We've spent years hardening our systems, patching our software, and training our teams to spot phishing emails. And now we're deploying AI agents that can take autonomous action — browsing, deciding, executing — on behalf of our organizations. That's a remarkable shift. It's also opened a threat surface most security programs aren't accounting for yet.

The attack isn't always against the model. Increasingly, it's against the person managing it.
This session examines how threat actors are learning to exploit the humans in agentic AI workflows — the employees who prompt, override, trust, and respond to these systems every day. When an AI agent generates an urgent request, flags an exception, or asks a user to confirm an action, how do we know that interaction hasn't been manipulated? Most people don't stop to ask. This is why it matters.

Drawing on behavioral research and emerging real-world attack patterns, this session walks practitioners through what human-layer exploitation looks like in agentic AI environments, where existing social engineering defenses fall short, and what organizations in technology, healthcare, manufacturing, and energy need to build into their policies and training before this becomes a headline they're reading about themselves.

You'll leave with a clear picture of the human risk surface agentic AI introduces, a framework for identifying where your people are most exposed in AI-assisted workflows, and practical controls that don't require overhauling your entire security program to implement.