Shadow AI Is Now the Rule, Not the Exception: 55% of UK Workers Use Unapproved Tools
More than half of British employees are quietly using AI tools their employers never sanctioned — and that number should concern every business leader who thinks their AI governance policy is working.
New UK-specific findings from KnowBe4’s report From Agentic Risk to Human Wins reveal that 55% of employees admit to using unapproved AI tools at work, while 58% of IT and security decision-makers already consider shadow AI their top human-related cyber risk. One in ten employees knowingly entered sensitive information into AI platforms despite understanding the risks involved.
Key Takeaways
- Awareness gap is real. Only 16% of decision-makers say they’re currently effective at managing safe AI tool use inside their organizations.
- AI agents are operating autonomously. Nearly 1 in 5 decision-makers (19%) report that AI tools or agents take actions across multiple workflows with limited human oversight — and 85% say improvement is needed to align those agents with security policies.
- Pressure is the real risk driver. 47% of employees acknowledge that time pressure or distraction can lead to security mistakes even when they know the right course of action. Security failures are increasingly behavioral, not knowledge-based.
- The Cyber Security and Resilience Bill is driving urgency. 85% of decision-makers say the upcoming legislation will significantly shape how they manage human-related cyber risk, with supply chain risk a key focus.
The research covered 80 decision-makers and 300 employees across UK organizations with 250+ employees, spanning IT, healthcare, consumer services, and more.
Read the full article on Security Journal UK
Stay in Rhythm
Subscribe for insights that resonate • from strategic leadership to AI-fueled growth. The kind of content that makes your work thrum.
More from Thrum
Additional pieces exploring adjacent ideas
