WatchGuard Report Finds Shadow AI Raising SMB Cyber Risk

WatchGuard Report Finds Shadow AI Raising SMB Cyber Risk

WatchGuard research finds shadow AI, password reuse and unsafe remote-work habits are widening SMB security gaps and creating opportunities for MSPs.

Written By
Jordan Smith
Jordan Smith
Jul 17, 2026
3 minute read
Channel Insider content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

WatchGuard Technologies, a unified cybersecurity organization for managed service providers (MSPs), recently unveiled new research which found that employee behavior has led to significant and sometimes unseen cybersecurity risks for small- and medium-sized businesses (SMBs).

Unauthorized AI use creates visibility gaps

The 2026 Cybersecurity Hygiene Report found that 64 percent of employees surveyed admit to using unauthorized AI tools for work. This has led to an accelerated expansion of shadow AI – which most organizations lack visibility to manage.

Consumer AI frequently serves as the unauthorized AI tool employees use for work-related tasks, and most organizations haven’t implemented a formal governance posture. 

Fewer than 30 percent of respondents believe their organization maintains an accurate inventory of software in use, and nearly 40 percent say their company operates without full visibility into the applications its employees use.

Password reuse leaves SMB accounts exposed

Common workplace habits have also contributed to increased risk.

A significant percentage (76 percent) of employees admit to reusing passwords across multiple accounts, meaning a single compromised credential could leave an organization susceptible to account takeover, lateral movement, and substantial data exfiltration across multiple systems, platforms, and applications, according to WatchGuard.

Further, 30 percent of respondents also said they share passwords with others.

Remote-work habits expand the attack surface

Employees are also using public Wi-Fi to work a substantial amount (70 percent), and 50 percent said they’ve accessed corporate resources without VPN protection. 

This expands an organization’s attack surface and increases exposure to data interception, credential theft, and unauthorized network access through man-in-the-middle attacks and other threats targeting unsecured connections.

Additionally, 55 percent of employees surveyed reported using work devices for personal activities. This introduces increased risk for malware infections, phishing attacks, and exposure to applications or websites that could bypass organizational security controls.

As hybrid and remote work adoption increases – blurring personal and professional boundaries – new opportunities for attackers to compromise corporate data emerge, making it harder for security teams to mitigate risk.

“Organizations are investing in security tools, but many still lack visibility into how employees actually work,” said Marc Laliberte, director of security operations at WatchGuard. 

“Everyday behaviors, from AI usage to password practices, create risk that traditional controls aren’t designed to address.”

Advertisement

MSPs can turn human-risk gaps into services

MSPs are in a unique position to help SMBs in securing cybersecurity hygiene gaps before they evolve into serious incidents.

“These findings highlight a broader shift in cybersecurity risk. As organizations adopt new technologies and support distributed work, managing human behavior is becoming a core requirement,” said Laliberte. “For MSPs, this is an opportunity to expand beyond technology into user risk visibility, policy governance, and continuous security awareness.”

To accompany the research, WatchGuard provided recommendations to SMBs and MSPs, suggesting that these partners focus on six practical steps:

  1. Enforcing password managers and MFA
  2. Identifying unauthorized or shadow technology use
  3. Establish clear AI acceptable-use policies
  4. Extend protection beyond the office with VPN and zero-trust approaches
  5. Implementing continuous security training
  6. Track human-risk metrics alongside technical indicators
Jordan Smith

Jordan Smith is an enterprise technology and cybersecurity journalist with nearly a decade of experience covering B2B IT, federal technology, artificial intelligence, cybersecurity, cloud computing, and emerging digital trends. His reporting helps business and technology leaders understand how new technologies, security challenges, and infrastructure decisions affect modern organizations. Jordan has reported on enterprise and public-sector technology for TechnologyAdvice, HCLTech, MeriTalk, and Channel Insider. His background spans cybersecurity, cloud infrastructure, AI adoption, digital transformation, and federal IT initiatives, giving him a broad perspective on the tools, policies, and innovations shaping today’s technology landscape. Before joining TechnologyAdvice, Jordan served as a Senior Technology Reporter at MeriTalk, where he covered the federal IT space, and later worked as a US Regional Reporter and Copy Editor/Writer for HCLTech. His experience across reporting, copyediting, podcasting, and event moderation allows him to translate complex technical topics into clear, timely, and useful insights for business audiences. Jordan holds a Master of Arts in Journalism from the University of Nebraska–Lincoln and a Bachelor of Science in Criminal Justice and Psychology from Edgewood University. Through his work, he helps readers stay informed about cybersecurity developments, enterprise technology trends, and the business impact of emerging IT solutions.

Channel Insider Logo

Channel Insider combines news and technology recommendations to keep channel partners, value-added resellers, IT solution providers, MSPs, and SaaS providers informed on the changing IT landscape. These resources provide product comparisons, in-depth analysis of vendors, and interviews with subject matter experts to provide vendors with critical information for their operations.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.