Bitdefender Report Reveals Singapore Firms Blind to Employee AI Use
Source: Newsflash Asia / Bitdefender
Only 48% of Singaporean organisations have full visibility into the AI tools their employees use, according to Bitdefender's 2026 Cybersecurity Assessment Report. The survey of 1,200 IT professionals across six countries also found 53% of breach victims in Singapore were told to keep the incident confidential.

More than half of Singaporean organisations lack full visibility into the AI tools their employees use at work, according to Bitdefender's 2026 Cybersecurity Assessment Report. The survey of over 1,200 IT and security professionals across six markets found that only 48% of Singapore firms have complete oversight of workplace AI usage, while 50% track official enterprise tools but remain unaware of personal accounts and shadow AI.
The findings paint a picture of an enterprise sector adopting AI faster than its governance frameworks can keep up. As generative AI tools proliferate across sales, marketing, engineering, and operations, the gap between what employees use and what IT departments know about is becoming a material risk. Bitdefender's president Andrei Florescu urged organisations to move beyond reactive defences toward proactive AI governance strategies.
The report also surfaced troubling breach-suppression patterns. 53% of Singapore respondents who experienced a security breach were instructed to keep it confidential, even though they believed it should be reported. While this is an improvement from 57.6% in 2025, it still points to a culture where transparency around security incidents is discouraged. Separately, 76.5% of Singapore respondents said they would switch vendors over data sovereignty concerns, and 76.6% hesitate to disable legitimate tools exploited by attackers for fear of operational disruption.
Why it matters for Singapore: As the city-state pushes toward becoming a trusted AI hub, this visibility gap is a vulnerability that undermines both enterprise security and regulatory confidence. The Monetary Authority of Singapore and IMDA have both signalled that AI governance is a supervisory priority, but if companies cannot even see which AI tools their staff are using, top-down regulation will struggle to gain traction. The Bitdefender data suggests Singapore's first AI governance priority should be internal: know what you are running before you try to secure it.