Employee behaviour is creating significant and often hidden cyber security risks, with widespread use of unauthorised AI tools and unsafe workplace practices exposing organisations to growing threats, according to research from WatchGuard Technologies.
The company's 2026 Cybersecurity Hygiene Report found that 64% of SME employees admitted using unauthorised AI tools for work, contributing to a growing shadow AI problem that many organisations lack the visibility to manage.
The research also found that 76% of respondents reuse passwords across multiple accounts, 70% use public wifi for work and 50% access corporate resources without VPN protection, increasing the risk of credential theft, data interception and unauthorised access.
The report found fewer than 30% of respondents believed their organisation maintained an accurate inventory of software in use while almost 40% said their employer lacked full visibility into the applications employees were using.
It also found that 30% of employees share passwords with others while 55% use work devices for personal activities, increasing exposure to malware, phishing attacks and other cyber threats.
The findings are based on an independent online survey of 684 employees at organisations with between 50 and 500 staff across the UK, US, Germany, France, Spain, Australia, Mexico and Brazil. The research was conducted in April 2026.
Printed Copy:
Would you also like to receive CIR Magazine in print?
Data Use:
We will also send you our free daily email newsletters and other relevant communications, which you can opt out of at any time. Thank you.








YOU MIGHT ALSO LIKE