Enterprises have spent two years and serious money learning to use AI without leaking data. Most of that journey, a smaller firm can skip.

Picture a sales rep at a promotional merchandise supplier, between meetings, clearing a backlog of quotes from a phone. A distributor has sent through a brief; client name, budget, the artwork they’re after. It needs turning into a polished response before the next appointment. So the rep opens ChatGPT, pastes the brief straight in, and asks for a draft. Reply sorted, on to the next one.
Nothing about that feels reckless. It’s quick, it’s free, and it works. But that brief has just left the building. It’s gone into a tool the company never chose, on an account nobody controls, and where it ends up next is anyone’s guess. To be clear, this is not about OpenAI’s servers being compromised, networks log traffic, data can leak throughout its journey.
This has a name now: shadow AI, staff using AI tools the business hasn’t sanctioned, usually with the best of intentions. And it’s the clearest single example of a bigger story, one that large companies have spent the past two years working through, often the hard way. The useful part for a smaller business is that you can read the map before making the journey.
What the big companies learned
Microsoft’s 2026 Data Security Index surveyed more than 1,700 security leaders at large organisations. A caveat that actually matters: every one of those companies has 500-plus staff, and many have a dedicated security chief. So the numbers are not about firms your size. The principles behind them are — and separating the two is the whole point of what follows.
Read across the report and a pattern emerges that looks a lot like a journey in three stages. First, large companies noticed their people were quietly using AI everywhere, and panicked a little. Then they put controls in place. Now, increasingly, they’ve turned AI into something they use to defend themselves rather than just worry about. Call it a maturity curve.
The early panic is easy to see in the data. Almost a third of these organisations — 32% — say AI was involved in at least one of their data security incidents. In response, the share putting specific controls around staff AI use in place climbed from 39% to 47% in a single year. That is a lot of large, well-resourced companies all reaching for the brakes at once.
None of the specific machinery they reached for will fit a ten-person supplier, and that’s fine. What carries across is the themes of the lesson, not the specifics. Here are the three to think about.
Lesson one: the risk is universal, and a small firm is more exposed, not less
The thing driving all that enterprise anxiety is straightforward. People like using AI, and they’ll use it whether or not the business has a view. Microsoft’s research found more than 70% of office workers bringing their own AI tools to work — their own accounts, sometimes their own devices, sitting outside anything the company can see.
Smaller firms are doing exactly the same, just without the safety net. The Federation of Small Businesses found that AI use among small firms has nearly tripled in two years, from 20% in 2023 to 55% now. Worry has climbed alongside it: 92% of small firms now have concerns about AI risks, up from 73% two years ago. Security sits high on that list.
Here’s the part worth sitting with. The enterprises in that 32%-of-incidents figure had firewalls. They had blocked tools, approved-software lists, training days. They had a security chief whose entire job was to stop sensitive data wandering off — and it wandered off anyway. A small promotional merchandise business has none of that. Same exposure, fewer guardrails, and usually nobody whose actual job is to notice. The lesson from the enterprise data is not “relax, you’re small.” It’s the reverse.
Lesson two: you can’t protect what you can’t see
Large companies spend heavily on tools that give them a single view of where all their data sits and who’s touching it, the sort of dashboard that makes sense when you’re stitching together fifteen systems across four countries. A small firm needs none of that, and shouldn’t buy it.
But the principle underneath it is one of the cheapest wins available to a smaller business. Before anything can be protected, someone has to know what’s actually happening. For an enterprise that means a dashboard. For a small supplier it means knowing which AI tools the team genuinely uses, and what they’re putting into them — a question you can usually answer over a coffee rather than with software.
This matters because there’s a gap most businesses don’t realise they have. The government’s own research into AI adoption found that even firms already using AI were often unclear about what the tools were actually doing — where the data went, how the thing worked under the bonnet. People were using AI confidently and understanding it barely at all. It’s hard to make sensible decisions about a tool you can’t see and don’t quite understand, which is why visibility comes first.
Lesson three: keep a person in the loop
The newest stage of the enterprise journey is using AI to do security work itself — including AI “agents,” tools that don’t just answer questions but take actions on their own. Even as they adopt this, the same leaders keep flagging one worry: 38% are uneasy about these tools acting without a human checking the work.
A smaller firm will almost certainly never run a security agent. But the instinct to never let AI output go out of the door unchecked is the one defensive idea that transfers intact, and the trade already knows why. Anyone who’s stood at a stand recently has seen the AI-generated artwork problem: a distributor briefs a supplier with a beautiful AI image that simply cannot be produced — colours that won’t print, a finish that doesn’t exist, a decoration method nobody offers. It looks finished. It isn’t. Nobody who knew the job checked it before it went out.
That’s the whole principle in one familiar picture. “Human in the loop” isn’t jargon for something complicated; it just means someone who understands the work looks at what the AI made before anyone relies on it. The artwork that can’t be printed and the quote built on a number the AI invented are the same mistake.
The advantage of being small

Read all this back and it can sound like a warning. It’s closer to the opposite. The large companies in that Microsoft research spent the better part of two years and real budget climbing the curve from panic to sensible use. A smaller business can skip most of that middle, precisely because it’s small.
A firm of five hundred people needs committees and platforms and a change programme to get a grip on how staff use AI. A firm of twelve needs a conversation and a single side of A4. The same outcome that takes an enterprise eighteen months is, for a small business, mostly a Tuesday afternoon. Size is the advantage here, not the handicap.
Where to start
If you want a concrete first step that costs nothing, the National Cyber Security Centre — the UK’s official cyber body — has built a free Cyber Action Toolkit aimed squarely at organisations with fewer than 50 staff. There are 5.5 million such organisations in the country, and the toolkit is deliberately built for people with no IT department, putting the high-impact, low-effort actions first. It pairs naturally with Cyber Essentials, the government-backed certification that shows customers you take their data seriously — increasingly something distributors and end clients actually ask about.
The AI-specific piece is simpler than it sounds: one page that says which tools are fine to use, and what should never be pasted into them — client lists, pricing, anything you wouldn’t email to a stranger. That single page does most of the work an enterprise spends a fortune on.
Which brings us back to the rep with the phone and the distributor’s brief. The fix was never to ban the tool, the tool is genuinely useful, and banning it just drives it further underground. The fix is that the rep knows, before pasting, what’s fine to share and what isn’t. That’s it. That’s the whole journey the big companies took, minus the eighteen months.
There’s a good deal more in the FSB’s research than the headline figures — a detailed picture of what small firms are actually worried about when it comes to their data, their intellectual property, and who carries the can when an AI tool gets something wrong. That’s a piece in its own right, and it’s the one we’ll write next.

