Martin Kraemer’s day invariably begins with a deep dive into global cybersecurity news. As a CISO Advisor at KnowBe4, he needs to stay on top of things. Lately, he has observed digital threats evolving rapidly, primarily driven by shifts in geopolitical power dynamics. Policy developments within the European Union largely determine the direction of these changes, and that is precisely where he provides his expertise.
Kraemer helps CISOs at large organizations set up risk strategies and governance frameworks. His core belief is that cybersecurity is no longer purely about technology once the workplace is factored in. It requires a broad, business-oriented view of the organization.
Geopolitical shifts and the European dilemma
Anyone looking at the market over the past year sees a number of major trends that are inextricably linked, according to Kraemer. The chronic shortage of IT talent is an old, familiar problem. That scarcity is now being felt even more acutely because complexity in other areas is exploding. Kraemer sees, for example, a clear shift in how Europe handles data. The era of paper tigers and non-binding protocols is over. Real action is now being taken to protect European tech sovereignty.
He believes France is currently the prime example of this. For instance, the French government has decided to move away entirely from U.S.-based cloud infrastructure. The country is building its own sovereign government cloud. That decision is having a massive ripple effect on all major companies that do business with the government. In theory, the pursuit of independence sounds wonderful for making organizations more resilient, but the reality is stubborn. After all, companies are deeply rooted in international supply chains. Cutting-edge software relies on specific cloud services, which in turn run on hardware available in only a very limited number of data centers worldwide. Operating truly independently is therefore a massive strategic challenge, he says.
The Birth of the Digital Workforce
This complex infrastructure sets the stage for a major shift in direction at KnowBe4. Whereas the focus used to be on Human Risk Management, the Digital Workforce is now central. That shift is an absolute necessity, says Kraemer, because the definition of the workplace has changed drastically. Today, the average employee already has two to three AI agents working for them. He expects this number to rise to more than a hundred agents per employee by the end of the decade.
The rise of platforms like OpenDevin shows where things are headed. Online forums populated entirely by AI agents, such as Moltbook, are emerging. On platforms like RentAHuman, bots can actually hire real people to carry out real-world actions because bots cannot. The traditional organizational chart is rapidly disappearing. Many AI agents currently perform exactly the same tasks as highly educated office workers. They gather information, analyze data, make decisions, and execute plans. Kraemer believes that the workplace has simply become a hybrid mix of humans and machines.
Although the rise of AI colleagues calls for immediate action, the CISO advisor emphasizes that the transition to a secure, hybrid workplace is a step-by-step process. Organizations cannot jump to the highest level all at once. This process begins at the very foundation, driven purely by compliance and the creation of initial awareness. Only once that foundation is in place does the step toward actually influencing behavior follow. Here, employees are actively supported by providing the right environmental factors and tools, such as a password manager or an easy-to-use reporting button for suspicious emails or chats. Only in the final phase should we discuss a truly holistic approach. In this phase, awareness, human behavior, and a solid security culture converge with the technical guardrails needed to control the active AI fleet.
The invisible threat of prompt injections
This new workplace naturally brings new risks. Over the past twenty years, the security world has successfully trained people to recognize phishing and red flags. We now have a pretty good understanding of exactly how that works. But now that we’re instructing AI agents to read our emails, we’ve introduced an entity that, while capable of processing information at lightning speed, simply doesn’t understand the world or the context, says Kraemer. What social engineering is to humans, prompt injection is to AI agents. People used to be tricked into transferring money urgently. AI agents are manipulated with invisible commands to leak data.
Real-world examples show just how sophisticated this has become, such as the EchoLeak attack in Microsoft Copilot. An attacker simply sends an email containing a malicious prompt injection written in white text on a white background. The employee doesn’t even open the email, so nothing seems amiss. Later, that same employee asks Copilot to summarize the inbox in preparation for a quarterly financial meeting.
The AI bot scans the inbox, reads the unopened email, and picks up the hidden instruction. The bot is suddenly instructed to connect to the company’s SharePoint environment, search for sensitive data, and generate a Markdown hyperlink to Slack. When Slack previews the hyperlink in the background, a silent call is executed, routing the stolen data directly to the hacker’s server. In this case, the employee didn’t make a single mistake, yet company secrets are out in the open.
Identity Management for Algorithms
Monitoring thousands of active AI agents carries a massive risk of alert fatigue in the Security Operations Center. Agents operate at machine speed and have no clue about business processes. They constantly push technical boundaries by requesting permissions or exceeding thresholds. In response to the question of how exactly he views this, Kraemer states that this problem must be addressed at its root through Identity & Access Management. Traditionally, we have human accounts and service accounts, he says, but autonomous AI agents possess their own decision-making power and therefore require a separate identity class. This is crucial for strictly defining a bot’s job description and permissions.
Kraemer mentions a recent case involving an online chatbot. A researcher discovered that this bot had too much freedom. The researcher asked it to write Python code and then execute it within the internal client environment. Because the designers had not technically restricted the bot’s scope, the chatbot dutifully executed the code, with all the consequences that entailed.
Because data flows are too fast for humans to handle, we have no choice but to use AI to monitor AI. We therefore asked Kraemer for his thoughts on this, specifically to prevent the security stack from becoming an unreadable black box. He advises continuously testing the monitoring engine against a fixed set of test cases to measure behavioral changes. Additionally, input filtering is essential for intercepting prompts before they reach the agent.
The Balance Between Zero Trust and Workforce Trust
When asked whether discussing trust in the workplace is dangerous and whether a CISO should strictly adhere to Zero Trust, the CISO advisor responds with conviction. He explains that this is precisely the core of the modern CISO role. Internally, at the technical level, a CISO must absolutely adhere to Zero Trust by controlling and verifying everything. However, in business and the market, the organization must turn risks into opportunities. The CISO must manage the risk of the Digital Workforce, just as a company manages financial risks through KPIs and dashboards to enable growth. By demonstrating that you have these risks under control, your company becomes a truly reliable partner to the market.
However, as human teams shrink and more autonomous AI agents are deployed, the operational chain becomes fragmented. The CISO advisor drew a comparison to a package delivery person who delivers a package without knowing whether it contains legitimate items or illegal goods. The ability to intuitively assess a situation disappears from the chain once the human control layer is removed.
The CISO of 2031: Behavioral Scientist or System Administrator?
Looking to the future, the question arises: what will that responsibility look like in five years? Will the CISO of 2031 still manage human behavior, or will the task shift entirely to managing thousands of autonomous algorithms? According to Kraemer, it will be an inseparable combination of both. Managing AI agents will become more technically intensive, but precisely because of that, the human component will be more important than ever.
A healthy security culture is, after all, the product of human interaction. It arises when colleagues observe one another, talk to one another, have lunch together, and develop a shared identity. As soon as AI agents take over tasks, that social oversight disappears. If human intuition is removed from the chain, there will be no one left to judge whether an action is ethically or organizationally acceptable. The CISO of the future will therefore not only have to tame algorithms but, above all, ensure that the human security culture does not completely evaporate.
The myth of mass AI layoffs
When the recent waves of layoffs at tech giants and major banks come up, Kraemer shares a highly critical view. Many organizations simply aren’t telling the truth about the reason for their layoffs. Management often misuses AI as a sexy and visionary pitch to investors. This is done to mask cutbacks that, in reality, have purely economic causes. Companies that truly believe they can replace entire human teams with a collection of algorithms, he says, are in for a rude awakening. Artificial intelligence does, of course, have that enormous processing speed, but it doesn’t understand the world. People remain crucial for explaining the context to the machine.
Furthermore, the economic reality behind the AI hype is shaky. The AI tokens currently being consumed en masse are artificially cheap because they are heavily subsidized by venture capital. As soon as the market normalizes and actual operational costs, including the massive energy costs of data centers, are factored in, the business case for replacing humans with AI agents will suddenly look very different.
Start with the Digital Workforce Tomorrow
We also asked Kraemer for the ultimate tip for the Dutch CISO or IT director who wants to take control of their hybrid workplace starting tomorrow. That begins with creating visibility, according to the CISO advisor. Critically analyze how much you truly know about the behavior of your employees and the active AI agents within your network, but also map out the shadow AI. Next, organizations must learn from past behavior. If you previously blocked an employee who plugged in an unsecured USB drive, immediately offer a secure alternative for transferring that data. That same facilitative approach can and must also be applied to AI agents’ behavior.
Finally, organizations must critically assess every new AI agent from the drawing board in three areas. Kraemer refers to the sensitivity of the data, the degree of autonomy, and the ultimate authority to act. By starting projects with minimal autonomy and expanding scope only once monitoring is watertight, security leadership maintains control.
The key lesson from the CISO advisor is therefore that the Digital Workforce is not purely an IT problem, but an operational business risk. Those who manage the risks of this hybrid workplace with clear KPIs and dashboards create a measurable ROI, remain compliant with the law, and transform cybersecurity from a cost center into a strategic foundation for the business.