Agentic AI is quickly moving from theory into practice, introducing both opportunity and risk. Security leaders are increasingly focused on threats like AI-powered phishing, deepfake impersonation, and malware that can bypass traditional defenses. At the same time, they recognize that capturing AI’s benefits requires stronger workforce readiness and disciplined data governance to avoid new vulnerabilities.
These concerns are especially pronounced at the intersection of AI and physical security. Artificial intelligence is no longer confined to the digital realm; it is actively reshaping how physical threats are planned and executed.
One major concern is the rise of AI-enabled physical intrusions. AI is lowering the barrier for threat actors, making it easier to plan and execute complex breaches. Tools like drones can evade surveillance and enable perimeter breaches or payload delivery, while AI-assisted reconnaissance can combine satellite imagery, floor plans, social media, and employee movement data to expose blind spots.
Deepfakes and synthetic media present a growing real-world risk. What begins as digital manipulation can quickly spill into physical consequences. For example, fabricated executive videos could spark protests at corporate sites, while impersonation accounts may reveal sensitive information like executive schedules or office locations. Deepfake-enabled identity spoofing and AI analysis of badge usage patterns, timing, and behavior allow adversaries to convincingly mimic legitimate users.
Voice-cloning technologies introduce another layer of risk, enabling harassment campaigns that can escalate beyond the digital environment. A key challenge is organizational: cyber, communications, and legal teams often monitor these threats, but physical security teams are left managing the real-world fallout, frequently without clear coordination.
More advanced techniques even allow AI to study and evade intrusion detection systems. This exposes a critical gap—many traditional access control systems were never designed to defend against adversaries that can learn and adapt algorithmically.
Even defensive uses of AI introduce governance challenges. Many organizations lack clear policies defining what AI systems can access or automate, and there is still uncertainty about when humans must remain in the loop for high-risk decisions.
To better understand how these dynamics are evolving, we asked the Security Executive Council community to share their perspectives. This Security Barometer poll explores both the concerns and the growing role of AI in corporate physical security.
Poll Results
Some selected “Other” responses included:
- AI-enabled insider threats.
- Over reliance and/or over dependence on AI without sufficient human review or interaction.
- Undue pressure to implement inappropriate AI.
- Inability to use basic AI features in an agile way. Approval pipeline takes too long.
Where AI is Being Used to Augment Physical Security
The Security Barometer quick poll also investigated how AI was being used by the security function.
Some areas of focus include:
Automating Routine Security Tasks
Security teams are using AI to eliminate repetitive, error-prone work so humans can focus on higher-risk decisions.
- Identity and access tasks
- Badge lifecycle management
- Visitor validation
- Reporting workflows
These are considered “early wins” because the rules are clear and the data is governed.
Predictive Risk Identification & Early Warning Systems
AI is being used to scan massive internal and external data sources to detect threats earlier than humans can. Models score risks based on probability and impact to forecast trends, shifting organizations from reactive to predictive security.
Strengthening Physical Security Through AI
AI is helping physical security teams counter the same AI-enabled threats used by attackers.
- Modeling AI-enabled threat scenarios (e.g., drone intrusions, deepfake access attempts)
- Updating strategies to address cyber-physical convergence
- Detecting anomalies in building management systems
Organizations are rethinking physical security as AI blurs the line between cyber and physical threats.
Improving Cross-Functional Alignment
AI provides security, HR, IT, Legal, and Facilities teams with a shared language and shared data.
- Reduces duplicate work
- Tightens controls
- Improves process efficiency
AI becomes a unifying layer across risk functions.
Continuous Monitoring & Automated Mitigation
AI systems operate continuously, learning from outcomes and adjusting thresholds.
- Real-time threat detection
- Automated routing of incidents
- Triggering mitigation workflows
- Adaptive feedback loops
This creates a dynamic risk management system that evolves alongside emerging threats.
Participant Comments
The survey provided participants to elaborate on their responses. Here are some selected and edited responses:
- We are using an AI monitoring tool that has really cut down the noise for our SOC operators and allows us to identify anomalous security risk behaviors.
- Oversaturation and overreliance at this stage. Too many providers without solid operation and quality control.
- Artificial intelligence strongly supports analytical, logical, and efficiency-driven forms of thinking by processing information, recognizing patterns, and optimizing decisions, but over-reliance on it can reduce human engagement in creative, intuitive, emotional, and meaning-oriented thinking, which depend on uncertainty, personal judgment, and lived experience.
- Using AI to build physical tools
- Unscaled approach and lack of oversight is a concern.
- So much of what is being presented as AI in the security space is machine-learning which a very different thing. I've seen "AI" tools identify phones as guns and miss detection. My largest worry is the amount of tools AI is giving to bad actors, that simply outpaces what security orgs can do to combat. For example for some reason we see reception desks answering phones, and receptionists are just not equipped to deal with the volume deep fakes, audiofakes, phishing, scam, or other extreme tactics used by bad actors. The question should become what is the value of keeping these phones? Are the phones really how the business conducts work or is the phone a liability. AI cameras that detect tailgating while good generally let a company believe they can have more entrances thus creating a greater security risk than single point of access control to enter the building.
- I would really like to see real world active use cases of the technology from end use GSOC analysts and hear from them if its making their job easier as they are the ones having to use these tools.
- Over the past 12 months our team have been incorporating AI more and more into routine security tasks, we heavily use it for officer training plans for both the SOC and guardforce. We are in the process of onboarding additional AI tools into our SOC to improve responses, biggest challenge is ensuring any new AI platforms can be piggy backed on our current systems.
- We don't plan on having any AI feature provide final outcomes for any security task, but instead assist with providing more accurate and timely threat information and escalate/de-escalate certain alarms based on risk scores the AI provides. It is very difficult in our company to receive approval for any type of basic AI services. There seems to be a huge amount of concern over the accuracy/fairness of AI outputs for a SOC, while not acknowledging the fact that prior to AI, all of these functions are being done manually by humans who also make mistakes and come with their own set of concerns on accuracy/fairness, etc.
- AI has significantly cut down on manual processes for my GSOC agents as well as increased the speed of which we see and respond to real world events.
- AI is like any other tool if used improperly, it will fail. And unfortunately what I've seen is the same old song: senior leadership aggressively leaning into some kind of change while remaining utterly disconnected from the staff who are actively engaged in the work. The result is always that leaders get their way, morale takes a massive blow.. which decreases productivity and it only reinforces the uneducated decision to lean into that new thing (in this case AI).
- In our applications, we've seen FAR MORE errors as a result of letting personnel go and replacing them with one AI type or another. It has been pretty disastrous to be honest.
Next Steps
Unlike AI-driven analysis, Security Executive Council insights are shaped by seasoned practitioners who bring firsthand experience managing complex security programs. That means you gain not just information, but informed judgment, tested strategies, and an understanding of what works in real-world environments. Contact us to discuss how we can help strengthen your security efforts.
