64 percent of employees use AI tools at work without permission, according to a new report from WatchGuard.
64 percent of employees use AI tools without the company’s knowledge, according to the 2026 Cybersecurity Hygiene Report from WatchGuard Technologies. As a result, organizations do not know what information employees are entering into external AI services. Furthermore, 30 percent of employees believe their organization maintains an overview of the software used, while nearly 40 percent say their employer does not have full visibility into the applications employees use.
AI in the wild
The rapid adoption of AI tools by employees, without IT departments being aware, creates a blind spot. Organizations often do not know what data is being processed via external services; consequently, less than 30 percent of employees believe their organization has an accurate overview of the software being used.
Previous research by Sharp already showed that Belgian employees use AI tools without the knowledge of companies, which brings risks regarding data security. Although the research showed that trust in AI is increasing, other research indicates that adoption primarily comes from the top down.
Growing cyber risks
The use of AI by employees without supervision brings cyber risks, as well as other inaccuracies. For instance, the report shows that three out of four employees reuse passwords for multiple accounts. Additionally, 30 percent of employees share their passwords with others, further increasing the risk of unauthorized access.
In addition, seven out of ten employees use public Wi-Fi for business purposes. This increases the chance of cybercriminals intercepting internet traffic and stealing sensitive information. Half of the employees access company data without a VPN, making data vulnerable to interception and theft.
It is no longer enough to only implement technical security solutions, the report concludes. Organizations must gain insight into the behavior of their employees, establish clear rules for the use of AI, and implement strict password and network security.
