Your team is already using AI.
Does your security know that?
AI risk assessment · Data governance · Acceptable use · Shadow AI · Secure deployment
Staff are using ChatGPT, Copilot, and dozens of other AI tools for real work, right now, without any policy, training, or oversight. Client data goes in. Confidential drafts go in. Legal documents go in. The risk is not hypothetical and it is not future-dated. It is operational today, and it sits entirely outside most SME security programmes. DefendVista maps your actual AI exposure and builds governance that fits how your business works.
Enterprise AI governance frameworks do not fit SME reality.
Large-firm AI programmes assume dedicated legal, compliance, and data teams, plus full visibility of every tool in use. UK SMEs adopting AI are typically working from the other direction: usage is already widespread, governance does not exist yet, and the frameworks being published for large organisations are built for environments with resources SMEs do not have. The approach has to start with what is actually happening.
Shadow AI is not a future risk
Staff are not waiting for policy. They are using AI tools now to do their jobs faster and better: drafting documents, summarising meetings, writing code, analysing data. The data going into these tools is real. When a solicitor drafts advice with client details in a public AI tool, the risk is immediate. An AI readiness programme that starts with policy before discovery is building rules for behaviour that is already entrenched.
Copilot and embedded AI change the threat model
Microsoft 365 Copilot does not sit outside your perimeter: it operates inside it with full access to emails, files, Teams messages, and calendar data. Deploying it without reviewing permissions, data classification, and sensitivity labels first means granting a capable AI assistant access to everything your staff can see, including the data they probably should not be able to see in bulk. The data governance problems Copilot surfaces were usually already there. Copilot just makes them visible and consequential.
Regulatory expectations are already set
The ICO has published clear guidance on AI and data protection. GDPR applies to prompts that include personal data. Automated decision-making rules apply when AI outputs influence decisions about individuals. SRA, FCA, and CQC-regulated firms have additional obligations specific to their sectors. This is not a framework in development: the expectations exist now, and the gap between what most SMEs are doing and what is expected is widening as AI usage accelerates.
Four risk patterns. Consistent across sectors. Different first priorities.
The specific tools change across organisations. The underlying risk patterns are consistent. Each one requires a different control, but all four need to be addressed before an AI programme can be described as governed.
Staff paste real content into ChatGPT, Claude, Gemini, and similar tools because they are useful. The content includes client names, financial figures, legal advice, medical information, and commercially sensitive material. Most public AI tools are operated by US-based companies. Their training data policies, data retention practices, and sub-processor chains often conflict with GDPR obligations, whether or not the staff member sending the prompt is aware of this.
Copilot operates with the permissions of the user running it. If your data governance is weak: broad sharing permissions, no sensitivity labels, unreviewed legacy content with wide access, then Copilot can surface and summarise data that individuals technically have access to but would never locate manually. This includes HR data, board documents, and commercially sensitive files stored in SharePoint or OneDrive with overly permissive access.
Zoom AI Companion, Salesforce Einstein, HubSpot AI, Notion AI, and dozens of other tools are adding AI features to products your staff are already using and already trust. These features are often enabled by default or opted-in by an administrator without a security review. The data being processed by vendor AI includes meeting recordings, CRM data, email content, and support conversations: often the most sensitive operational data you hold.
Professional services firms, healthcare providers, and regulated businesses are using AI to draft advice, summarise records, and prepare documents. The regulatory and professional obligations around this are not uniformly clear, but the risks are: hallucinated content presented as fact, client advice influenced by AI without disclosure, and an absence of human oversight on outputs that carry real professional and legal weight. The liability sits with the professional, not the AI tool.
What good looks like: governed vs ungoverned AI use.
The gap between ungoverned and governed AI use is not primarily technical. It is policy, training, discovery, and accountability. This comparison maps what each state looks like in practice for a typical UK SME.
- Staff use AI tools without any policy or guidance on what data can go in
- No visibility of which tools are in use across the business
- Copilot deployed before permissions or data classification are reviewed
- Vendor AI features enabled by default with no security review or updated DPA
- AI-generated professional advice or legal documents used without human review or disclosure
- No training on AI limitations, hallucination risks, or professional liability
- No process for staff to raise concerns about AI outputs or data handling
- Incident response plan does not account for AI-related data exposure events
- Acceptable use policy with explicit permitted and prohibited data categories and tool types
- Discovery exercise identifies all AI tools in use, including shadow AI and vendor-embedded features
- Copilot readiness review completed: permissions tightened, sensitivity labels applied, over-shared content addressed before deployment
- Vendor AI inventory maintained and reviewed when tools update their AI features
- Sector-specific guidance for regulated contexts with clear review and disclosure requirements
- Staff training built around actual usage patterns with practical permitted/prohibited examples
- Escalation and reporting process for AI data concerns embedded in normal working practice
- AI data exposure included in incident response scope with specific first-actions documented
Every item in the ungoverned column represents a potential GDPR exposure, either through data processed by third-party AI without a lawful basis, personal data shared without appropriate safeguards, or automated decision-making without the required transparency and controls. The ICO has been explicit that it will not treat AI use as a special category exempt from existing data protection law.
What the AI Security Readiness service covers.
The service is structured to work from discovery outward: understanding what is actually happening before building policy, controls, and training around it. There is no assumed starting point: no existing AI programme is needed.
AI tool and usage discovery
Structured discovery of which AI tools are in use across the business, including tools procured by IT, tools chosen independently by staff, and AI features added to existing software by vendors. Outputs include a tool inventory, a data category map of what is going into each tool, and a prioritised risk view before any policy is written.
Acceptable use policy and AI governance framework
An acceptable use policy built around your actual tool inventory and the data categories that matter to your business and your clients. Clear permitted and prohibited categories. Guidance for regulated contexts. Version-controlled and linked to your broader data protection documentation. Not a template: a policy that reflects how your business operates and what your staff are actually using.
Copilot readiness review and pre-deployment hardening
If you are deploying or have already deployed Microsoft 365 Copilot: a review of your permissions model, sensitivity labels, sharing settings, and data classification against what Copilot will be able to access and surface. Identification of over-shared content that needs access restrictions. Recommendations for configuration that limits exposure without blocking the productivity value you are deploying Copilot to deliver.
Vendor AI inventory and data processing review
An inventory of AI features in your existing software stack and a review of the data processing implications: updated data processing agreements, sub-processor chains, data residency, and whether vendor AI use is consistent with what you have told your clients and regulators. Actionable output for each tool: confirm, restrict, or address.
AI security awareness training
Practical training built around your actual tool inventory and the real risks in your sector. Not generic AI awareness: specific guidance on permitted and prohibited use, how to handle requests from clients or senior staff to use AI in ways the policy prohibits, how to spot AI-related data incidents, and how to raise concerns. Delivered in a format that fits how your business trains staff.
Sector-specific AI compliance guidance
For professional services, healthcare, legal, and financial services firms: sector-specific guidance on AI use in regulated contexts. SRA, FCA, CQC, and ICO obligations mapped to your actual usage. Disclosure requirements, human oversight requirements, and professional liability considerations built into your acceptable use framework.
From discovery to governed programme in four stages.
The service runs from a standing start: no existing AI programme, no prior audit, no assumptions about what tools are in use. Each stage builds on the output of the previous one.
Scoping and discovery call
A structured one-hour session to map your current AI tool landscape: what your IT team has deployed, what you know staff are using, and what you suspect may be in use that has not been reviewed. We confirm the scope of the engagement based on your sector, size, and regulatory context. No preparation required on your side.
AI risk assessment
A structured review of your AI tool inventory against your data categories, regulatory obligations, and client commitments. We identify which tools present the highest risk, what data is most exposed, and where the gaps between current practice and required governance are largest. This is the foundation everything else is built on: policy written before assessment is policy written blind.
Policy, controls, and Copilot hardening
Acceptable use policy, governance framework, and any technical controls available for your specific tool set. If Copilot is in scope: permissions review and pre-deployment hardening recommendations. Vendor AI data processing review with confirmed, restricted, or address output for each tool. All policy documentation version-controlled and integrated with your existing data protection documentation.
Training, handover, and review cadence
Staff training delivered around actual usage and sector context. Handover of all documentation with owner-level explanations rather than technical artefacts that sit unread. A recommended review cadence: AI tools and vendor features change faster than annual review cycles can handle, so the programme is designed to be updated, not just completed. Ongoing support available for questions as your AI landscape evolves.
Full AI tool visibility
An inventory of every AI tool in use across your business, including shadow AI and vendor-embedded features, with a data category map for each one.
Acceptable use policy
A policy built around your actual usage, not a template. Clear permitted and prohibited categories that staff can understand and apply in practice.
Copilot readiness
Permissions, sensitivity labels, and sharing settings reviewed before or alongside Copilot deployment. Over-shared content addressed. Configuration recommendations documented.
Regulatory alignment
ICO AI guidance, sector-specific obligations, and professional body requirements mapped to your actual programme. Evidence available for client questionnaires and audits.
Practical staff training
Training built around real tools and real risks in your sector. Not generic AI awareness: specific guidance your staff will recognise from their own working day.
Ongoing review cadence
A programme designed to be updated as your AI landscape changes. Recommended review triggers and cadence, with DefendVista available for ongoing advisory support.
From quiet experiments to controlled advantage.
This is a composite trajectory from UK SMEs we work with. Different industries, same pattern: AI creeping in faster than governance can keep pace.
30 to 300 staff, a mix of knowledge work and operations, early but enthusiastic AI usage spreading across teams without a formal programme.
Starting point.
- Marketing, operations, and finance teams quietly using public AI tools for real work.
- Managers unsure what is actually allowed, but keen not to be seen as holding people back.
- No formal AI policy. A vague mention tucked into an existing IT or HR document nobody can find.
- Customer and supplier contracts increasingly mentioning AI use but no internal position to respond with.
- Leadership aware they cannot put AI back in the box, but also do not want to be the next cautionary headline.
After an AI Security Readiness sprint.
- Documented map of current AI usage across the organisation, including tools IT did not procure.
- Simple, tiered data classification directly linked to AI usage rules staff can apply without guessing.
- Approved tools and permitted patterns, with explicit red lines on what is out of bounds and why.
- Short, plain-English staff guidance that managers can explain in five minutes.
- Board-level summary of AI risk, agreed appetite, and prioritised safe use cases to encourage.
AI does not become risk-free. But it does become visible, directed, and governed rather than a free-for-all behind the scenes.
Right for your business if any of these are true.
The AI Security Readiness service is built for SMEs with real AI usage and no governance in place yet, not for organisations with dedicated AI ethics teams and existing compliance programmes.
- Staff are already using AI tools and you have no acceptable use policy
- You are deploying or planning to deploy Microsoft 365 Copilot
- You operate in a regulated sector (legal, financial services, healthcare) and are uncertain about AI compliance obligations
- Clients or your supply chain are starting to ask about your AI governance in questionnaires
- A senior leader or board member has flagged AI risk and you need a structured response
- You have had a near-miss: a staff member almost sent, or did send, sensitive data into a public AI tool
- You are building or reviewing your GDPR documentation and AI is not yet addressed
- You have an existing, documented AI governance programme and are looking for a technical AI red-team or model security assessment (a different specialisation)
- You need regulatory legal advice rather than security and governance guidance (we work alongside your legal advisers, not as a replacement for them)
- Your business has fewer than five staff and no externally-facing systems or regulated client data
Your staff are already using AI. The question is whether your governance has caught up.
The AI Security Readiness assessment starts with a one-hour scoping call: no preparation required, no existing AI programme assumed. We map what is actually happening in your business, identify the highest-priority exposures, and build a programme that fits how you work and what your regulators and clients are starting to ask for.
If sensitive or personal data has already been submitted to an AI tool without appropriate safeguards, there may be GDPR notification obligations. Call before you decide whether to report or what to tell clients.