Listen to this Post

Introduction
Artificial intelligence adoption inside workplaces is accelerating faster than most organisations can govern it. A new behavioural dataset from Redflags highlights a growing imbalance: AI usage is not evenly distributed across employees, but instead concentrated in a small group of highly active users. While AI tools are becoming mainstream in daily workflows, the way employees actually use them reveals emerging risks around data security, governance gaps, and “shadow AI” behaviour that traditional policies struggle to control.
Summary of the Original Report
A new behavioural study from Redflags reveals that AI usage in UK workplaces is heavily concentrated among a small group of employees. Only 3% of workers are responsible for 18% of all AI-related activity on corporate devices, averaging 235 AI interactions each, compared to 35 for the typical employee. The findings are based on real device-level telemetry collected across 44 organisations in sectors such as financial services, engineering, manufacturing, and government.
The report, known as the Redflags Behavioural Impact Report 2026, analysed more than 29 million behavioural nudges delivered throughout 2025. It shows that AI tool usage increased significantly, with a 43% year-on-year rise in visits to AI websites. At the same time, 91% more companies began actively monitoring AI usage, indicating rising awareness among security teams.
A major concern highlighted in the report is “shadow AI,” where employees use unapproved tools, upload sensitive files to AI platforms, or access services without corporate authentication. These behaviours create hidden data egress risks that are difficult for organisations to track or control. The data shows that OpenAI dominates workplace AI usage with 93% of visits, while Google’s Gemini accounts for 5%. Tools such as Microsoft Copilot, Perplexity AI, Anthropic Claude, and DeepSeek each remain below 1%.
Security leaders quoted in the report emphasize that governance is struggling to keep up with rapid behavioural change. They argue that AI adoption is not only a technical issue but also a psychological one, driven by novelty and reward-seeking behaviour. Employees are naturally drawn to new tools, making AI adoption difficult to regulate through policy alone.
Alongside AI risks, the report also revisits traditional cybersecurity threats. Clicking links in emails from unknown senders remains the most common risky behaviour, flagged in 93% of organisations. However, behavioural nudges significantly reduce risk, with a 35% average reduction in unsafe clicks and up to 83% improvement in the best cases. Over time, employees also become more cautious, showing increased verification behaviour and fewer password entries on suspicious sites.
The report concludes that the most effective security strategies are those that focus on real behaviour rather than assumed compliance. It also suggests that targeting the small group of heavy AI users may be more effective than applying blanket restrictions across entire organisations.
What Undercode Say:
The most important signal in this report is not AI adoption itself, but its uneven distribution. When just 3% of employees generate nearly a fifth of AI interactions, it creates a predictable risk concentration point inside organisations. These users are often power users, but also potential vectors for unintentional data exposure if they operate outside approved workflows.
The dominance of OpenAI indicates that workplace AI ecosystems are currently centralising around a single platform rather than diversifying. This centralisation simplifies some governance challenges but amplifies the impact of misconfiguration or misuse within that platform.
The rise of “shadow AI” is more concerning than raw usage growth. Employees uploading files into external AI tools effectively bypass traditional data loss prevention systems. This creates blind spots where sensitive corporate information may be processed outside regulated environments without audit trails.
The behavioural angle is particularly significant. The report correctly identifies that AI usage is driven by cognitive reward loops. This means organisations cannot rely solely on training or policy enforcement because user behaviour is reinforced at a neurological level through novelty and instant feedback.
The 91% increase in organisations monitoring AI usage suggests that security teams are reacting, but likely still lagging behind actual employee behaviour. Monitoring alone is not governance; it is observation. The gap between visibility and enforcement remains a key weakness.
From a risk management perspective, targeting the 3% of high-usage employees is a more efficient strategy than broad restrictions. These users act as behavioural hubs, meaning their actions disproportionately influence organisational exposure.
However, this approach also carries ethical and operational challenges. Over-monitoring a small group may discourage innovation or push usage further into unsanctioned tools, increasing shadow AI activity rather than reducing it.
The phishing data included in the report reinforces a broader lesson: human behaviour remains the weakest link in cybersecurity. Even with advanced tools, simple email-based attacks continue to succeed because they exploit instinctive decision-making patterns.
The success of behavioural nudges shows that intervention at the moment of action is more effective than abstract training. This aligns with cognitive science models that separate fast intuitive thinking from slower analytical reasoning.
In the long term, organisations will likely need hybrid governance models that combine monitoring, behavioural intervention, and controlled AI access layers. Pure restriction strategies are unlikely to succeed in environments where AI is embedded into productivity workflows.
The central tension revealed in the report is between productivity and control. AI tools increase efficiency, but also expand the attack surface for data leakage. Managing this balance will define enterprise security strategy over the next decade.
Fact Checker Results
✅ Data on AI usage concentration aligns with behavioural telemetry-based research methodology described in the report
⚠️ Specific percentages and vendor dominance reflect reported findings but may vary across different organisational environments
❌ Claims about neurological reward responses are interpretive and not directly measurable within the dataset
Prediction
AI usage in enterprises will become even more concentrated among a small group of “super users,” increasing both productivity gains and security risks ⚠️
Organisations will shift from blanket AI restrictions to behavioural targeting and real-time monitoring systems
Shadow AI usage is likely to increase before governance frameworks fully mature, creating a short-term rise in data exposure incidents
🕵️📝Let’s dive deep and fact‑check.
References:
Reported By: www.itsecurityguru.org
Extra Source Hub (Possible Sources for article):
https://www.linkedin.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
Bing
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon




