Businesses have a severe AI governance gap, according to the cybersecurity platform KnowBe4. Its survey of employees across Germany, South Africa, the Netherlands, France, the UK, and the United States suggests that while a large majority of employees already engage with Artificial Intelligence (AI) tools at work, few are aware of their company’s official policies governing its use.
On average, 60.2pc of employees surveyed say that they are using AI tools in the workplace. In contrast, only 18.5pc are aware of their company’s policy on AI usage. This gap suggests that most AI activity within organisations is taking place without guidance or oversight. One in ten employees (10pc) have admitted to putting client data into an AI tool to complete a work task.
Roger Grimes, data-driven defence evangelist at KnowBe4, said: “An AI governance gap is like a ticking time bomb for organisations. When the majority of your workforce is using AI but fewer than 20pc understand the rules of engagement, you have a massive problem. AI tools are powerful, but without clear policies and training, employees may unknowingly feed sensitive information, like client data, into systems that were not designed to handle it securely. We often think of cyber risk as external, but in the age of AI, internal misuse, however unintentional, could lead to serious data breaches, compliance violations, and reputational damage.”
Across regions
Varying AI Adoption Rates: While the average percentage of employees using AI in the workplace is 60.2pc globally, adoption rates varied by region. France shows the lowest adoption rate, with only 54.2pc of employees saying they use AI tools at work, indicating a slower adoption rate. Conversely, South Africa records the highest at 70.1pc, suggesting a more widespread use of AI.
Persistent Policy Awareness Gaps: An average of 14.4pc of employees reported being unaware of their company’s AI policy. This lack of awareness is particularly notable in the Netherlands (16.1pc) and the UK (15.8pc), indicating a need for enhanced communication and training strategies.
Sanctioned AI Use is Lagging: Only an average of 17pc of employees use AI at work with their IT/security team’s knowledge. This figure, though highest in South Africa (23.6pc), remains low overall, indicating a need for organisations to proactively provide and promote approved AI solutions.
According to the firm, the research shows the need for organisations to bridge this awareness-usage gap. This requires not just establishing policies, but communicating them, providing training on ethical and secure AI use, and offering approved, user-friendly AI tools to mitigate the risks posed by uncontrolled AI adoption.
Visit https://www.knowbe4.com/.
