A recent KnowBe4 report reveals that 55% of UK employees admit to using AI tools at work without official approval, with a significant minority sharing sensitive data with these platforms, exposing organizations to heightened cybersecurity risks.

  • 55% of UK employees use unapproved AI tools; 10% share sensitive data
  • 58% of cybersecurity decision-makers see shadow AI as a top risk
  • Only 16% of organizations feel effective in managing AI safety currently

What happened

New research from KnowBe4 indicates that more than half of employees in the UK are engaging with AI tools at work that have not been officially approved by their organizations. Alarmingly, one in ten employees who use these unauthorized AI services share sensitive company information with them, compounding potential data security vulnerabilities.

The study also highlights that nearly one-fifth of businesses report AI agents operating autonomously in various workflows without sufficient human oversight, underscoring the growing integration of AI in workplace processes but also the escalating risks if not carefully managed.

Why it matters

Shadow AI, defined as the use of AI tools outside of sanctioned organizational platforms, is recognized by 58% of UK cybersecurity leaders as one of the biggest security threats currently facing businesses. Despite this awareness, only 16% believe that their organization effectively manages AI's safe usage, revealing a significant governance gap.

Furthermore, 27% of employees admit to supplementing official tools with their personal selections, suggesting that enterprises may be falling short in providing adequate or trusted AI resources for their workforce. This gap not only increases the risk of data leaks but also complicates compliance and oversight efforts as AI adoption accelerates.

What to watch next

Organizations should anticipate increasing initiatives to establish clearer policies and controls around AI tooling, particularly focused on reducing shadow AI usage. Nearly half of businesses have set targets to improve AI agent safety within the next year, indicating a shift toward stronger governance frameworks.

Companies may also need to prioritize providing employees with approved, effective AI tools that meet their productivity needs, which could help curb the reliance on unsanctioned options. Monitoring advancements in AI oversight technology and workforce education on safe AI use will be critical to mitigating evolving cyber threats related to shadow AI.

Source assisted: This briefing began from a discovered source item from TechRadar. Open the original source.
How SignalDesk reports: feeds and outside sources are used for discovery. Public briefings are edited to add context, buyer relevance and attribution before they are published. Read the standards

Related briefings