SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Asia-Pacific firms warned over hidden AI risks at work

Asia-Pacific firms warned over hidden AI risks at work

Thu, 16th Jul 2026 (Today)
Mark Tarre
MARK TARRE News Chief

Senior technology executives warn that Australian businesses face mounting risks as artificial intelligence tools spread rapidly through workplaces. The comments come as organisations mark AI Appreciation Day amid rising concern over hidden and unmanaged use of the technology.

Use of generative AI and automation tools has moved quickly from experimentation into daily workflows across sectors. Employees now rely on AI to draft documents, write code, summarise information and support customer engagement.

Ben Mudie, Field CTO for Asia Pacific and Japan at cybersecurity firm Tenable, said the pace of adoption had outstripped many organisations' ability to manage the risks. He pointed to research showing widespread unsanctioned use of public AI services and a growing "shadow AI" footprint that remains largely invisible to boards.

Studies from Salesforce, Melbourne Business School and Employment Hero indicate that most Australian workers now use AI at work. Many do so without formal approval, and some enter sensitive or personal data into external tools outside company controls.

"AI Appreciation Day shouldn't just be a celebration of productivity. For Australian businesses, it needs to be a reality check on how they're managing risk. The defining feature of this moment is the sheer velocity of AI adoption. Two in three Australian workers are already using AI tools at work, and timelines that used to take days are collapsing into seconds. That pace is unlocking real innovation. But convenience always wins until the consequences catch up and, in Australia, they're starting to. Melbourne Business School's 2025 global trust-in-AI research found 60 per cent of Australian workers have concealed their AI use from their employer, and 48 per cent admit to breaching company policy by entering sensitive data into public AI tools. Separate research published this month by Employment Hero found one in three Australian workers are using AI at work without their employer knowing at all. That's not a handful of edge cases. That's a shadow AI footprint most boards can't see, let alone govern, and it's the same 'reasonable steps' question the OAIC is now actively testing under the Privacy Act. We saw this exact failure mode with rushed cloud migrations a decade ago: convenience outran governance, and organisations spent years unwinding the exposure. This time it's happening faster, and at a far greater scale. This isn't an argument against AI. Its benefits are real. But Australian businesses are building an exponential future on a fragile foundation, and AI Appreciation Day is a reasonable moment to ask whether anyone in the organisation actually owns that risk," Mudie said.

Mudie drew a parallel with the early stages of cloud adoption. Many enterprises moved quickly into hosted infrastructure and software without clear guardrails, then spent years identifying data flows, tightening access and retrofitting security controls.

Regulators have begun to focus more closely on how organisations manage information flowing into AI tools. The Office of the Australian Information Commissioner is testing what constitutes "reasonable steps" under the Privacy Act as large language models and third-party AI services process customer and employee data.

While Tenable's warning centres on risk ownership and policy enforcement, others in the industry emphasise the human and organisational factors shaping AI's impact.

"AI Appreciation Day shouldn't really be about AI. It should be about the people learning how to work with it responsibly, creatively and effectively. Over the past year, AI has moved well beyond experimentation. It's helping developers write code, supporting customer service teams, assisting knowledge workers and accelerating decision-making across almost every industry. But the organisations seeing the greatest value aren't necessarily those deploying the most AI. They're the ones investing in the engineering practices, skills and governance needed to use it with confidence. As AI becomes embedded across every business function, success will depend less on the sophistication of individual models and more on how effectively organisations integrate AI into everyday work, maintain human judgement and deliver outcomes that are transparent and trustworthy. The next chapter of AI won't be defined by who can generate the most content or automate the most tasks. It will be defined by who can combine human expertise with AI to solve meaningful problems, improve customer experiences and create lasting business value. That's what I appreciate on AI Appreciation Day. Not AI replacing people, but AI helping people achieve outcomes that simply weren't possible before," Steve Yurisich, Regional Managing Director APAC at Thoughtworks, said.

Yurisich framed competitive advantage less around proprietary models and more around engineering discipline, staff training and clear governance. He said organisations that embed AI into everyday processes while keeping human judgement central are more likely to gain durable benefits.

Both executives cast AI Appreciation Day as a moment for reassessment rather than celebration. They describe a landscape in which experimentation has become mainstream, but accountability for data, security and outcomes often remains unclear.