Our Commercial Director, Anna Bowen, recently spoke at the East Lancashire Chamber of Commerce’s ‘Knack of AI’ event, exploring a question many businesses are grappling with: Are you ready for AI?
With AI adoption accelerating across all sectors, understanding the foundations needed for safe and effective implementation has never been more important. Here’s a summary of what Anna shared, along with practical action points for your business.
The Four Pillars of AI Readiness
Anna outlined four essential pillars that form the foundation of successful AI adoption. Let’s explore each one:
1. Organised and Clean Data
Your data is gold. Before you can leverage AI effectively, you need to ensure your data is organised, clean, and accessible.
Action points:
- Implement or optimise your Customer Relationship Management (CRM) system to capture prospect and client information accurately
- Organise files using SharePoint with a well thought through file structure
- Control permissions carefully to protect sensitive information
- Invest time now in data organisation to reap rewards later
2. Data Security
As you digitalise and collect more data, you’re also increasing your risk profile. Data is valuable not just to you, but to cybercriminals who want to steal it, sell it, or hold it to ransom.
According to ANS’s research, organisations across the UK are facing increasing cyber threats. In the last 12 months alone, major companies including H&M, BT, Co-op, Manchester University, Disney, Microsoft, and even Lancashire County Council have suffered cyberattacks.
Action points:
- Maintain at least two backups in different locations
- Implement layers of IT security (think of it like an onion – multiple protective layers)
- Achieve recognised accreditations such as Cyber Essentials and ISO27001
- Enable remote monitoring of your IT systems
- Invest in proactive IT support that identifies and fixes issues before they become problems
- Use password managers instead of easily guessed passwords like “Password123!”
3. Cybersecurity Training
People remain your biggest cybersecurity risk, particularly when it comes to social engineering attacks.
Understanding social engineering: These attacks manipulate people into divulging confidential information or clicking malicious links. Cybercriminals exploit our natural tendency to be polite, helpful, and trusting. They create fear, panic, or shame to pressure victims into making hasty decisions.
Real-world case study: Anna shared a concerning example from one of Bandicoot’s clients:
- An employee fell victim to a phishing email and entered their Microsoft 365 credentials on a fake site
- The attacker gained access to the email account and studied the company’s communications
- Days later, they impersonated a supplier with a fake domain, invoice, and signature
- The attacker was charming, patient, and had excuses ready for every question
- The company ultimately lost over £12,000
- The delay in upgrading security measures led to additional financial loss
This case demonstrates that cybersecurity must be treated as a critical business function, not an afterthought.
Whilst ANS research found that 42% of organisations are motivated to invest in security for AI due to threats of system manipulation or misuse, concerningly, employee training for secure AI use was notably under-prioritised, with only 34% planning to invest in it. This is a dangerous oversight, as your employees are your first line of defence against cyber threats.
Action points:
- Train all staff to recognise social engineering tactics, particularly phishing emails
- Create a culture where employees feel comfortable questioning suspicious requests
- Establish clear protocols for verifying payment changes or urgent requests
- Conduct regular cybersecurity awareness training
- Download our free “Five Keys to Protecting You and Your Company from Cybercrime” guide
- Remember: attacks target businesses of all sizes, not just large corporations
4. AI Policy
Before introducing AI tools into your business, you need clear policies that protect your data, ensure compliance, and define accountability.
Why you need an AI policy:
- Ensure compliance with GDPR and other regulations
- Reduce risk of data breaches or misuse
- Set clear rules for approved AI usage
- Define accountability when things go wrong
- Protect your company’s reputation
- Enable safe innovation and experimentation
What your AI policy should include:
Prohibited uses:
- Entering confidential client data into AI systems
- Submitting personal data without GDPR compliance
- Uploading proprietary documents or internal company information
- Relying on AI for compliance or legally binding decisions
- Using AI for discriminatory, biased, misleading, or unlawful purposes
Data handling, privacy and security:
- Understanding the legal framework (GDPR, Data Protection Act)
- Vetting AI vendors and tools before approval
- Conducting Data Protection Impact Assessments (DPIAs) where appropriate
- Using only company-approved accounts and AI tools
- Reporting breaches immediately to your Data Protection Officer (DPO)
Responsibility and accountability:
- Clear employee responsibilities when using AI
- Approved business purposes only
- Mandatory AI training for all staff
- Requirement to apply professional judgement to AI outputs
- Duty to report misuse, risks, or breaches
- Obligation to notify the Information Commissioner’s Office (ICO) when required
Enforcement:
- Consequences for policy violations
- Restrictions or withdrawal of AI tool access
- Integration with existing Computer Use and Disciplinary policies
- Extension of policies to contractors and third parties
Key Takeaways: Your AI Readiness Checklist
As Anna emphasised in her presentation, successful AI adoption is a journey.Here are your action points:
✅ AI adoption is a journey – Don’t rush; build proper foundations
✅ Data = GOLD – Organise and protect it accordingly
✅ Organise and secure it – Clean data and multiple security layers
✅ Train in social engineering – Your people are both your greatest asset and biggest risk
✅ Create accountability – Implement a clear AI policy with defined responsibilities
The Digital Transformation Journey
Anna illustrated how these pillars fit into the broader digital transformation journey: Workflow Optimisation → Capture and Organise Data → Improve Operations/Customer Experience → Leveraging Data/AI
This cycle is continuous, with each stage building on the previous one and feeding back to drive further improvements.
Why Bother with AI?
As Mustafa Suleyman notes in The Coming Wave:
“When any wave of new technology comes, business owners must either adopt it, leapfrog it, change direction or be overwhelmed by the competition who make cost efficiency savings or customer advancements.”
The question isn’t whether to adopt AI, but how to do it safely and effectively.
Get Started Today
Ready to assess your AI readiness? Here are your next steps:
- Complete our Cybersecurity Audit – Identify your current security strengths and weaknesses
- Download our Cybersecurity Training Guide – Start educating your team about the five keys to protection
- Book a free IT consultation – Discuss your data organisation, security measures, and AI readiness with our team
- Review your current policies – Do you have an AI policy? Is your Computer Use Policy up to date?
At Bandicoot, we’ve been helping Lancashire businesses navigate technology changes for over 20 years. AI represents both an enormous opportunity and a significant challenge. We’re here to help you seize the opportunity whilst managing the risks.
Whether you need help organising your data, strengthening your cybersecurity, training your team, or developing an AI policy, we’re ready to support your journey.
Get in touch with Anna and the team to discuss your AI readiness, or download our free cybersecurity training booklet to start protecting your team today.
Special thanks to everyone who attended the East Lancashire Chamber of Commerce event. We hope you found Anna’s presentation valuable, and we look forward to supporting you on your AI journey.
