Over the past 2 months, we invited businesses to take our AI Cyber Readiness Assessment designed to help organisations understand how well they’re adapting to the new age of AI-powered threats.
The results are in, and they paint an interesting picture:
37.6% – Ouch, that’s not great.
50.5% – Things could be improved.
11.9% – That’s great!
So what do these numbers really mean? Let’s take a look at some of the key insights from these set questions.
1. How do you log in to your computer?
The most secure option is passwordless login, using a PIN, fingerprint, or facial recognition.
Why? Because AI-powered password-cracking tools can now generate or predict passwords based on personal data leaks and online behaviour.
Even two-factor authentication isn’t fool proof if an attacker already has access to your inbox or device.
Coffee Cup Tip - Consider moving towards passwordless authentication to stay ahead of evolving threats.
2. Are your high-risk users properly protected?
Directors, finance managers, and executives are top targets for AI-driven impersonation attacks.
Ensuring these individuals have extra layers of monitoring and security (such as conditional access or heightened MFA) can make all the difference.
If a bad actor gets into your director’s inbox, they’ve got your business.
3. How do you handle suspicious emails?
AI-generated phishing is smarter than ever, and often indistinguishable from the real thing.
Every suspicious email should be reported to IT immediately to help improve system defences and avoid breaches.
Coffee Cup Tip - Remember, one click can compromise an entire network.
4. Do your team use personal devices for work?
Accessing company emails or data on personal devices opens a dangerous backdoor.
AI tools can link personal accounts to corporate ones, making non-managed devices a weak link in your security chain.
Coffee Cup Tip - Only allow company-managed devices to connect to sensitive data.
5. How often do you receive cyber security training?
AI is making cyber threats faster, smarter, and more deceptive.
Training every 1–3 months helps your team spot and stop threats before they cause real damage.
Coffee Cup Tip - Cybersecurity awareness is your first line of defence.
6. Do you get alerts for unusual login activity?
AI-powered attacks often come from outside the UK using stolen credentials.
If your IT systems don’t flag unusual login locations, you could miss the signs of a breach.
Coffee up Tip - Set up geolocation alerts and review every login attempt that looks suspicious.
7. Are your staff using AI tools securely?
AI tools are fantastic for productivity but they can also be a data leak risk.
Without an AI usage policy, confidential information could be stored or shared unintentionally.
Coffee Cup Tip - Educate your team on what’s safe to share with AI and what isn’t.
The Takeaway
AI-driven cyber attacks aren’t just coming in the future, they’re already here; from deepfake CEO calls to data leaks via AI chat tools, the landscape is changing fast.
Our assessment revealed that nearly 90% of businesses still have significant gaps in their AI readiness.
If you’d like to know exactly where your risks lie, you can book in for one of our AI Readiness Assessments, a complimentary in-person or Teams review that identifies vulnerabilities before bad actors do. Book your assessment today HERE or email hello@coffeecupsolutions.com