Key Takeaways
- 53% of organizations dealt with executive or employee impersonation in 2025, a new report reveals.
- 84% of them experienced “material digital risk incidents” last year.
- Just 7% of these companies say their digital security program is “leading.”
More than half of companies (53%) dealt with digital impersonations of their employees or executives within the past 12 months, a new report has revealed.
A large amount of the incidents were powered by AI tools. However, companies don’t seem to be prepared to deal with threats against the humans working at their operations, with 43% saying that they don’t run any person-of-interest threat profiles whatsoever.
The new data is yet another indication that, years after the technology turned into the tech world’s hottest buzzword, companies across all industries are still largely struggling to maintain cybersecurity protocols surrounding AI tools.
84% of Companies Have ‘Material Digital Risk Incidents’
The news comes from digital risk platform Outtake, which recently debuted the 2026 State of Digital Risk Report in partnership with Cybersecurity Insiders.
That report draws on a survey from early 2026 that logged responses from 1,138 decision-makers in charge of cybersecurity and fraud across a wide range of industries and sizes.
This just in! View
the top business tech deals for 2026 👨💻
The biggest takeaway? Companies are not confident in their ability to address digital security issues.
Specifically, an enormous 84% of all organizations surveyed have experienced “material digital risk incidents” within the past 12 months.
At the same time, only 7% of these companies describe their digital security program as “leading,” and 21% don’t have a specific role for handling digital risk.
Impersonations Threaten Half of Today’s Businesses
The lack of preparation is a concern for a specific cyber attack that’s been making headlines: Impersonation, whether of employees or executives. This might be accomplished with AI-powered video or audio, or it might be an old-fashioned phishing email, but the end goal is to gain access to sensitive company data.
“Executive or employee impersonation hit 53% of organizations this year. Yet protection remains narrow: 77% limit workforce coverage to executives, a few high-risk roles, or reactive case-by-case response, and 43% run no person-of-interest threat profiling at all.” – the report
Companies are used to business-wide security, but aren’t prepared to create threat profiles for specific employees (43% have no capacity for this).
How AI Tools Create Impersonations
According to the Outtake report, 47% of respondents have “already encountered confirmed or suspected synthetic-media impersonation of an executive or brand representative.” In other words, a lot of the impersonations are AI.
Again, businesses don’t seem well prepared to handle this threat: 96% of them “have no automated way to stop an AI agent manipulated through its external inputs.”
The latest data indicates that humans working at companies constitute the most exposed and least protected attack surfaces. With AI-amplified threats only set to increase over the short term, there’s no denying that impersonations are among the biggest problems across many industries in 2026.
