Alastair Paterson Is The Co-Founder And CEO Of Harmonic Security.
Alastair Paterson is the co-founder and CEO of Harmonic Security.
As CEO and co-founder, I recently had my team at Harmonic Security analyze nearly 2 million minutes of at-work AI use to find out how employees are actually using AI tools in their roles. The study was conducted across a panel of enterprise organizations over seven weeks, ending in April 2026.
In conducting this study, our goal was to move beyond standard AI adoption metrics and to discover the extent to which organizations are set up to truly get ROI from their AI investments.
One finding that stood out to me was that while almost every organization is pouring money into AI, employees are struggling to get the memo that they should only use the AI tools their organizations provide them with.
To gain oversight and to ensure their AI investments are tangible, companies need to set firmer boundaries between personal and enterprise AI tools, with less crossover between the two.
Employees are using their own personal AI tools at work—e.g., the free versions of ChatGPT, Claude and Gemini—64% of the time they’re using it for business-related activity.
Unless controls are in place, this activity is completely invisible to an employer. Employees could be pasting prospect lists, deal notes and pitch drafts, often into whatever AI tab they have open. In many cases, this practice can break legal data protection regulations.
This also means proprietary (or even confidential) information can leave the business. Without proper configurations, that data could also surface in another user’s prompt. When an employee leaves the business, this information can leave with them in the logs of their AI tools, which is a particular concern if they move to a competitor.
To some extent, this reminds me of the early days of so-called "bring your own device," when employees would use their personal mobile devices for work with company emails and data outside the control of the organization. Of course, organizations quickly caught up with mobile device management software, but for a time, there was a gap, and that’s largely where AI adoption is now.
Interestingly, the reverse is equally true, with 45.6% of employees' personal AI activity flowing through enterprise tools that their company is paying for. This means that the high-powered, professional versions of the same tools mentioned above are being used for work just 55% of the time.
These tools don’t come cheap, with per-seat licensing that I've seen typically costing a minimum of $25 per user per month—and that’s before extra costs for usage—so frivolous image and video creation can rapidly burn tokens.
Organizations are flying completely blind if they don’t know what they’re spending those tokens on, making it impossible to measure return on investment. AI usage intelligence, therefore, needs to be mapped across both sanctioned and unsanctioned tools to tell leaders what tools are worth it and, more usefully, where to invest next.
We also looked across all six AI tools (ChatGPT, Claude, DeepSeek, Gemini, Microsoft Copilot and Perplexity) to see if there was any notable difference in terms of what work they’re used for.
Broadly speaking, the answer is "no" with tasks consistent across the board. For example, efficiency and automation tasks dominate AI usage across all tools and account for 47% of usage. According to our report, "there are tool-specific nuances (Claude does notably more decision support than ChatGPT, 31% vs 17%, and Microsoft Copilot leans hardest on efficiency at 57%), but the overall hierarchy holds across every platform."
This matters for security teams since their work is concentrated on efficiency, risk and decision support. These are categories that carry meaningful data exposure regardless of which AI an employee opens.
Security controls that focus on which tool an employee uses will not meaningfully change what data they share with it, so coverage instead has to follow the user rather than the application.
Simply providing an employee with an AI tool doesn’t mean it’s the one they will use or that they will use it in the right way. That said, organizations can manage these risks by taking the following steps:
• Monitor the free-tier accounts where 64% of business use takes place. Teams that govern only corporate-issued AI accounts are governing a minority of where work actually happens.
• Assess risk from the content of the conversation, not the product tier funding it. Plan tier doesn't reliably predict whether the work happening on it is sensitive. A free-tier session might be a contract review; an enterprise session might be a personal email draft. Controls keyed to the plan tier can misclassify both directions.
• Monitor session depth, not event counts. A 12-minute Claude session on a contract review is structurally different from a two-minute ChatGPT guest synonym lookup. Both register as a single AI event in a usage dashboard. Only one carries material data exposure risk. Session depth is measurable, correlates with the amount of content shared and is a more reliable trigger for investigation than plan type or prompt volume.
• Measure value, not adoption. Vendor dashboards report seats, tokens consumed and monthly active users—these numbers measure adoption, not value. Instead, look at what tasks tools are being used for and their outcomes. For example, seeing 47% of use geared toward efficiency and automation is a strong indicator of workflow acceleration that is potentially delivering measurable results.
Fundamentally governing AI effectively is a measurement challenge. AI moves so quickly that employees will often be ahead of the business and reach for the tool or agent that they perceive benefits their work the most.
Organizations cannot make good decisions about what to restrict, what to expand and where to invest if they’re only watching half the picture, which makes genuine AI usage intelligence an immediate necessity.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
