Microsoft has introduced “Mico”, a new animated avatar for its Copilot assistant that can be transformed into the classic Clippy paper clip, a light-hearted feature that sits within a much wider update focused on making AI more personal, expressive, and easier to use across Microsoft’s ecosystem.

What Microsoft Is Launching And When?

Mico is the new on-screen face of Copilot, designed to appear when users activate voice mode. The character is an animated, blob-like avatar that changes colour and expression during conversations, reacts to tone, and can be customised through a palette of colours and voice options. Microsoft says users can choose from eight voices with names such as Birch, Meadow, Rain, and Canyon, with a mix of British and American accents available. Mico can also be switched off entirely, meaning that voice interactions can still take place without any visual assistant.

Only In The US, For Now

For now, Mico is available only in the United States, with Microsoft confirming that a wider rollout to the UK and Canada will follow in the coming weeks. The company’s “Copilot Fall Release” package brings a range of new features, including collaboration tools, expanded integration with third-party apps, and new learning and health functions.

Easter Egg Turns To ‘Clippy’

The most nostalgic element of this change is an Easter egg, and repeatedly clicking or tapping on Mico temporarily changes its appearance to that of Clippy, the animated paper clip that appeared in Microsoft Office 97 to offer context-based help. This “Clippy skin” is not a separate mode but rather a visual overlay, and a small nod to the assistant that many users loved to hate.

Why Microsoft Is Doing This?

The relaunch forms part of Microsoft’s wider effort to humanise its AI tools. Mustafa Suleyman, CEO of Microsoft AI and co-founder of DeepMind, has framed the strategy as “human-centred AI”. In a post announcing the update, he wrote: “Technology should work in service of people. Not the other way around.” The goal, he said, is to make Copilot “helpful, supportive and deeply personal”, empowering users rather than replacing human judgement.

Companion

This reflects Microsoft’s broader positioning of Copilot as an “AI companion”, i.e., an assistant that learns from context, remembers preferences, and provides useful prompts while respecting user control and privacy. Suleyman has also highlighted how Microsoft is “not chasing engagement or optimising for screen time” but instead building AI that “gives you back time for the things that matter”.

Mico’s Personality Designed To Be Useful Not Sycophantic

Jacob Andreou, corporate vice president of product and growth at Microsoft AI, recently explained the design rationale in an interview with the Associated Press, saying: “When you talk about something sad, you can see Mico’s face change. You can see it dance around and move as it gets excited with you.” He added that Mico’s personality was designed to be “genuinely useful” rather than flattering or manipulative. “Being sycophantic — short-term, maybe — has a user respond more favourably,” Andreou said. “But long term, it’s actually not moving that person closer to their goals.”

How It Works

In terms of how Mico/Clippy works, when users activate voice mode by clicking the microphone icon, Mico appears on-screen, listening and responding with animated movements and facial expressions. It can explain topics, summarise documents, or walk users through tasks. Testers have reportedly noted that while it responds naturally, text captions of its spoken replies are not always displayed, meaning conversations are primarily auditory.

Several New Copilot Functions

Beyond the avatar, Microsoft’s Fall (Autumn) Release actually introduces several new Copilot functions. For example, “Groups” allows up to 32 people to participate in a shared Copilot chat, enabling teams to co-plan projects, co-write content or share research. Also, “Connectors” integrate Copilot with apps including Outlook, OneDrive, Gmail, Google Drive, and Google Calendar, allowing users to ask questions across multiple data sources through natural language queries.

Another major change is memory and personalisation. For example, Copilot can now remember user preferences, projects, and recurring tasks, recalling them in future sessions and users retain the ability to edit or delete stored memories. The update also includes “Real Talk”, a new conversation mode that Microsoft says challenges assumptions “with care”, helping users to refine ideas rather than simply validate them.

Health And Learning

It seems that health and learning have become core use cases. For example, according to Microsoft, around 40 per cent of Copilot’s weekly users ask health-related questions. Therefore, to support this, the company has introduced Copilot for Health, built with guidance from medical partners such as Harvard Health, which grounds responses in credible medical information. In education, the new “Learn Live” feature turns Copilot into a voice-enabled tutor that uses dialogue and visual cues to help explain concepts ranging from photosynthesis to computer networking.

Who It’s For?

Mico is essentially designed to appeal to everyday users, families, and students who prefer natural, conversational assistance. Microsoft says it can help users plan trips, research topics, draft content or even provide guidance on everyday decisions. For schools and universities, it could represent an evolution of AI-assisted learning, and one that Microsoft hopes will feel more interactive and approachable than text-only tools.

Was Clippy Just A Bit Before Its Time?

When Clippy appeared in the late 1990s, its design didn’t really match how most people wanted to interact with their computers, yet experts now say users have become much more comfortable with expressive, character-based AI. With advances in technology and a clearer sense of what digital assistants are for, a feature that once felt intrusive is now more likely to be seen as friendly and intuitive.

For Practical Productivity Gains

For professional and business users, the focus of these new features (and the resurrected Clippy) appears to be on practical productivity gains. For example, group chats, shared memory, and cross-app integration all lend themselves to collaborative work and faster information retrieval. In theory, employees could ask Copilot to find key messages across multiple accounts, summarise project discussions, and track progress without leaving a conversation window.

What It Means For Microsoft

The Mico update essentially consolidates Microsoft’s vision of Copilot as a cross-platform assistant embedded within Windows, Edge, and Microsoft 365. By giving Copilot a consistent voice interface and optional visual identity, Microsoft is hoping to strengthen its position against rivals such as Google’s Gemini and OpenAI’s ChatGPT, which are also integrating multimodal and conversational AI into their ecosystems.

It could also be said to represent a strategic pivot towards companionship rather than novelty. For example, Suleyman’s emphasis on empathy, control, and trust is designed to counter growing public scepticism toward AI. Microsoft’s avoidance of human-like avatars or flirtatious personalities contrasts sharply with some competitors that have leaned into emotionally charged or entertainment-focused AI designs.

For Microsoft, therefore, Mico’s visual charm will likely serve as an entry point rather than the product itself. The underlying business logic lies in deeper engagement with Copilot’s ecosystem, i.e., drawing users into paid Microsoft 365 subscriptions, expanding cross-app search capabilities, and encouraging adoption of Edge and Windows 11’s built-in AI features.

Competitors

Rival technology companies are exploring similar territory. For example, OpenAI plans to restore a more conversational personality to ChatGPT, while Google continues to integrate Gemini features across its workspace products. However, Microsoft’s approach is distinctive in how it blends nostalgia and restraint, acknowledging Clippy’s cultural legacy while designing Mico to be optional, unobtrusive, and user-controlled.

By connecting to competing ecosystems such as Google Drive and Gmail through connectors, Microsoft is also signalling its intention to become the interface for managing all personal and professional data, not just that which lives within its own cloud. That interoperability could make Copilot more attractive to mixed-platform users, particularly small businesses that rely on multiple services.

Business Users

For UK businesses, Mico and Copilot’s expanded features highlight Microsoft’s ambition to make AI more visible in everyday workflows. Teams can now co-create and share tasks in Copilot Groups, while memory and connector functions reduce the need to re-enter data or switch between platforms. In practice, that could mean faster document searches, streamlined planning sessions, and AI-assisted decision-making that remains traceable and editable.

Microsoft’s insistence that Copilot should “listen, learn and earn trust” rather than replace judgement may also resonate with more compliance-conscious sectors. Features such as editable memory and explicit consent for data access help address growing governance and privacy expectations.

Challenges And Criticisms

One initial criticism is that the rollout has proved inconsistent so far, with some users reporting that Mico is visible in the web version of Copilot but not yet in the Windows 11 desktop app. Microsoft has said that availability will expand gradually, with new features appearing in phases across different regions and devices.

There are also concerns about autonomy. For example, in tests of Copilot’s booking features, reviewers reported the assistant pre-selecting hotel dates and options without confirmation, highlighting the challenge of balancing initiative with transparency.

More broadly, the industry remains a little cautious about the psychological impact of highly interactive AI. Regulators such as the US Federal Trade Commission have begun examining how AI chatbots affect children and teenagers, following reports of harmful advice and emotional over-familiarity from some AI companions. Microsoft is seeking to avoid these pitfalls by keeping Mico’s tone professional, controllable and easy to disable.

Privacy, as always with AI, is another area of concern. For example, while Microsoft says Copilot requires explicit consent before accessing connected apps and allows users to edit or delete memory data, businesses will still need clear internal policies governing what data Copilot can read and store.

The Clippy Question

Mico’s hidden Clippy transformation is basically a light-hearted reminder of how far Microsoft’s digital assistants have come. The company insists that the nostalgia is deliberate but controlled and a playful link to a familiar past, framed within a more sophisticated, opt-in design philosophy.

What Does This Mean For Your Business?

Although the Clippy revival is clearly a playful addition, it actually highlights a serious strategic moment for Microsoft. The company is reframing Copilot as more than just a functional chatbot and instead positioning it as an assistant that can adapt to human tone, behaviour, and context without overstepping boundaries. That balance between warmth and professionalism could prove important as users grow weary of overly mechanical tools yet remain cautious about overly familiar ones.

For UK businesses, the developments point towards an assistant that could fit naturally within daily workflows rather than existing as a separate app or experiment. The ability to connect Copilot to existing systems, recall previous projects, and collaborate across teams could make AI adoption more practical and measurable. It may also help smaller firms, many of which rely on mixed Microsoft and Google environments, to simplify their digital operations without major disruption.

The return of a character like Clippy, now built into an AI that listens, remembers, and coordinates across multiple platforms, underlines how much the workplace has evolved since the late 1990s. For many users, the novelty of talking to a computer has long worn off but what matters now is whether these systems save time, reduce friction, and remain trustworthy. Microsoft’s focus on consent, editability, and transparency is likely to appeal to both business and consumer stakeholders, particularly as regulators tighten expectations around data handling and AI behaviour.

The biggest test, however, will be whether Copilot’s new capabilities can actually translate into everyday usefulness rather than being just novelty (or an annoyance to some, as Clippy was before). As competition intensifies and users gain access to more sophisticated assistants from OpenAI and Google, Microsoft’s long-term advantage may rest on its ability to integrate these tools seamlessly into the familiar rhythm of Windows and Office. The Clippy transformation may be the headline-grabber in this case, but the real story is whether Mico and its wider Copilot ecosystem can finally deliver what its predecessor could not, i.e., an assistant that genuinely helps without getting in the way.

A UK competition court has ruled that Apple abused its market power with App Store fees, paving the way for compensation that lawyers say could total up to £1.5 billion for around 36 million iPhone and iPad users.

What The Tribunal Decided

The Competition Appeal Tribunal (CAT) found that Apple held “near absolute market power” in two linked markets, i.e., app distribution on iOS devices and in-app payment processing, and had used that position to charge “excessive and unfair” commissions, typically up to 30 per cent, on paid apps and in-app purchases.

The judgment, brought by class representative Dr Rachael Kent, actually marks the first collective competition claim to succeed at trial under the UK’s relatively new regime for group actions. Following a seven-week hearing earlier this year, the tribunal concluded that Apple’s restrictions prevented rival app stores and alternative payment options on iPhones and iPads, leaving developers and consumers with no meaningful choice but to use Apple’s system.

Expert evidence submitted to the court showed that a significant share of Apple’s overcharges to developers were passed on to users through higher prices for apps, subscriptions and digital content. The tribunal agreed, finding that Apple’s business model inflated costs for millions of consumers and small businesses across the UK.

Who Is Covered And From When?

The class action covers anyone in the UK who made purchases through the UK version of the App Store on an iPhone or iPad from 1 October 2015 onwards. That includes paid-for apps, in-app purchases and subscriptions bought within apps.

In fact, law firm Hausfeld, representing Dr Kent, estimates that around 36 million people could fall within this category. Both individual consumers and businesses are included. For example, a company that paid for productivity apps on staff iPhones or made in-app purchases for services through Apple’s system could be entitled to a share of the damages, alongside ordinary consumers.

According to the legal team, users who spent regularly could be due significant sums. For example, a fitness app subscription costing £8.99 a month could yield roughly £21.58 back per year, based on the tribunal’s findings. In another example, a £19.99 in-app purchase could equate to around £4 in compensation. The exact payout will depend on how much each person or business spent and the final calculation approved by the court.

How Much Money Are We Talking?

The tribunal has indicated that aggregate damages could reach up to an eye-watering £1.5 billion, subject to a follow-up hearing on how the total will be calculated and distributed. The court also ordered that interest be added at a rate of 8 per cent per year, which could increase the total compensation for purchases made several years ago.

The collective action covers almost a decade of App Store activity, meaning that regular app users, mobile gamers, and subscribers to digital services could all be affected. With around 36 million potential claimants, even modest individual payments could add up to one of the largest consumer compensation cases ever seen in the UK.

Why The Case Was Brought

Dr Rachael Kent, a Senior Lecturer in Digital Economy and Society Education at King’s College London, launched the case in 2021 claiming that Apple’s conduct had led to “exorbitant profits” by excluding competition and forcing developers to use its own payment system on its own terms.

After the ruling, Dr Kent described the outcome as a “landmark victory, not only for App Store users, but for anyone who has ever felt powerless against a global tech giant”. She added that the judgment “confirms that Apple has been unlawfully overcharging users for more than ten years and that up to £1.5 billion should now be returned to UK consumers and businesses”.

The tribunal agreed with her argument that Apple’s 30 per cent commission was excessive and unfair. It found that a fair rate, based on comparisons with other digital platforms, would have been closer to 17.5 per cent for app distribution and 10 per cent for payment processing.

Apple’s Response And Grounds For Appeal

It’s no surprise that Apple has said it “strongly disagrees” with the ruling and will appeal. In a statement issued after the judgment, the company said the tribunal’s view of the app economy was “flawed” and failed to recognise how the App Store had “benefited businesses and consumers across the UK”.

“The App Store helps developers succeed and gives consumers a safe, trusted place to discover apps and securely make payments,” Apple said. “This ruling overlooks how the App Store helps developers succeed and gives consumers a safe, trusted place to discover apps and securely make payments. The App Store faces vigorous competition from many other platforms — often with far fewer privacy and security protections.”

Apple also argues that because commission is only charged on paid apps and in-app purchases, around 85 per cent of the apps available on the App Store pay no commission at all. It points to its Small Business Programme, which halves the rate of commission to 15 per cent for developers earning less than $1 million a year.

The tribunal, however, rejected Apple’s argument that its restrictions were necessary to guarantee user safety and privacy, ruling that the measures were neither proportionate nor justified in relation to competition law.

What Happens Next?

A further hearing, expected in November, will determine the exact approach to calculating and distributing compensation. The court will consider Apple’s application to appeal at the same time.

Any payments to consumers are, therefore, unlikely to begin until the appeals process is complete. However, Hausfeld says the judgment firmly establishes Apple’s liability, meaning that compensation will follow once the calculations and distribution process are finalised.

For now, users can check their eligibility by reviewing their “Purchase History” under their App Store account settings. Those who have paid for apps or in-app purchases through the UK storefront since October 2015 are likely to qualify.

Why The Decision Matters Beyond iPhones

The ruling comes just days after the UK’s Competition and Markets Authority (CMA) designated both Apple and Google as having “strategic market status” under the new Digital Markets, Competition and Consumers Act. This means the regulator can now impose legally binding conduct requirements on how the firms operate their app stores, browsers and payment systems.

The CMA has already indicated it could compel Apple to allow rival app stores to operate on iPhones in the UK, potentially ending its long-standing “closed system” where software can only be downloaded through its own store.

Regulators and analysts view the CAT judgment as part of a wider pattern of scrutiny of Apple’s App Store model. The company is already facing pressure in the European Union, where the Digital Markets Act has forced it to permit third-party app stores and alternative payment routes. In the United States, Apple has been the subject of multiple antitrust investigations and private lawsuits over similar issues.

What The Court Said About Market Power And Pass-Through

The tribunal found that Apple’s control over app distribution on iOS gave it “near absolute market power”, effectively allowing it to dictate terms to developers and consumers. It also accepted evidence that roughly half of Apple’s overcharge was passed on to end users, which formed the basis for estimating total damages at up to £1.5 billion.

The court compared Apple’s commission levels with other digital marketplaces, including Microsoft’s and Epic Games’ app stores, and found its rates to be significantly higher. The tribunal concluded that the excess pricing could not be justified by any additional value or innovation provided by Apple’s system.

What Users And Businesses Should Know

The case is a collective opt-out action, meaning UK-based consumers and businesses who meet the eligibility criteria will automatically be included unless they choose to opt out. This means they will not need to sign up in advance but will be required to provide proof of purchase when the compensation scheme is finalised.

The tribunal’s order of interest at 8 per cent per year also means that older purchases, especially those made between 2015 and 2020, could attract larger payouts.

Dr Kent’s legal team has said further updates will be issued once the next phase of the case concludes. For now, eligible users are advised to retain any records of App Store purchases or subscriptions made on UK-registered Apple accounts.

The Wider Industry Context

This case is being watched closely by technology firms and regulators because it sets a new benchmark for competition enforcement in the digital economy. It also highlights how the UK’s collective action framework can be used to hold major global platforms to account for past conduct that inflated prices for consumers and businesses.

While Apple maintains that its ecosystem provides unique safety and privacy benefits, the tribunal’s findings appear to have called into question the balance between those protections and fair competition. The upcoming damages hearing will now determine what that accountability looks like in financial terms for millions of UK users.

What Does This Mean For Your Business?

The outcome of this case may mark a defining moment in how the UK approaches digital market regulation. For example, by confirming that a global company of Apple’s scale can be held accountable through collective legal action, the tribunal has set a clear precedent that could influence future cases involving other dominant tech platforms. It also signals that the UK’s competition and consumer law framework is now capable of addressing the realities of platform-based markets, where small differences in commission rates or payment terms can affect millions of users and developers simultaneously.

For UK businesses, the implications extend well beyond potential compensation. For example, many small firms that rely on mobile apps for marketing, payments, or service delivery have long been subject to the same terms as global developers, often without the ability to negotiate or switch to alternative platforms. A successful compensation process could return meaningful sums to those businesses, but more importantly, it may drive structural changes that reduce dependency on a single distribution channel. In a more competitive marketplace, smaller developers and service providers could benefit from lower costs, broader reach, and greater freedom over how they price and deliver their products.

Also, developers and consumers are likely to watch closely for signs of how Apple responds. If the appeal fails and the compensation framework goes ahead, the company may be forced to reconsider its UK App Store model to comply with competition expectations. That could include opening its payment systems to external providers or lowering commission rates to align more closely with those found in other digital marketplaces. Such changes would not only reshape Apple’s UK operations but could also influence its strategy across Europe, where similar legal and regulatory challenges are already underway.

The ruling also gives some momentum to regulators such as the Competition and Markets Authority, which has already indicated plans to impose new obligations on major digital platforms. Having both the CAT judgment and the CMA’s new enforcement powers in play strengthens the UK’s position as one of the leading jurisdictions for digital competition oversight. It could, in time, make the country a test case for how to balance consumer protection, business innovation, and fair access in the app economy.

For consumers, the short-term focus will be on how quickly compensation arrives and what steps they must take to claim it. However, the longer-term significance appears to lie in how this case may reshape the digital ecosystem itself. Whether through greater transparency, reduced commissions, or the introduction of alternative app stores, the outcome has the potential to alter how users, developers, and major tech firms interact across the UK’s mobile marketplace.

OpenAI has released Atlas, a free macOS web browser built around ChatGPT, and it arrives with big ambitions, useful features, and some immediate security questions.

What OpenAI Has Launched, And Why It Matters

OpenAI describes Atlas as “a new web browser built with ChatGPT at its core.” The idea of Atlas is, rather than visiting a website, copying content, and pasting it into a chatbot, the chatbot now lives inside the browser and can see the page you are on. OpenAI has framed it as a chance to “rethink what it means to use the web.”

Just On macOS (Free) For Now

Atlas is available now worldwide on macOS for Free, Plus, Pro, and Go users, with Windows, iOS, and Android versions “coming soon.” Business users can enable Atlas in beta, and Agent mode is available in preview for Plus, Pro, and Business tiers. OpenAI also published release notes and a download link, underlining that Atlas can import bookmarks, passwords, and browsing history from existing browsers.

How It Works In Practice

Atlas opens directly to ChatGPT rather than a traditional home page. Users can type a question or a URL, then work in a split view where ChatGPT summarises, compares, or explains the page they are on. An optional sidebar, “Ask ChatGPT,” follows the user as they browse, designed to remove the copy-paste friction that has characterised earlier chatbot use. OpenAI states that the browser can “understand what you’re trying to do, and complete tasks for you, all without leaving the page.”

Two features really stand out. The first is “browser memories,” which is an opt-in setting that allows ChatGPT to remember context from sites a user visits so it can bring that context back when needed. The second is “Agent mode,” which enables ChatGPT to act on the user’s behalf in the browser, carrying out tasks such as research, form-filling, or making bookings. OpenAI is keen to emphasise the benefit of user control, noting that browser memories can be viewed, archived, or deleted, that browsing content is not used to train models by default, and that visibility for specific sites can be turned off directly from the address bar.

Availability And Controls

At launch, Atlas includes parental controls that carry over from ChatGPT, with options to disable memories or Agent mode entirely. OpenAI says Agent mode can’t run code in the browser, download files, or install extensions, and it pauses on sensitive sites such as banks. Users can also run the agent in logged-out mode to limit access to private data.

Where Atlas Fits In A Crowded Browser Market

This move from OpenAI appears to be a direct challenge to existing players. For example, on desktop, Chrome holds about 73.65 percent of the global browser market, followed by Edge on 10.43 percent and Safari on 5.73 percent (StatCounter, September 2025). For Atlas to gain traction, it must prove both trustworthy and genuinely useful in daily workflows.

Vague Wording? What “AI Browser” Really Means

It seems that “AI browser” is quickly becoming shorthand for a set of common features, i.e., a chatbot that can read what’s on the screen, answer questions about it, and act within context. In Atlas, this takes the form of ChatGPT as a ride-along assistant that can process and recall on-page information.

Microsoft is pursuing the same idea. For example, in its Edge browser, Copilot Mode provides similar capabilities, opening a chat window that can summarise and compare data across multiple tabs. The company has also introduced “Actions,” which can fill in forms or book hotels, and “Journeys,” which group your tab history into ongoing projects.

The Indirect Prompt-Injection Issue

It seems that the most significant technical challenge currently facing Atlas, however, may not be unique to OpenAI. For example, Brave’s security team recently warned that indirect prompt injection is “a systemic challenge facing the entire category of AI-powered browsers.”

In simple terms, prompt injection occurs when a malicious webpage hides instructions that an AI assistant mistakenly interprets as user commands. This could cause the AI to perform unintended actions, such as fetching data from other tabs or leaking information from logged-in accounts.

Brave’s research revealed that similar vulnerabilities have been found in other AI browsers, including Perplexity’s Comet and Fellou, where attackers could hide commands inside website text or even faint image overlays. These instructions can bypass normal safeguards by being passed to the model as part of the page context.

In fact, OpenAI’s own documentation acknowledges this threat. For example, Dane Stuckey, OpenAI’s Chief Information Security Officer, described prompt injection as “a frontier, unsolved security problem” and said the company has implemented overlapping guardrails, detection systems, and model training updates to reduce risk. “Our adversaries will spend significant time and resources to find ways to make ChatGPT agent fall for these attacks,” he wrote, adding that users should run agents in logged-out mode when working on sensitive tasks.

Early Testing And What Researchers Are Seeing

Early demonstrations have already shown why this remains an open concern. For example, independent researchers have reportedly shared examples where Atlas responded to hidden instructions embedded within ordinary documents, producing unexpected outputs instead of the requested summaries. While these examples did not involve harmful actions, they highlight how easily indirect prompt injections can influence AI behaviour when content is treated as part of a legitimate task.

AI security researcher Johann Rehberger, who has documented several prompt-injection attacks across AI platforms, described the risk as affecting “confidentiality, integrity, and availability of data.” He noted that while OpenAI has built sensible safeguards, “carefully crafted content on websites can still trick ChatGPT Atlas into responding with attacker-controlled text or invoking tools to take actions.”

Brave’s recent post about this security issue also warned that agentic browsers can bypass traditional web protections such as the same-origin policy because they act using the user’s authenticated privileges. For example, a simple instruction hidden in a web page could, in theory, make the assistant act across sites, including banks or corporate systems, if guardrails fail.

How OpenAI Says It Has Balanced Power And Control

OpenAI has listed several design choices intended to reduce these risks. For example, users can clear specific page visibility, delete all browsing history, or use incognito windows that temporarily log ChatGPT out. Browser memories are private to the user’s ChatGPT account, are off by default, and can be managed directly in settings.

If a user opts to allow training on browsing content, pages that block GPTBot remain excluded. Agent mode cannot install extensions, access the file system, or execute code, and it pauses on sensitive sites where actions might expose personal data.

OpenAI says its approach is to combine technical safeguards with transparency. Users are shown what the agent is doing step by step, and actions can be stopped mid-flow.

For example, someone planning a dinner party can ask Atlas to find a grocery store, add ingredients to a basket, and place the order, watching each action unfold. Also, a student could use Atlas to ask real-time questions about lecture slides, while a business user can ask it to summarise competitor data or past documents without switching tabs.

Two Days Later, Microsoft Reframes Edge As An “AI Browser”

Just two days after OpenAI’s announcement, Microsoft expanded its own browser to include nearly identical functionality. On 23 October, the company unveiled an upgraded Copilot Mode for Edge, now officially described as “an AI browser.”

Mustafa Suleyman, CEO of Microsoft AI, wrote in a company blog post: “Copilot Mode in Edge is evolving into an AI browser that is your dynamic, intelligent companion.” The update introduces new features called “Actions,” which allow Copilot to fill out forms and make bookings, and “Journeys,” which group browsing sessions around specific goals.

Although Microsoft’s project was likely in development long before Atlas was revealed, the timing and similarity are notable. Both browsers now integrate AI deeply into browsing, both rely on contextual understanding to assist users, and both frame the assistant as a companion that can interpret what is on screen.

Independent reviewers have noted that the new Copilot Mode in Edge is visually and functionally close to Atlas. The layout differs slightly, but the underlying premise is the same: a built-in AI that reads, reasons, and acts on content as you browse. Microsoft says all new features require user consent before accessing tab content or history.

Challenges And Criticisms

While Atlas has been praised for its clean design and intelligent functionality, some experts have already raised questions about privacy, data control, and long-term security. OpenAI insists that browser memories are fully optional and off by default, but data protection specialists warn that even anonymised context retention can reveal behavioural patterns over time.

Also, some commentators have warned that Atlas, like other AI-driven browsers, could raise new privacy and security concerns if not carefully managed. For example, cybersecurity specialists have noted that the browser’s ability to access bookmarks, saved passwords, and full browsing histories could make the trade-off between convenience and data protection more critical than ever. They have also cautioned that combining web activity with chatbot interactions could increase risks such as profiling, targeted phishing, or unintended exposure of sensitive information.

It should also be noted here that early feedback from users has been mixed. For example, some testers have praised Atlas for its clear presentation of information and accurate sourcing, while others have reported slower performance and questioned how effectively Agent mode will operate once the browser is adopted at scale.

Cybersecurity researchers point out that even if Atlas performs safely under current controls, new prompt-injection techniques are constantly being developed. Brave’s researchers have already hinted that further vulnerabilities are likely to surface as more companies introduce AI-driven browsing.

The balance between innovation and oversight, and between convenience and confidentiality could, therefore, be the central test for Atlas and the new wave of AI browsers it represents.

What Does This Mean For Your Business?

OpenAI’s launch of Atlas could be one of the most ambitious steps yet in merging web browsing with conversational AI. It shows how quickly the boundary between search, productivity, and automation is dissolving, with the browser itself becoming a personal assistant rather than a static window to the internet. Yet it also exposes how far the technology still has to go before it can be trusted to act independently in real-world settings.

For users, the attraction is that Atlas promises a streamlined way to find information, take action, and move between tasks without switching tabs or tools. For OpenAI, it provides a direct platform for embedding ChatGPT more deeply into everyday digital life. However, the same integration that makes Atlas powerful also increases the surface area for risk. Allowing an AI agent to see and act within live browsing sessions inevitably raises questions about data access, authentication, and the potential for malicious manipulation through prompt injection or hidden instructions.

UK businesses, in particular, may need to approach Atlas with a mix of curiosity and caution. For example, the prospect of an intelligent browser that can summarise research, handle admin tasks, or automate data collection could boost productivity and streamline workflows. However, organisations will have to consider how it interacts with internal systems, how data is stored and transmitted, and whether its automation features comply with corporate security and privacy policies. For sectors such as finance, healthcare, and education, these considerations will be especially pressing, as even minor missteps could expose sensitive information or breach compliance rules.

For other stakeholders, including regulators and cybersecurity specialists, Atlas may represent an early glimpse of what “agentic” browsing could actually mean for the wider internet. It challenges long-held assumptions about user control, privacy, and accountability. If AI browsers become mainstream, the focus of online safety will need to expand from defending websites against users to defending users against their own automated agents.

In that sense, Atlas is less a final product than a live experiment in how people and machines might share control over digital tasks. Its success will depend not just on speed or convenience but on whether OpenAI can earn sustained trust from users, businesses, and regulators alike. For now, Atlas looks like being both a milestone in browser innovation and a reminder that every step towards automation must also bring new standards of responsibility, transparency, and security.

Attackers are using artificial intelligence (AI) to build record-breaking DDoS botnets, according to new data from internet security firm Qrator Labs.

The company reports that one botnet it tracked contained 5.76 million infected devices, a 25-fold increase on last year’s largest network. Qrator’s CTO, Andrey Leskin, said AI now lets attackers “find and capture devices much faster and more efficiently,” driving unprecedented growth.

Brazil has overtaken Russia and the US as the biggest source of application-layer DDoS attacks, accounting for 19 per cent of malicious traffic, while Vietnam’s share has surged as unsecured devices multiply across developing regions. Fintech and e-commerce remain the top targets, with peak attacks reaching 1.15 Tbps.

Experts warn that AI tools are lowering the barriers to entry for cybercriminals, enabling large-scale automated attacks. Businesses are urged to use layered DDoS protection, keep connected devices updated, and monitor for unusual network activity to defend against this new AI-driven threat.

Cornish Lithium has produced the UK’s first samples of battery-grade lithium hydroxide, marking a major step towards a domestic, low-carbon supply chain for electric vehicles and clean energy storage.

A Local Company with Global Ambitions

Cornish Lithium is a Penryn-based mining and technology company founded in 2016 by former investment banker and mining engineer Jeremy Wrathall. The company’s goal is to produce lithium sustainably within the UK, thereby reducing reliance on imports and supporting the transition to electric vehicles and renewable energy.

The business operates across two key areas of lithium extraction, i.e., hard rock and geothermal brines. Its projects are centred in Cornwall, where it is exploring and developing lithium resources from granite and hot spring waters deep underground. Through a combination of traditional mining expertise and modern processing technology, Cornish Lithium aims to make Cornwall a cornerstone of Britain’s green industrial future.

The Factory

At the heart of the latest breakthrough is the company’s Trelavour Hard Rock Project near St Dennis, Cornwall. Built on a repurposed china clay pit, the Trelavour Demonstration Plant began operating in 2024 and represents the UK’s first low-emission lithium hydroxide production facility. The site seems to embody sustainable redevelopment in practice in that it’s transforming a brownfield location once central to the region’s clay industry into a clean-tech hub for critical minerals.

Hydrometallurgical Processing

The plant uses hydrometallurgical processing to refine lithium-bearing mica from Cornish granite into high-purity lithium hydroxide. It also acts as a testing ground for new refining technologies that could later be scaled up for full commercial production. According to the company, commercial operations are expected to begin in 2027 with a planned output of around 10,000 tonnes of lithium hydroxide per year.

Why This Discovery Matters

Cornish Lithium’s discovery lies not only in the presence of lithium-bearing granite but in the ability to extract and refine it locally using cleaner methods. For example, the company estimates that its operations can achieve at least a 40 per cent reduction in carbon emissions compared with typical international lithium production, where ores are mined in Australia, shipped to China for refining, and then exported to Europe.

As CEO Jeremy Wrathall explained when the first samples were announced, “This achievement demonstrates that Cornwall can once again play a vital role in supporting Britain’s industrial future — this time through the production of sustainable, battery-grade lithium.”

Cornwall’s geology has long been known to contain lithium, but until recently it was not considered economically viable to extract. However, it seems that advances in processing technology, along with rising global demand and the UK’s push for net zero, have changed that outlook. In essence, the region’s combination of mineral-rich granite and geothermal resources makes it uniquely positioned to supply both hard-rock and brine-based lithium sustainably.

What’s Being Produced And Who For?

The Trelavour Demonstration Plant produces lithium hydroxide monohydrate (LHM), which is a high-purity chemical essential for lithium-ion batteries used in electric vehicles and large-scale energy storage systems. Battery-grade LHM is particularly suited to high-nickel cathodes, which are used by leading EV manufacturers to deliver higher energy density and longer range.

Cornish Lithium’s immediate aim is to refine enough material to demonstrate commercial viability and secure supply agreements with UK gigafactories and automotive manufacturers. The longer-term goal, combining both hard rock and geothermal extraction, is to produce up to 25,000 tonnes of lithium carbonate equivalent annually by 2030.

Currently, the UK imports almost all of its battery-grade lithium, leaving the country’s growing EV and battery industries reliant on international supply chains dominated by China. Local production from Cornwall would allow UK manufacturers to shorten those supply lines, cut emissions, and improve energy security.

Investment and Strategic Importance

In September 2025, Cornish Lithium secured up to £35 million in new funding, including £31 million from the UK’s National Wealth Fund and additional investment from TechMet, a critical minerals investor partly backed by the US government. This funding is earmarked to expand operations at Trelavour and advance the company’s geothermal projects.

The investment also forms part of the UK government’s broader strategy to establish a secure domestic supply chain for EV batteries. The Automotive Transformation Fund and other initiatives aim to ensure that gigafactories planned in Sunderland, Coventry, and Somerset have access to local raw materials, which is likely to be a key factor in their long-term sustainability and cost competitiveness.

Carbon Savings and Sustainability

Even though the idea of mining doesn’t seem that conducive to conserving the environment and sustainability, the sustainability benefits of local lithium production actually extend well beyond emissions. For example, processing and refining lithium within Cornwall eliminates the need for transcontinental shipping and significantly lowers the embodied carbon in each tonne of lithium hydroxide produced.

Local production also improves traceability, which is a growing requirement for European battery makers under emerging “battery passport” rules that demand transparency on the source and environmental impact of materials.

Also, by situating the plant on a disused industrial site, Cornish Lithium has actually revived part of Cornwall’s long-mining heritage in a modern, environmentally responsible way. The company estimates its projects could create more than 300 skilled jobs, contributing to regional regeneration and helping to retain talent in the South West.

The project’s reliance on UK and European technology partnerships also supports intellectual property development and knowledge transfer. By bringing advanced refining processes, such as those licensed from Australia’s Lepidico, onto British soil, the company is helping to develop local expertise in hydrometallurgy and battery chemistry.

Competitors and the Industry

Cornish Lithium’s milestone actually places it at the forefront of a growing UK lithium industry. However, it is not alone. For example, Imerys British Lithium, also based near St Austell, is developing a separate hard-rock project and has already produced pilot-scale lithium carbonate from mica-rich granite. The company plans to scale up to around 20,000 tonnes per year, potentially making it another major domestic supplier by the late 2020s.

Further north, Green Lithium is constructing a large lithium refinery at Teesside that will process imported spodumene concentrate into lithium hydroxide, complementing the raw material supply coming from Cornwall. Meanwhile, Northern Lithium is exploring brine-based extraction in the North East using direct lithium extraction (DLE) technology.

Together, these projects signal the emergence of a full UK lithium supply chain, encompassing extraction, processing, and eventual recycling, which is a development that could make the UK less dependent on imported critical minerals.

Challenges and Criticisms

Despite its progress, Cornish Lithium faces some significant hurdles. For example, Cornwall’s lithium grades are lower than those of high-grade spodumene ores mined in Australia, which could affect production costs and competitiveness. Energy-intensive refining processes also present challenges in a country with some of Europe’s highest industrial electricity prices.

The company must also navigate permitting and community engagement. For example, although its operations are based on brownfield sites, local stakeholders have raised questions about water use, noise, and the environmental management of tailings and waste.

Another challenge lies in the volatility of global lithium prices. As the Financial Times has reported, financing large-scale lithium projects can be difficult without government guarantees or long-term offtake agreements, particularly when prices fall from recent highs.

There are also broader market questions. The UK’s gigafactory sector remains nascent, and if domestic battery production fails to grow as quickly as expected, local lithium producers could struggle to find nearby buyers.

That said, for now, the company’s combination of local sourcing, low-emission processing, and government-backed funding positions it as one of the most advanced and strategically significant lithium ventures in Europe.

What Does This Mean For Your Business?

Cornish Lithium’s progress could be a real turning point in how the UK approaches its clean energy supply chain. By combining extraction, processing, and refining within one region, the company has shown that it is possible to produce critical battery materials closer to where they are used, with substantially lower emissions than imported alternatives. The immediate impact is industrial rather than symbolic, since it demonstrates that local lithium production is not just feasible but commercially and environmentally credible.

For UK businesses, particularly those in automotive manufacturing and energy storage, this development could prove decisive. For example, a domestic source of battery-grade lithium would reduce dependence on long global supply chains, stabilise costs, and make it easier to meet carbon reporting and traceability standards that are becoming central to procurement. It could also help strengthen the competitiveness of UK gigafactories, ensuring that jobs and intellectual property linked to electrification remain within the country. For other stakeholders, including local communities and policymakers, the benefits extend to regional regeneration, skilled employment, and the revival of industrial activity in an area that once relied on mining.

At the same time, it is clear that success will depend on more than geology. Cornish Lithium and its peers must scale up efficiently, manage environmental impacts transparently, and align with downstream demand from battery producers. The challenge for government and industry alike will be to create a framework that rewards sustainable extraction and encourages private investment without distorting the market.

If those conditions are met, Cornwall’s emerging lithium industry could form the foundation of a genuinely circular, low-carbon supply chain for the UK’s transition to clean transport and renewable power. In that sense, the real significance of the Trelavour plant lies not only in the metal it produces but in the model it represents, i.e., a local, collaborative, and technologically advanced approach to sustainable resource development.

If you want to collaborate with colleagues in your ChatGPT projects, this videos shows you how. Additionally, there are some upgrades to the memory facility that you might want to know about.

[Note – To Watch This Video without glitches/interruptions, It may be best to download it first]

Stand out in conversations with custom stickers that reflect your brand or personality, or to highlight specific products or features. Here’s how to create and use stickers in WhatsApp:

To Create a Sticker:

– Open WhatsApp and go to any chat.
– Tap the emoji icon > Sticker > Create.
– Select an image from your gallery or take a new photo.
– Crop and edit the image to fit the sticker format.
– Add text or drawings if desired.
– Save the sticker (and create a sticker album for related stickers).

Use Stickers in Messages:

– Open a chat and tap the emoji icon.
– Select the sticker icon and choose your custom sticker.
– Send the sticker to add a personal touch to your messages.

Benefits:

– Personalise Communication: Custom stickers help build rapport with clients or colleagues.
– Add a Professional Touch: Brand-specific stickers can enhance your business identity.
– Enhance Engagement: Stickers can make messages more engaging and fun.
– Use custom stickers to add a creative and personalised touch to your business communications on WhatsApp!

New research from Arctic Wolf shows that most security leaders say they would sack staff who fall for phishing scams, even as incidents rise and leaders themselves admit to clicking malicious links.

Hardening of Attitudes

Arctic Wolf’s 2025 Human Risk Behaviour Snapshot reveals that 77 per cent of IT and security leaders say they have (or would) sack an employee for falling for a phishing or social engineering scam, up from 66 per cent in 2024. The report describes this shockingly high statistic as the result of a significant hardening of attitudes among security professionals, despite continuing increases in attack volume and breach rates.

The Scale

The study, which surveyed more than 1,700 IT leaders and end users globally, found that 68 per cent of organisations suffered at least one breach in the past year. The UK and Ireland, for example, recorded some of the steepest rises, partly due to high-profile incidents in the retail sector. Arctic Wolf notes that many firms are still failing to implement basic measures, with only 54 per cent enforcing multi-factor authentication (MFA) for all users.

Sacking Doesn’t Solve The Problem

The same report also found that organisations taking an education-first approach rather than firing staff saw an 88 per cent reduction in long-term human risk. According to Arctic Wolf’s Chief Information Security Officer, Adam Marrè, “Terminating employees for falling victim to a phishing attack may feel like a quick fix, but it doesn’t solve the underlying problem.”

A Strong Policy Signal

The findings of the report appear to highlight a growing gap between confidence and capability. For example, three-quarters of leaders said they believed their organisation would not fall for a phishing attack, yet almost two-thirds admitted they have clicked a phishing link themselves, and one in five said they failed to report it.

Corrective Action Instead of Dismissal

It should be noted that, in the same survey, more than six in ten leaders said they had taken corrective action against employees who fell for phishing scams by restricting or changing access privileges, which Arctic Wolf suggests is a more constructive approach than dismissal.

Executives Are Valuable Targets For Cybercriminals

In fact, the company’s own data also shows that 39 per cent of senior leadership teams were targeted by phishing and 35 per cent experienced malware infections, highlighting how executives themselves are often the most valuable targets for attackers.

“When leaders are overconfident in their defences while overlooking how employees actually use technology, it creates the perfect conditions for mistakes to become breaches,” Marrè said. He added that the most secure organisations “pair strong policies and safeguards with a culture that empowers employees to speak up, learn from errors, and continuously improve.”

Confidence Vs Behaviour

The Arctic Wolf report appears to highlight a clear contradiction. For example, while most security leaders view phishing as a frontline employee issue, they are actually statistically among the most likely to make the same mistakes. Many also admit to disabling or bypassing security systems. For example, 51 per cent said they had done so in the past year, often claiming that certain measures “slowed them down” or made their work harder.

This gap between stated policy and personal practice is what Marrè describes as “a major blind spot and degree of hubris among some security leaders.” The report concludes that leadership culture sets the tone for the rest of the organisation, and that inconsistency at the top erodes credibility and weakens defences.

Who Is Really Falling For Phishing In 2025?

The question of who gets caught out most is not as simple as it might appear. For example, Arctic Wolf’s data indicates that senior staff, not junior employees, are often prime targets because of their privileged access and decision-making authority. The company found that nearly four in ten executive teams experienced phishing attempts, compared with lower rates among general staff.

Other research appears to support this pattern. For example, Verizon’s 2025 Data Breach Investigations Report confirms that social engineering remains one of the top causes of data breaches, accounting for more than two-thirds of all initial intrusion methods. Its analysis identifies finance, healthcare, education, and retail as the most heavily targeted sectors. Attackers exploit trust, urgency, and routine workflows to trick users into sharing credentials or downloading malware.

New Hires More Likely To Click

Also, a mid-2025 study by Keepnet, reported by Help Net Security, found that 71 per cent of new hires clicked on phishing emails during their first 90 days, making them 44 per cent more likely to fall victim than longer-serving staff. The main reasons were unfamiliar internal systems, a desire to respond quickly to apparent authority figures, and inconsistent onboarding security training. The same research found that structured, role-specific training reduced click rates by around 30 per cent within three months.

Retail Legacy Systems An Issue

Retail has also seen a marked increase in phishing incidents across the UK and Ireland. Arctic Wolf attributes this to the industry’s reliance on legacy systems, seasonal sales spikes, and the complexity of managing large volumes of customer data. The company says these factors have made retail “a prime target” for opportunistic and scalable attacks.

Can Employers Really Sack Staff For Clicking A Phishing Email?

In the UK, simply sacking an employee for falling for a phishing email is legally possible but rarely straightforward. For example, under the Advisory, Conciliation and Arbitration Service (Acas) Code of Practice, an employer can only dismiss fairly if they have both a valid reason, such as misconduct or capability, and have followed a fair and reasonable procedure.

For a dismissal to be lawful, the employer must investigate properly, give the employee a chance to respond, and ensure the sanction is proportionate. Even where a phishing incident causes financial loss or reputational damage, the question is whether the individual acted negligently or was misled despite reasonable training and policies. In most cases, a first-time mistake caused by deception would not actually meet the threshold for gross misconduct.

Unfair Dismissal?

It’s worth noting here that employees with two years’ service can bring a claim for unfair dismissal if they believe the reason or process was unreasonable. Employment tribunals are required to take the Acas Code into account, and may increase or reduce compensation by up to 25 per cent if either side fails to follow it. This means employers that act punitively without clear evidence or consistent practice could face costly legal challenges.

Most employment lawyers, therefore, recommend a corrective rather than disciplinary response, especially where the organisation’s training or technical safeguards may have been insufficient. Arctic Wolf’s data reflects this tendency, with many leaders actually opting to limit access rights rather than dismiss staff outright after a phishing incident.

Ethics And Culture

Beyond legality, there is an ethical debate here to take account of which focuses on culture and transparency. For example, the UK’s National Cyber Security Centre (NCSC) advises that creating a “no-blame reporting culture” is one of the most effective ways to reduce security risk. Its guidance stresses that employees should feel safe to report suspicious emails or mistakes immediately, without fear of reprisal.

In fact, it is well known that when punishment is the first response, employees often stay silent. Arctic Wolf’s own findings appear to bear this out, i.e., one in five security leaders who clicked a phishing link failed to report it. That silence can allow breaches to escalate before they are detected.

Human Error Inevitable

Security experts argue that treating human error as inevitable, and training people to respond effectively, is far more effective than zero-tolerance policies. Marrè says that “progress comes when leaders accept that human risk is not just a frontline issue but a shared accountability across the organisation.” He advocates regular, engaging training that reflects real threats, backed by leadership example and open communication.

The Double Standard In Practice

The data from this and other reports appears to paint a clear picture of contradiction at the top. For example, many of the same leaders who advocate sacking staff for phishing errors have clicked links themselves or disabled controls that protect the wider organisation. Arctic Wolf’s report describes this as “a culture of ‘do as I say, not as I do’,” warning that it undermines credibility and increases exposure to social engineering attacks.

Phishing Now More Sophisticated

One other important factor to take into account here is the fact that phishing techniques have also grown more sophisticated. For example, attackers now use AI-generated emails, cloned websites, and real-time chat-based scams to trick users into sharing credentials. Even experienced professionals can, therefore, struggle to spot these messages, particularly when they appear to come from known suppliers or senior colleagues.

AI Supercharges Phishing Success

Microsoft’s 2025 Digital Defence Report shows that AI-generated phishing emails are 4.5 times more likely to fool recipients, achieving a 54 per cent click-through rate compared with 12 per cent for traditional scams. The company says this surge in realism and scale has made phishing “the most significant change in cybercrime over the last year”.

Microsoft also estimates that AI can make phishing campaigns up to 50 times more profitable, as attackers use automation to craft messages in local languages, tailor lures, and launch mass campaigns with minimal effort. Beyond email, AI is now being used to scan for vulnerabilities, clone voices, and create deepfakes, transforming phishing into one of the fastest-growing and most lucrative attack methods worldwide.

Initial Compromise Comes From Phishing

Industry-wide data continues to show that phishing is the most common initial attack vector in business email compromise, ransomware, and credential theft cases. Verizon’s latest data shows phishing accounts for roughly 73 per cent of initial compromise methods, followed by previously stolen credentials. These statistics underline how difficult it is to eliminate human error entirely, even in well-trained environments.

Arctic Wolf argues that genuine progress actually requires leading by example rather than blaming employees. In its report, the company’s closing recommendations include continuous education, practical simulations, and building a culture that rewards honesty over silence. Its research concludes that organisations where employees feel confident to report mistakes are significantly less likely to experience repeat incidents, and far more likely to detect breaches early.

What Does This Mean For Your Business?

The findings appear to highlight a cultural challenge within cyber security. Punishing individuals for mistakes that even experienced leaders admit to making risks undermining the very trust and openness that strong defences depend on. The evidence shows that while technical safeguards such as MFA and endpoint protection are essential, they are not enough on their own. What really differentiates resilient organisations is how they handle human error, whether they choose to learn from it or treat it as grounds for dismissal.

For UK businesses, the implications are significant. A strict zero-tolerance policy towards phishing may appear decisive, but it can also damage morale, suppress reporting, and expose employers to potential legal and reputational risks. Dismissing staff without due process could also lead to unfair dismissal claims, while a culture of fear can discourage the transparency needed to contain attacks quickly. By contrast, firms that take a measured, education-focused approach tend to see fewer repeat incidents, faster recovery times, and stronger employee engagement in security.

The message from Arctic Wolf’s data is that leadership example matters most. When senior executives model good cyber hygiene, acknowledge their own vulnerabilities, and support open communication, staff are far more likely to follow suit. Creating an environment where everyone feels responsible for reporting threats, and confident they will be supported for doing so, delivers a far greater return than any punitive measure.

For regulators, investors, training providers and others, the findings reinforce the importance of human-centred strategies that combine accountability with education. As phishing continues to evolve in sophistication, organisations across all sectors must balance clear policy enforcement with a recognition that even the best-informed professionals can make mistakes. The organisations that respond to that reality with fairness, transparency, and leadership integrity will be the ones best equipped to withstand the next wave of attacks.

Most UK employees are now using unapproved AI tools at work every week, according to new Microsoft research, raising fresh questions about security, privacy, and corporate control over artificial intelligence.

What Microsoft Found

Microsoft’s latest UK study reports that 71 per cent of employees have used unapproved consumer AI tools at work, and 51 per cent continue to do so weekly. The research, conducted by Censuswide in October 2025, highlights a growing trend known as “Shadow AI”, i.e., the use of artificial intelligence tools not sanctioned by employers. The (October 2025) Censuswide survey took account of the views of 2,003 UK employees, aged 18 and over. The sample included workers from financial services, retail, education, healthcare, and other sectors, with at least 500 respondents each from large businesses and public sector organisations.

Typical Uses of Shadow AI

According to Microsoft’s study, typical uses of Shadow AI include drafting or replying to workplace communications (49 per cent), preparing reports and presentations (40 per cent), and even carrying out finance-related tasks (22 per cent). Many employees say they turn to these tools because they are familiar or easy to access, with 41 per cent admitting they use the same tools they rely on in their personal lives. Another 28 per cent said their employer simply doesn’t provide an approved alternative.

Limited Awareness of the Risks

It seems that according to the study, awareness of the risks remains limited, which is a key part of the problem. For example, only 32 per cent of respondents said they were concerned about the privacy of customer or company data they enter into AI tools, while 29 per cent expressed concern about the potential impact on their organisation’s IT security.

As Darren Hardman, CEO of Microsoft UK & Ireland, says: “UK workers are embracing AI like never before, unlocking new levels of productivity and creativity. But enthusiasm alone isn’t enough,” and that “Businesses must ensure the AI tools in use are built for the workplace, not just the living room.”

Why It So Much Matters Now

The research reflects a wider cultural change in how employees are using artificial intelligence (AI) to handle everyday tasks. For example, Microsoft estimates that generative AI tools and assistants are now actually saving workers an average of 7.75 hours per week. Extrapolated across the UK economy, that equates to around 12.1 billion hours a year, or approximately £208 billion worth of time saved (according to analysis by Dr Chris Brauer of Goldsmiths, University of London).

That potential productivity boost most likely explains much of the enthusiasm around generative AI. However, it also highlights why workers are bypassing official channels. For example, when the tools provided by employers feel restrictive, employees often reach for whatever gets the job done fastest, even if that means using consumer platforms that fall outside company governance and data protection frameworks.

What Is ‘Shadow AI’?

The term “Shadow AI” is borrowed from “shadow IT”, which is a long-standing issue where employees use unapproved hardware or software without authorisation. In this case, it refers to staff using consumer AI tools such as public chatbots or online assistants to support work tasks. One potential problem with this is that these platforms often store or learn from user input, which may include company or customer data, creating potential security and compliance problems.

Organisations that allow this kind of behaviour to go unchecked, therefore, risk breaching UK data protection laws, regulatory obligations, or intellectual property rights (not to mention giving away company secrets). The British Computer Society (BCS) and other professional bodies have previously warned that shadow AI could expose firms to data leaks, non-compliance, and reputational harm if sensitive material is entered into consumer models.

The Real Risks for Businesses

The main security concern is data leakage, i.e., where employees enter sensitive company information into AI tools that may store or process data outside of approved systems. This could include confidential documents, client details, or financial data. Once that information leaves the organisation’s control, it may be impossible to delete or track, potentially breaching data protection law or confidentiality agreements.

Another issue that’s often overlooked by businesses is attack surface expansion. For example, the more third-party AI tools are used, the greater the number of external systems handling company information. This increases the likelihood of phishing, prompt injection attacks, and other forms of misuse. Also, there is the problem of auditability. When AI tools operate outside an organisation’s infrastructure, they leave no record of what data was used or how it was processed, making compliance monitoring almost impossible.

Earlier this year, a report by Ivanti found that nearly half of office workers were using AI tools that were not provided by their employer, and almost one-third admitted keeping it secret. Some employees even said they used unapproved AI to gain an “edge” at work, while others feared their company might ban it altogether. The study echoed Microsoft’s findings that even sensitive data, such as customer financial information, is being fed into public models.

Why Employees Still Do It

Despite the risks, many employees say they basically rely on consumer AI because it helps them manage workloads and meet rising productivity expectations. Microsoft’s study also found that attitudes towards AI have become far more positive over the course of 2025. For example, 57 per cent of employees now describe themselves as optimistic, excited or confident about AI (up from 34 per cent in January). Also of note, it seems the proportion of workers saying they “don’t know where to start with AI” has dropped from 44 per cent to 36 per cent, while more employees say they understand how their company uses the technology.

For many, the motivation is actually practical rather than rebellious. For example, AI chatbots help draft content, summarise notes, create reports and presentations, or even analyse spreadsheets. When deadlines are tight and workloads are high, these capabilities can make a tangible difference, especially if the employer’s own tools are limited or slow to adopt new technology.

A Balanced View

While much of the discussion has focused on the dangers of shadow AI, some experts suggest it can also be a useful indicator of where innovation is happening inside a business. For example, at the Gartner Security and Risk Management Summit in London, analysts Christine Lee and Leigh McMullen argued that rather than trying to eliminate shadow AI entirely, companies could benefit by identifying which tools employees are already finding valuable. With the right governance and security controls, those tools could be formally adopted or integrated into approved workflows.

In this sense, shadow AI can act as an early warning system for unmet needs. If, for example, marketing teams are using public generative AI tools to create campaign content, that may reveal a gap in internal creative resources or digital support. Security teams could then review those external tools, assess the risks, and replace them with enterprise-grade equivalents that meet the same needs safely.

Gartner’s approach reflects a growing recognition that employees are often ahead of policy when it comes to technology adoption. Turning shadow AI into an opportunity for collaboration, rather than conflict, could help businesses strike a balance between innovation and security.

What Organisations Can Do Next

Analysts and security experts are urging employers to start by improving visibility. That means identifying which AI tools are already being used across the organisation, and for what purposes. With this in mind, many companies are now running staff surveys or using software discovery tools to build a clearer picture of how generative AI is being adopted.

Once the extent of use is known, companies can then focus on education. Clear, accessible policies are essential, i.e., explaining in plain English what kinds of data can be entered into AI tools, what cannot, and why. Training should emphasise the risks of using consumer AI platforms, particularly when handling client, financial, or personal information.

Enterprise Grade Safer

The final step is to offer secure alternatives. Enterprise-grade AI assistants, such as those integrated into Microsoft 365 or other workplace systems, are designed to protect sensitive data and maintain compliance. These tools include encryption, access controls, audit logs, and data-loss prevention measures that consumer apps typically lack. As Microsoft’s Darren Hardman put it: “Only enterprise-grade AI delivers the functionality employees want, wrapped in the privacy and security every organisation demands.”

Where Shadow AI Is Most Common

Microsoft’s data shows that shadow AI use is most prevalent among employees in IT and telecoms, sales, media and marketing, architecture and engineering, and finance and insurance. This is likely to be because these are industries where high workloads, creative output, or data handling make AI assistants especially appealing. As confidence grows and tools become more sophisticated, use across sectors is expected to increase further.

Shaping Culture

The Microsoft research suggests this trend is already reshaping workplace culture. For example, more employees now see AI as an essential part of their organisation’s success strategy, a figure that has more than doubled from 18 per cent in January to 39 per cent in October. Globally, Microsoft’s Work Trend Index reports that 82 per cent of business leaders view 2025 as a turning point for AI strategy, with nearly half already using AI agents to automate workflows.

What Does This Mean For Your Business?

The rise of shadow AI appears to present UK businesses with a clear crossroads between risk and reward. Employees are demonstrating that AI can deliver genuine productivity gains, but their widespread use of unapproved tools exposes gaps in governance and digital readiness. For many organisations, this is not simply a security issue but a sign that workplace innovation is moving faster than policy.

In practical terms, the Microsoft findings suggest that companies which fail to provide secure, accessible AI tools will continue to see staff seek out consumer alternatives. That makes the issue as much about culture and leadership as it is about technology. Building trust through transparency, and ensuring employees understand how and why AI is being managed, will be critical to balancing productivity with protection.

For IT leaders, the challenge now lies in developing frameworks that enable safe experimentation without undermining compliance. That means investing in enterprise-grade AI infrastructure, tightening oversight of data use, and introducing training that connects security policy with real-world tasks. Businesses that achieve this balance will be able to harness AI’s benefits while maintaining control over how it is deployed.

The implications extend beyond individual firms. For example, regulators, industry bodies, and even customers have a stake in how securely AI is used in the workplace. As more sensitive data flows through AI systems, the pressure will grow for clear accountability and transparent governance. The Microsoft findings make it clear that AI adoption in the UK is no longer confined to innovation teams or pilot projects; it is now embedded in everyday work. How organisations respond will determine whether this new era of AI-driven productivity strengthens trust and competitiveness, or exposes deeper vulnerabilities in the digital workplace.

The UK government has written to chief executives across the country urging them to keep physical, offline copies of their cyber contingency and business continuity plans, as the number of severe cyber attacks continues to rise.

Why The Government Is Acting Now

The move follows a sharp increase in what officials call “nationally significant” cyber incidents. In its latest annual review, the National Cyber Security Centre (NCSC) reported handling 429 cyber incidents over the past year, of which 204 were classed as nationally significant, more than double the previous year’s total of 89. Eighteen of those were categorised as “highly significant”, marking a 50 per cent rise.

These figures highlight a growing problem for UK organisations. Attacks on major companies have recently disrupted production lines, logistics operations, and supply chains. The government says this shows how cyber threats now pose not only a security risk but also a direct threat to jobs and the wider economy.

Cyber Resilience Should Be A Board Level Priority

Technology Secretary Liz Kendall, Chancellor Rachel Reeves, Business Secretary Peter Kyle, Security Minister Dan Jarvis, and the heads of both the NCSC and the National Crime Agency have jointly signed letters to business leaders, including all FTSE 350 companies. The message is that cyber resilience must become a board-level priority, and organisations must be ready to operate without IT systems for extended periods if necessary.

What The Letter Tells CEOs To Do

The letter from the government essentially makes three key points/recommendations to company leaders, which are:

1. It says they should treat cyber resilience as a governance issue and align with the government’s new Cyber Governance Code of Practice.

2. It recommends that all organisations sign up to the NCSC’s Early Warning service, which alerts firms to potential vulnerabilities or active threats.

3. It advises implementing the Cyber Essentials scheme, both within their own operations and throughout their supply chains.

Crucially, the letter also stresses the importance of keeping copies of critical plans “accessible offline or in hard copy”, including details of how to communicate and coordinate during an IT failure. This is actually part of a wider government effort to embed what the NCSC calls “resilience engineering”, which can basically be described as an approach that focuses on anticipating, absorbing, recovering from, and adapting to cyber attacks.

The Logic Behind Paper Copies

Although it may sound strange in what is increasingly a digital world, the advice to hold printed plans is intended to be a practical response to one of the key realities of modern cyber incidents. For example, when ransomware or destructive malware locks or wipes digital systems, even backups stored in the cloud can become inaccessible. In those situations, an organisation needs something it can rely on immediately, i.e., contact lists, instructions, and decision trees that are available without power, network access, or authentication.

The NCSC’s annual review explains that organisations should have “plans for how they would continue to operate without their IT, and rebuild that IT at pace, were an attack to get through.” Storing that information offline ensures that teams can still coordinate a response even if email, messaging, or identity systems have been taken down.

From Prevention To Resilience

The government’s letter reflects a wider change in strategy from simply preventing attacks to building the ability to withstand them. For example, the NCSC now encourages what it calls resilience engineering, i.e., designing systems and processes that can recover quickly after disruption.

That includes maintaining immutable backups that cannot be encrypted or tampered with, segmenting networks to prevent attacks spreading, testing recovery procedures, and running scenario exercises that simulate complete loss of IT. This approach assumes that no organisation can be completely immune to attack, so readiness and rapid recovery become essential.

Warnings From The NCSC

In its latest report, the NCSC said cyber security had become “a matter of business survival and national resilience.” The agency noted that half the incidents it managed in the past year met the top three severity categories, which cover impacts to government, essential services, or large sections of the public and economy.

The NCSC is urging organisations to make themselves as hard a target as possible, warning that hesitation in improving resilience leaves them exposed. It is also promoting its Cyber Action Toolkit for smaller firms, which provides simple step-by-step measures to improve security and response capabilities.

Support From The Security Industry

Cybersecurity professionals appear to have broadly supported the government’s message, saying it reflects lessons learned from recent incidents where businesses lost access to key systems for weeks. Industry experts have described the advice as practical rather than symbolic, noting that while printed plans may seem old-fashioned, they can be vital when digital tools fail.

The concept of treating cyber security like health and safety, something every employee understands as part of everyday working life, has gained traction in recent years. The government’s call reinforces this by urging boards to build resilience into core operations rather than treating it as an optional add-on.

Preparation

For larger companies, the message essentially means that cyber risk must now be reported and discussed at board level, with directors accountable for ensuring readiness. That includes confirming who would take charge in an emergency, how to communicate without email, and where physical copies of key documents are stored.

For smaller firms, the focus is more on preparation. For example, the NCSC’s free services, including the Early Warning system and Cyber Essentials certification, are designed to reduce the burden of building basic protection. Having physical backup plans does not replace digital defences, but it ensures that even in the worst-case scenario, there is a clear process for keeping the business running.

The government also highlights the benefits of requiring suppliers to meet similar standards, as supply chain weaknesses can often be exploited by attackers. Making resilience part of procurement policies helps reduce the risk of disruption spreading between organisations.

The Advantage of Offline Contingency Plans

A key advantage of offline contingency plans is that they allow teams to act immediately when systems go down. For example, staff can access emergency contacts, escalate issues, and follow recovery steps without waiting for IT access to return. In critical industries, such as healthcare, manufacturing, and logistics, those minutes or hours can make the difference between a temporary disruption and a complete operational shutdown.

Organisations that follow the NCSC’s guidance can also expect tangible benefits. The agency notes that companies meeting Cyber Essentials standards are significantly less likely to make cyber insurance claims. Better planning also tends to reduce recovery times and financial losses.

Challenges And Concerns

Although there is broad support for the government’s recommendations, there are (inevitably) some practical and logistical challenges. For example, paper copies need to be updated regularly to reflect new systems and staff changes, and they must be stored securely to prevent sensitive information from being accessed or lost. Some companies have also expressed concern about the administrative burden of maintaining both digital and physical documentation.

Others question whether a focus on manual fallbacks could distract from investment in prevention. However, security experts argue that resilience and defence are complementary, i.e., both are necessary, and neither alone is sufficient.

For small and medium-sized enterprises, limited resources remain a concern. Even with free government tools, implementing and maintaining robust resilience measures can take time and expertise. Nonetheless, the government’s stance is that preparedness is no longer optional, given the rising frequency and severity of attacks.

The Bigger Picture

Ministers have said that further steps will follow, including continued promotion of the Cyber Governance Code of Practice and potential new requirements under the forthcoming Cyber Security and Resilience Bill.

The letters sent this month highlight a clear change in tone, to one where cyber resilience is no longer being treated as an IT issue, but as a matter of national and economic security. For UK businesses, the message is simply that if the screens go dark, the organisation should still be able to function, and that begins with having the right plans on paper.

What Does This Mean For Your Business?

The government’s intervention could be said to mark a notable moment in how cyber risk is now being framed, i.e., as a question of continuity and national resilience rather than purely technical defence. The decision to write directly to company chiefs shows the extent to which cyber attacks have moved from the IT department to the boardroom, becoming an operational, financial, and reputational issue that demands visible leadership. The emphasis on hardcopy plans might appear unusual in a digital economy, yet it underlines an uncomfortable truth, which is that digital systems are not invincible and that planning for their failure is now a core part of responsible management.

For UK businesses, this change could prove both challenging and beneficial. For example, it requires time, training, and discipline to maintain offline contingency plans and rehearse manual processes, but it also forces a clearer understanding of dependencies and critical operations. Those already investing in resilience may find themselves better protected from both financial losses and prolonged service disruption. Smaller firms, meanwhile, stand to gain from the free support and practical guidance now being promoted by the NCSC, which aims to bring consistent standards across the economy.

The wider implications reach beyond business. For government and regulators, the campaign is part of a long-term effort to build systemic strength in the face of increasingly complex attacks. For insurers and investors, it offers a signal that resilience planning is becoming a measurable component of good governance. For the public, it reinforces the expectation that essential services, from food distribution to healthcare, should be able to keep operating even when technology fails.

The government’s advice accepts that no cyber defence is perfect, but that preparedness can dramatically limit the impact. By putting resilience on paper as well as on screen, the UK’s leadership is attempting to bridge the gap between digital ambition and practical survivability. If businesses take that message seriously, the result may be a more stable and dependable digital economy, and one that can withstand not just the next attack, but the inevitable disruptions still to come.