resilience in the cloud Federal News Network’s Cloud Exchange 2026 Maximizing Your Federal Retirement Benefits (LIVE EVENT) More TOP STORIES Mullin testifies on DHS contract reviews, CISA staffing AGENCY OVERSIGHT Trump moves about 8,000 federal positions to Schedule Policy/Career WORKFORCE AI executive order sets stage for new cybersecurity directives CYBERSECURITY Forest Service offers separation incentives to employees ahead of relocations REORGANIZATION Statistical agencies face third office closure in recent weeks over unspecified water concerns FACILITIES/CONSTRUCTION NIST expands goals for renamed AI consortium ARTIFICIAL INTELLIGENCE