A disturbing trend is emerging in UK businesses: 'shadow AI', where employees are secretly using Artificial Intelligence tools without their organisation's knowledge or consent. A recent study by Okta reveals a shocking disparity between what executives think they know about AI adoption and the reality on the ground. While 96% of UK bosses claim to have full visibility into the AI applications being used, the truth is that many staff are quietly bypassing official channels to get their hands on cutting-edge tech.
This 'shadow' phenomenon – detailed in Okta's AI Agents at Work 2026 study – sees employees using unapproved AI tools for tasks ranging from content creation with generative AI to more complex data analysis. The drivers behind this are clear: staff want to boost productivity, efficiency, or access features not yet integrated into company systems. However, the risks are very real – and potentially catastrophic.
Unsanctioned AI tools can expose sensitive company and customer information to security threats, while also posing significant compliance challenges. The GDPR is a particular concern: data processed by unknown AI agents could fall outside of legal frameworks, leading to hefty fines and reputational damage. And it's not just about the law – the lack of visibility into shadow AI makes it impossible for businesses to accurately assess their overall AI strategy and investment.
The study's findings are a wake-up call for UK organisations. To bridge this perception gap, they'll need to adopt a multi-faceted approach: clear policies, officially sanctioned tools that meet employee needs, open communication channels, education campaigns, and – crucially – empowerment of staff to use AI responsibly within official guidelines.