AI Security Posture Take the free diagnostic
The AI Security Posture Playbook

Your AI adoption is probably running ahead of your governance. By quite a bit.

The FCA, Bank of England, and HM Treasury issued a joint statement on frontier AI and cyber resilience in May 2026, directing regulated firms to strengthen AI governance, third-party controls, and AI-specific incident response. This is the remediation document behind the free diagnostic.

4/15 The average organisation, scored against the 15-stage framework in this Playbook, answers only 4 of 15 questions at best-practice level.

Instant download. PDF + full bundle. No subscription.  ·  Diagnostic: 5 minutes, scored out of 45, no account required.

The problem

AI adoption moved faster than the governance. That's the whole problem.

From 2023 onwards, UK organisations adopted AI tools at a pace the usual governance processes weren't built for. ChatGPT arrived and within six months it was in use across most organisations - sometimes by IT procurement, sometimes by individual employees on personal accounts, sometimes by engineering teams who'd quietly integrated a model API into a production service without a DPIA, a DPA, or a data residency check.

None of that was reckless. The productivity case for these tools is real. But the governance gap that opened up is also real, and it's getting harder to ignore.

The FCA, Bank of England, and HM Treasury joint statement from 15 May 2026 was the clearest signal yet that UK regulators consider this a financial services risk, not just an IT question. They specifically called out AI governance, third-party controls, and AI-specific incident response as areas where regulated firms needed to strengthen their posture.

The EU AI Act is already in force on prohibitions, with the bulk of high-risk system obligations applying from August 2026. ISO 42001, the AI management system standard published in December 2023, is the certification route for organisations that need formal evidence of AI governance maturity.

The problem isn't that organisations don't know they should have AI governance. Most of them do. The problem is the gap between "we know we should" and "here is our documented posture, scored across 15 domains, with owners and target dates for every gap." The Playbook is how you close it.

Who it's for

Written for practitioners in regulated UK organisations

If you're a CISO, DPO, Head of Security, Head of Compliance, or AI programme lead at a UK regulated organisation, this Playbook is for you.

Financial services & insurance

Banks, insurers, asset managers, fintechs - anywhere the FCA, PRA, or both have a supervisory interest. The May 2026 joint statement is the specific regulatory anchor.

NHS & health sector

Health data is special category data under UK GDPR. The ICO's expectations on DPIAs and automated decision-making apply with particular force here.

MoD & public sector

Classification requirements, BYOD restrictions, and third-party security assessments create constraints generic AI governance guidance doesn't address.

Any UK org processing personal data at scale

The framework applies wherever UK GDPR obligations bite - which is most medium and large organisations.

It assumes you know what UK GDPR, OWASP, and NIST mean, and that you've dealt with FCA or ICO expectations before. It does not assume you've built an AI governance framework from scratch, because almost nobody has. Whether you're technical-but-not-a-CISO, or a CISO without a deep technical team, the Playbook is written to work for both.

What's inside

The 15-stage framework. All 15 chapters.

The diagnostic has 15 questions, each covering one domain of AI security posture. Each maps to a chapter. The framework is organised into 7 parts, and it builds in sequence: the policy foundations have to exist before the technical controls can be meaningful.

Part 1 - AI Tool Access Policy (Stages 1-2)

Ch 1 - Consumer AI tool permissions. What it means to "permit" a tool in writing, why blanket bans fail, and what a tiered AI Acceptable Use Policy looks like.

Ch 2 - Personal vs enterprise accounts. Why consumer and enterprise tiers aren't the same product, what you lose without enterprise accounts (audit logging, DPA coverage, training opt-out), and the joiner/mover/leaver gap for AI tools.

Part 2 - Data Residency and Transfer (Stage 3)

Ch 3 - Data residency. UK GDPR transfer mechanisms, FCA/PRA outsourcing obligations under SYSC 8, why US-default routing matters even for "enterprise" tools, and how to map your AI tool estate. Includes the insurer case study - browser-blocked ChatGPT, missed on personal phones.

Part 3 - Endpoint and Network Controls (Stages 4-6)

Ch 4 - Local AI models. Ollama, LM Studio and the rest solve residency but introduce provenance and audit risk.

Ch 5 - Device and MDM coverage. Most technical controls only work on managed endpoints; the honest message about BYOD is here.

Ch 6 - Secure Web Gateway coverage. What URL blocking doesn't give you, which vendors deliver AI-category controls, and why SSL inspection isn't optional.

Part 4 - Data Loss Prevention and Inspection (Stages 7-8)

Ch 7 - DLP for AI tools. Why your existing DLP rules don't extend to AI tool traffic, and what AI-specific patterns look like. Includes the DLP-alert case study with no "gotcha" ending.

Ch 8 - Inline query inspection. Semantic inspection beyond pattern matching, prompt-injection detection, and the lightweight entry points before a full runtime governance layer.

Part 5 - Governance and Training (Stages 9-11)

Ch 9 - AI Acceptable Use Policy at the governance layer, and the "published vs actually communicated" distinction most organisations get wrong.

Ch 10 - AI security awareness training. The specific AI risks general training misses, structured to actually be completed.

Ch 11 - AI governance and tool review. The tiered review framework, from light-touch up to blast-radius analysis for agentic AI. Includes the governance case study.

Part 6 - Shadow AI and Coding Assistants (Stages 12-13)

Ch 12 - Shadow AI detection. SWG-based discovery, and why shadow AI data belongs with business leaders as well as security teams.

Ch 13 - AI coding assistants. Why Copilot, Cursor and the rest carry a distinct risk profile, the training-on-your-code question, and why SAST applies to AI-generated code.

Part 7 - Privacy, Compliance, and Incident Readiness (Stages 14-15)

Ch 14 - Data Protection Impact Assessments. When a DPIA is mandatory, Article 22 automated-decision obligations for underwriting/credit/clinical triage, and why a bad DPIA is worse than none.

Ch 15 - AI incident response. Why AI incidents don't look like traditional ones, the four scenario types every plan needs, and the ICO 72-hour notification window.

Each chapter follows the same structure: what the stage covers, what failure looks like, what good looks like, remediation steps you can task into a sprint, and a self-assessment checklist scored 0-3 (not started / partial / implemented / implemented and tested).

The full bundle

The Playbook is the PDF. The bundle is everything you need to act on it.

At £195 you get the PDF and four additional artefacts designed to cut the time between "I've read this" and "we're actually doing something about it."

The AI Security Posture Playbook (PDF)

The full 15-chapter document, ~80,000 words. Written for practitioners, not consultants. Named vendors where it's useful. Honest about what each control does and doesn't cover.

Assessment Templates (three documents)

A stage-by-stage assessment worksheet (every stage, 0-3 score criteria, evidence fields) feeding the Remediation Roadmap; the 25-question AI vendor security questionnaire (the Tier 2 review template, ready to send); and a DPIA template with a dedicated Section G for Article 22 automated decision-making - the section generic templates omit.

12-slide Board-Ready Presentation

Present without modification beyond your score and top-three priorities. Covers the adoption-risk context, the FCA/BoE/HM Treasury framing, your posture score, the 7 domains, priority actions, and governance structure. Speaker notes included. ~20 minutes of board time.

Remediation Scripts (four guides)

The most directly time-saving part. A Netskope configuration guide (AI category groups, DLP rules, SSL inspection); a GitHub security guide (secret scanning, SAST via Actions, Copilot audit logs) with the actual commands; an Azure/M365 guide (sensitivity labels, Purview DLP for Copilot, audit retention); and incident-response detection queries.

Working Splunk (SPL) and Microsoft Sentinel (KQL) queries for all four AI incident scenarios in Chapter 15 - each annotated with the index names, sourcetypes and thresholds you need to adapt to your environment:

// AiToolHighVolumeUpload
// Flags users uploading more data to AI tool endpoints in a 1-hour window
// than their historical baseline, adjusted for standard deviation.
// ADAPT: AI domain list, uploadThresholdMB, stdDevMultiplier to your baseline.

That level of annotation runs throughout. These are the starting points a security engineer would actually use, not sample scripts padded to look substantial.

About the author

Why this Playbook, from this author

I've worked in software and platform engineering for about 20 years, starting in a small development house in Hull in June 2005 with a PHP portfolio and a PowerPoint to convince the MD to take a chance on me. No degree. Just projects.

What followed was a winding career across environments where getting things wrong has consequences: Genomics England, the Ministry of Defence, Fidelity, bp, Vodafone. Regulated organisations, health data, financial infrastructure, defence systems.

The thread through most of it has been the gap between what organisations say they're doing and what they're actually doing - in CI/CD pipelines, in deployment practices, in security controls, and increasingly in AI governance. I spent a couple of years at bp as a DevOps Evangelist running workshops for several thousand engineers on what good looks like. The consistent finding: the tools existed, the guidance existed, but implementation lagged because nobody had time to connect the two.

That pattern - tools ahead of governance, adoption ahead of oversight - is exactly what I kept seeing with AI from 2023 onwards, which is what led to the diagnostic and eventually to this Playbook. I signed up to the OpenAI API in September 2021, before most people had heard of GPT, and I've been building with large language models since, including agentic systems. That gives me a reasonable view of both sides: the security risks of deploying AI in production, and the genuine productivity case that makes organisations want to deploy it anyway.

The 15 stages reflect 20 years of regulated-sector experience filtered through the specific lens of AI in 2025 and 2026. I've written it as I'd explain things to a smart CISO who doesn't need the vendor pitch - just the framework and the honest caveats. My DMs are open on LinkedIn if something here raises a question specific to your environment.

FAQ

Frequently asked questions

What format does it come in, and how do I get it?
PDF, downloaded immediately after purchase. The bundle - Playbook PDF, three assessment templates, 12-slide board deck, and four remediation scripts - is delivered as a ZIP. No account required, no DRM. Print it, share it with your team, save it to your DMS.
I work outside the UK / in EU financial services. Is it still useful?
The framework is written for UK regulated organisations and references FCA, PRA, ICO and UK GDPR throughout. Under EU GDPR the obligations are similar in structure. The EU AI Act is referenced where relevant, and the 15 stages map onto the controls a conformity assessment programme would examine. The technical chapters (SWG, DLP, coding assistants) have no jurisdiction dependency.
Is it current with the EU AI Act?
Yes, in context. Prohibitions took effect February 2025; high-risk obligations apply from August 2026. It doesn't cover the full conformity assessment regime - that's a separate document - but working the 15 stages gives you the operational posture (inventory, governance, DPIAs, incident response) any EU AI Act programme has to stand on.
What about ISO 42001?
ISO/IEC 42001 (published December 2023) is the AI management system standard and the certification route for evidencing maturity. The 15 stages map onto the controls an ISO 42001 audit would examine, so this is useful preparation rather than a parallel exercise.
Will it be updated as regulations develop?
Yes. Purchasers receive updates at no extra charge when material regulatory or technical developments warrant a revision. The UK AI regulatory environment is moving quickly; a document that isn't updated would be of limited value within 12-18 months.
Do I get a VAT receipt?
Yes, issued automatically on purchase. If you need a specific invoice format for a purchase order or expenses, get in touch after purchase.
What's the refund policy?
If you buy it, download it, and find it doesn't cover what this page says it covers, contact within 14 days for a refund. Digital goods are generally non-refundable once accessed, but if the product isn't what's described, that's a different matter. I'd rather you be satisfied than keep £195 from someone who found no value in it.
Is this a vendor pitch in disguise?
No. Vendors are named because naming them is useful to someone implementing controls. Netskope and Zscaler appear often in the SWG/DLP chapters because they're genuinely the category leaders for AI tool visibility - an observation, not an endorsement. Nobody paid to be included.
I'm a CISO with a limited budget. Is it worth £195?
If you haven't started on AI governance, the Playbook and worksheet together give you a documented position across 15 domains, a board presentation, and a prioritisation framework - the alternative is paying a consultancy far more, or building it yourself over weeks. If you're already advanced, the detection queries and vendor questionnaire are the highest-value parts. Unsure? Take the free diagnostic: score above 30 and it's a refinement tool; below 20 and it's a roadmap.
Pricing

£195, one payment, everything included, no subscription

£195 one-time · instant download · VAT receipt issued
  • The AI Security Posture Playbook (PDF, 15 chapters, ~300 pages)
  • Stage-by-stage assessment worksheet (all 15 stages, 0-3 scoring, evidence fields)
  • 25-question AI vendor security questionnaire (ready to send)
  • DPIA template with Article 22 automated-decision section
  • 12-slide board-ready presentation (populate score + top 3, present as-is)
  • Netskope configuration guide (AI category groups, DLP rules, SSL inspection)
  • GitHub security configuration guide (secret scanning, SAST, Copilot audit logs)
  • Azure/M365 configuration guide (sensitivity labels, DLP policy, audit retention)
  • IR detection queries - SPL & KQL for 4 scenarios (leakage, prompt injection, AI phishing, agent action)
  • Future updates included at no extra cost

Instant download. No account required. 14-day satisfaction policy.

Priced for a professional buyer - a CISO, DPO, or security lead who'll use it to build or strengthen an AI governance programme. If you're an individual just exploring the topic, take the free diagnostic instead.

If your diagnostic score raised questions, this is where you go next.

The average organisation answers 4 of 15 questions at best-practice level. That's where most UK regulated organisations are in mid-2026. The Playbook gives you the structure; the worksheet turns it into a documented position; the board deck turns that into a governance commitment; the detection queries and config guides turn the commitment into actual controls.

My DMs are open on LinkedIn if you have questions before buying.