54% of UK businesses are using AI, and Australia's security crisis is a warning
TL;DR
54% of UK firms are now actively using AI (up from 35% last year), saving an average of 5.2 hours per employee every week, with 95% of SMEs reporting no job cuts. The adoption story is real and genuinely positive. But a Delinea survey reveals that 90% of Australian security teams are being pressured by management to loosen identity controls to speed up AI rollouts, with 40% admitting they lack confidence in governing those AI identities. Meanwhile, a Snowflake report shows 67% of Australian workers are already using non-approved AI tools. The governance gap is real, it is dangerous, and the same pressures are building here.
The UK AI adoption numbers are real, and impressive
The latest figures from the British Chambers of Commerce show 54% of UK firms are now actively using AI. That is a massive jump from 35% last year. More importantly, the feared mass job displacement has not materialised: 95% of SMEs have not had to cut staff. Businesses are instead reporting an average saving of 5.2 hours per employee every single week, people freed up to do higher-value work, not pushed out the door.
This is the outcome everyone hoped AI would deliver: augmenting people, not replacing them. The momentum is real, the productivity gains are tangible, and any business sitting on the sidelines is going to feel it.
Why Australia's security situation should concern every business leader
A Delinea survey pulled back the curtain on a culture of willful negligence inside Australian organisations. A staggering 90% of Australian security teams are being pressured by their own management to loosen identity controls in order to speed up AI rollouts.
The people hired specifically to protect the business are being told to look the other way.
It gets worse. 40% of those security professionals admit they lack confidence in their ability to govern the AI identities they are being forced to approve. This is not a calculated risk. It is reckless.
What does loosening identity controls actually mean?
Loosening identity controls means letting AI agents, bots, and algorithms access sensitive systems and data without the same rigorous checks you would apply to a human user. It is handing a master key to an untested system and hoping nothing goes wrong.
When AI with privileged access is running through your network, you are one small error or one malicious actor away from a catastrophic breach. That AI can read customer data, access financial records, and modify critical infrastructure, and the people in charge have said: let it in, we will worry about the consequences later.
The traditional security perimeter is gone. The new battlefield is identity, and right now, some businesses are handing the enemy the keys.
See where AI fits in your business. Free.
A 45-minute audit. We map the highest-value automations and what they're worth in time and money. No pitch, no pressure.
The shadow AI epidemic is already inside your business
A Snowflake report reveals that 67% of Australian workers are using non-approved AI tools. Your team, with the best of intentions, is bringing unsecured, ungoverned AI into your business, feeding company data, customer information, and intellectual property into platforms that no one in IT can see or control.
This is how breaches happen. A sales rep uploads a customer database into a "free" AI email tool to hit a quarterly target. That tool is operated by a company that sells data to the highest bidder. Suddenly, your entire client list is available to competitors. Not malicious in intent. Catastrophic in impact.
The same risk exists in finance teams using AI-powered spreadsheet tools that send data to unsecured servers, and marketing teams using AI image generators that produce copyright-infringing content. Shadow AI is a silent, creeping threat that undermines every other security effort you are making.
The governance gap: how Singapore and the UAE are doing this differently
Not every country is removing guardrails. In Singapore, the Prime Minister has personally pledged "no jobless growth" and established a National AI Council to guide national AI strategy, investing heavily in AI education and building clear frameworks for ethical development and deployment.
In the UAE, 30% of organisations already have dedicated AI ethics boards. They are building guardrails while others tear them down.
Australia, by contrast, is choosing speed over safety. That is a race to the bottom, and it stands in stark contrast to the mature, strategic approach being taken elsewhere. Trust is the currency of the digital age. If customers do not trust you to handle their data responsibly, they will take their business elsewhere.
Good governance is not the enemy of speed. It enables it
Good governance is not about slowing down innovation. It is about enabling it. It is about creating a framework where you can experiment and push boundaries, but do it in a controlled, secure way that is aligned with your business values.
Without that framework, you are not innovating. You are gambling. And the house always wins.
Why UK businesses need to pay attention right now
The same pressure to deliver, innovate, and keep up with the competition exists right here. The question is whether you are going to let that pressure force the same mistakes.
Have you asked your IT team if they have been pushed to cut corners? Do you have a clear policy on external AI tools? Do you know what data your team is feeding into them? If the answer to any of those questions is "I don't know, " you have a problem.
The biggest risk with AI is not that it will take over the world. It is that poor implementation destroys your own business from the inside.
What to do this week
Three concrete actions you can start today:
Have the leadership conversation. Get your team in a room and ask the hard questions: What AI tools are we currently using? Who approved them? What data are they accessing? What is the plan if something goes wrong? You cannot manage what you do not measure.
Write an AI usage policy, even a one-pager. Which tools are approved? What data can be used in them? Who signs off on new tools? Get it in writing and make sure everyone in the business reads it.
Invest in visibility. You cannot protect what you cannot see. Identify every AI tool running inside your business (sanctioned and unsanctioned) and audit what data is being accessed. That exercise alone will surface risks you did not know you had.
Where to from here
Book a free 60-minute AI audit: we'll explore exactly what workflows are worth augmenting with AI.
Live with passion & AI,
Brett
Need an AI operator inside your team?
Place a Chief AI Officer, an AI Officer, or embed an Anaboo Forward Deployed Engineer for 3–6 months.
Frequently asked questions
What percentage of UK businesses are currently using AI?
+
According to the British Chambers of Commerce, 54% of UK firms are now actively using AI, up from 35% the previous year.
How much time is AI saving UK employees each week?
+
UK businesses are reporting an average saving of 5.2 hours per employee every week, and 95% of SMEs have not had to cut staff as a result of AI adoption.
What did the Delinea survey find about Australian security teams?
+
A Delinea survey found that 90% of Australian security teams are being pressured by their own management to loosen identity controls to speed up AI rollouts, and 40% of those professionals admit they lack confidence in governing the AI identities they are being forced to approve.
What is shadow AI and why is it dangerous?
+
Shadow AI refers to non-approved AI tools employees use without IT oversight. A Snowflake report found 67% of Australian workers are using such tools, creating serious risks around data leakage, intellectual property exposure, and unmonitored access to sensitive systems.
How are Singapore and the UAE approaching AI governance differently from Australia?
+
Singapore's Prime Minister has personally pledged 'no jobless growth' and established a National AI Council. In the UAE, 30% of organisations already have dedicated AI ethics boards, both countries are building governance frameworks while others dismantle them.
What is an AI usage policy and does my business need one?
+
An AI usage policy outlines which tools are approved, what data can be used within them, and who must sign off on new tools. Even a one-page policy gives your team clear guidance and significantly reduces the risk of unsanctioned AI entering your business.
What is the biggest risk of poor AI governance for UK businesses?
+
The biggest risk is not AI replacing people. It is that poor implementation, absent governance, and unsecured tools destroy a business from the inside through data breaches, regulatory penalties, and the permanent loss of customer trust.
Brett is a four-time founder (Darra Tyres, Gladfish, EzyTrac, Anaboo) and the operator behind AIOS, Anaboo's AI Operating System. He writes from inside the build, installing AI in his own businesses first and reporting back what actually moves the numbers. Based between Singapore, the UK and Australia.
