The Insider Threat Is Now an AI Impersonator

Simon Carver

[calm] A finance director gets a voice note at 7:12 a.m. It sounds exactly like her CEO. Same cadence, same clipped urgency, same little habit of saying her name before the ask. The message references a real product launch, a real vendor, a real deadline. And the dangerous part is this: nothing is broken into. Somebody just logs in, sounds familiar, and moves like they belong. Welcome to the show. I’m Simon Carver, here with Lachlan Reed and Jack Burns.

Lachlan Reed

[skeptical] Yeah... and that’s the bit that sticks in my craw. We all grew up with this picture of the threat being outside the fence -- hoodie, dark room, trying to smash a window. Now the thing strolls through the front gate with a lanyard on. Knows who reports to who, knows who’s on leave, knows which poor bugger in procurement approves rush payments.

Jack Burns

[matter-of-fact] That shift is the entire story. We moved from generative AI to agentic AI. Generative systems assist. They draft, summarize, suggest. Agentic systems act. They execute sequences, pursue objectives, adapt midstream. Once a machine is no longer merely composing language but taking actions on your behalf, risk changes category. It is no longer support. It is delegated agency.

Simon Carver

[curious] Wait -- “delegated agency” is the phrase there. So if generative AI is “help me write the email,” agentic AI is “send the email, follow up twice, book the meeting, and escalate if they hesitate”?

Jack Burns

Precisely. And espionage is not a single act. It is a sequence. Observe, profile, test, build credibility, exploit access, then persist. Agentic systems are well suited to that because they do not tire, they do not lose patience, and they can run many variants at once.

Lachlan Reed

[responds quickly] Many variants at once -- that’s the machine-speed bit people underestimate. A human con artist might juggle, what, a handful of targets if they’re any good. An AI system can work fifty people across sales, finance, legal, and HR at the same time... each with a different story. That’s not a bigger phishing campaign. That’s a factory.

Simon Carver

And it speaks the company’s language. That’s what unsettles me. If it’s scraped LinkedIn, conference clips, public interviews, maybe even leaked docs, it doesn’t come in sounding generic. It comes in sounding like your place. Your acronyms, your product names, your weird internal shorthand.

Jack Burns

[calm] Yes. The old model assumed deception had limits. Spelling errors. Strange timing. A poor imitation of authority. Those limits are eroding. AI can now imitate trust signals: voice, tone, urgency, timing, context. It can call at the exact moment a board meeting ends. It can reference a real roadmap item. It can mirror the verbal texture of a specific executive. At that point, the attack no longer feels external. It feels like a colleague with seniority.

Lachlan Reed

[deadpan] Which is rough, because half of corporate life already feels like being politely bullied by calendar invites. [chuckles] But seriously -- if the “CEO” calls and says, “Need this moved before noon, legal’s waiting,” and they sound spot on, lots of decent people will comply because they’re trying to be helpful, not stupid.

Simon Carver

That “before noon” piece matters. Not just authority -- urgency. It’s like stage magic. Don’t give the audience time to inspect the trick.

Jack Burns

Exactly. Urgency suppresses verification. And timing amplifies credibility. A request made during a product launch, an acquisition rumor, a quarter close -- those are moments when abnormal behavior can masquerade as normal pressure. The machine does not merely imitate a person. It imitates the circumstance around the person.

Lachlan Reed

[reflective] I keep coming back to this one practical image. Say I’ve just posted about speaking at a conference. The system sees that. It sees I work at Company X. It sees my boss, my team, who I interact with. Then, two weeks later, I get a note from “operations” mentioning the event, asking me to review an updated travel reimbursement form. That is not some ham-fisted scam from 2009. That is a tailored lure with my fingerprints already on it.

Simon Carver

And by the time the ask arrives, the conversation may have been going for days. Or weeks. That’s the creepy bit for me. Rapport at scale.

Jack Burns

[softly] Which is why calling this an outsider threat is now misleading. If it knows your hierarchy, reproduces your trust signals, and operates through valid credentials, then functionally it behaves like an insider. Not because it belongs there, but because your systems cannot easily distinguish belonging from imitation.

Simon Carver

So let’s get practical. Where does this hit hardest? Usually not in some dramatic movie scene. More often in messy transitions: onboarding, offboarding, role changes, temporary access, somebody covering for somebody else. The moments where identity and permissions are a little blurry.

Lachlan Reed

[warmly] Yeah, the 90-day windows. New starter doesn’t know what “normal” looks like yet. Someone leaving still has loose ends and emotional static. A manager says, “Can you just give Jess access for now?” and suddenly “for now” turns into six months. That’s how barns catch fire, mate -- not with a flamethrower, with one little spark no one bothered to stamp out.

Jack Burns

The vulnerability is structural. During onboarding, people are eager to comply and hesitant to challenge authority. During offboarding, responsibility is diffused and timing becomes fragmented. During internal transfers, permissions accumulate faster than they are revoked. Each of those states creates ambiguity. And ambiguity is exploitable.

Simon Carver

Let me try to say that back. The weak point isn’t just bad software. It’s a human moment of confusion plus a system that assumes clarity.

Jack Burns

[approvingly][short pause] Almost. The deeper problem is a human moment of confusion inside a system designed for convenience. Organizations optimized for speed, frictionless collaboration, and implicit trust. Those are admirable goals. But under machine-scale impersonation, convenience becomes attack surface.

Lachlan Reed

“Convenience becomes attack surface.” I’m nicking that. Because that’s what Zero Trust is trying to fix, yeah? Not “trust nobody because the world is terrible,” but “don’t hand out trust like free sausages at Bunnings.” Verify it. Re-check it. Context matters.

Jack Burns

[matter-of-fact] Correct. Zero Trust is often marketed as a product. It is not. It is an operating principle: nothing is implicitly trusted, every request is evaluated in context, and access is continuously reassessed. If a credential appears valid but the behavior deviates -- unusual time, unusual device, unusual sequence of actions -- the system should respond.

Simon Carver

That’s where behavioral analytics comes in, right? Not just “is this Simon’s password,” but “does this look like Simon being Simon?”

Jack Burns

Yes. Because identity alone is no longer sufficient. If “Simon” downloads unusual files at an unusual hour, from an unusual location, in a pattern inconsistent with prior behavior, that deviation matters more than the login itself.

Lachlan Reed

[questioning tone] But here’s my pushback. If leaders hear “behavioral analytics” and “Zero Trust,” they chuck it straight to IT and go back to their coffee. Isn’t that the old mistake in a nicer suit?

Jack Burns

It is. Security can no longer be treated as a technical department’s burden. The attack is behavioral, so the defense must be cultural. Leaders set tolerance for exceptions. Leaders define whether verification is rewarded or punished. If an employee pauses a suspicious request from someone who appears senior, the organization must treat that pause as competence, not insubordination.

Simon Carver

That lands. Because culture is really what tells people what to do in the awkward five seconds. Do I challenge this? Do I verify? Do I look paranoid? Or do I click because everyone’s busy and I don’t want to be the difficult one?

Lachlan Reed

[sighs] Those awkward five seconds are the whole ball game. Annual compliance videos won’t save you there. You need a living habit. “Ring back on a known number.” “Check the request in another channel.” “Ask the dumb question.” Dumb questions save smart companies.

Simon Carver

And weirdly, that’s the hopeful part. The human workforce is the target, yes -- but it’s also the defense. Not because humans are flawless. Clearly not. [laughs] But because good judgment, social courage, and a culture of verification still matter.

Jack Burns

[reflective] Indeed. Machines can mimic trust. They cannot create a healthy trust architecture on their own. That remains a human responsibility. Leadership must design for resilience. Teams must normalize verification. Individuals must understand that politeness is not the same as security.

Lachlan Reed

[warmly] So if you’re listening from an office, a workshop, or -- like me half the time -- a noisy shed out the back, have a look at where your org gets fuzzy. New hires. Departures. Shared logins. Emergency approvals. The messy bits. That’s where the ghost likes to wander.

Simon Carver

[warmly] And if these quick takes are useful, give us a like and subscribe on YouTube. Nice and simple -- it just helps more people find the show.

Jack Burns

Thank you for spending time with us.

Lachlan Reed

Cheers for listening, folks.

Simon Carver

We appreciate you. More stories from The Human Workforce are on the way.