The Rise of Shadow AI: Unveiling the Hidden Risks in Corporate Innovation

Shadow AI: How unapproved AI apps are compromising security, and what you can do about it

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Security leaders and CISOs are discovering that a growing swarm of shadow AI apps has been compromising their networks, in some cases for over a year. They're not the tradecraft of typical attackers. They are the work of otherwise trustworthy employees creating AI apps without IT and security department oversight or approval, apps designed to do everything from automating reports that were manually created in the past to using generative AI (genAI) to streamline marketing automation, visualization and advanced data analysis. Powered by the company's proprietary data, shadow AI apps are training public domain models with private data. What's shadow AI, and why is it growing? The wide assortment of AI apps and tools created in this way rarely, if ever, have guardrails in place. Shadow AI introduces significant risks, including accidental data breaches, compliance violations and reputational damage. It's the digital steroid that allows those using it to get more detailed work done in less time, often beating deadlines. Entire departments have shadow AI apps they use to squeeze more productivity into fewer hours. "I see this every week," Vineet Arora, CTO at WinWire, recently told VentureBeat. "Departments jump on unsanctioned AI solutions because the immediate benefits are too tempting to ignore." "We see 50 new AI apps a day, and we've already cataloged over 12,000," said Itamar Golan, CEO and cofounder of Prompt Security, during a recent interview with VentureBeat. "Around 40% of these default to training on any data you feed them, meaning your intellectual property can become part of their models." The majority of employees creating shadow AI apps aren't acting maliciously or trying to harm a company. They're grappling with growing amounts of increasingly complex work, chronic time shortages, and tighter deadlines. As Golan puts it, "It's like doping in the Tour de France. People want an edge without realizing the long-term consequences." A virtual tsunami no one saw coming "You can't stop a tsunami, but you can build a boat," Golan told VentureBeat. "Pretending AI doesn't exist doesn't protect you -- it leaves you blindsided." For example, Golan says, one security head of a New York financial firm believed fewer than 10 AI tools were in use. A 10-day audit uncovered 65 unauthorized solutions, most with no formal licensing. Arora agreed, saying, "The data confirms that once employees have sanctioned AI pathways and clear policies, they no longer feel compelled to use random tools in stealth. That reduces both risk and friction." Arora and Golan emphasized to VentureBeat how quickly the number of shadow AI apps they are discovering in their customers' companies is increasing. Further supporting their claims are the results of a recent Software AG survey that found 75% of knowledge workers already use AI tools and 46% saying they won't give them up even if prohibited by their employer. The majority of shadow AI apps rely on OpenAI's ChatGPT and Google Gemini. Since 2023, ChatGPT has allowed users to create customized bots in minutes. VentureBeat learned that a typical manager responsible for sales, market, and pricing forecasting has, on average, 22 different customized bots in ChatGPT today. It's understandable how shadow AI is proliferating when 73.8% of ChatGPT accounts are non-corporate ones that lack the security and privacy controls of more secured implementations. The percentage is even higher for Gemini (94.4%). In a Salesforce survey, more than half (55%) of global employees surveyed admitted to using unapproved AI tools at work. "It's not a single leap you can patch," Golan explains. "It's an ever-growing wave of features launched outside IT's oversight." The thousands of embedded AI features across mainstream SaaS products are being modified to train on, store and leak corporate data without anyone in IT or security knowing. Shadow AI is slowly dismantling businesses' security perimeters. Many aren't noticing as they're blind to the groundswell of shadow AI uses in their organizations. Why shadow AI is so dangerous "If you paste source code or financial data, it effectively lives inside that model," Golan warned. Arora and Golan find companies training public models defaulting to using shadow AI apps for a wide variety of complex tasks. Once proprietary data gets into a public-domain model, more significant challenges begin for any organization. It's especially challenging for publicly held organizations that often have significant compliance and regulatory requirements. Golan pointed to the coming EU AI Act, which "could dwarf even the GDPR in fines," and warns that regulated sectors in the U.S. risk penalties if private data flows into unapproved AI tools. There's also the risk of runtime vulnerabilities and prompt injection attacks that traditional endpoint security and data loss prevention (DLP) systems and platforms aren't designed to detect and stop. Illuminating shadow AI: Arora's blueprint for holistic oversight and secure innovation Arora is discovering entire business units that are using AI-driven SaaS tools under the radar. With independent budget authority for multiple line-of-business teams, business units are deploying AI quickly and often without security sign-off. "Suddenly, you have dozens of little-known AI apps processing corporate data without a single compliance or risk review," Arora told VentureBeat. Key insights from Arora's blueprint include the following: Start pursuing a seven-part strategy for shadow AI governance Arora and Golan advise their customers who discover shadow AI apps proliferating across their networks and workforces to follow these seven guidelines for shadow AI governance: Conduct a formal shadow AI audit. Establish a beginning baseline that's based on a comprehensive AI audit. Use proxy analysis, network monitoring, and inventories to root out unauthorized AI usage. Create an Office of Responsible AI. Centralize policy-making, vendor reviews and risk assessments across IT, security, legal and compliance. Arora has seen this approach work with his customers. He notes that creating this office also needs to include strong AI governance frameworks and training of employees on potential data leaks. A pre-approved AI catalog and strong data governance will ensure employees work with secure, sanctioned solutions. Deploy AI-aware security controls. Traditional tools miss text-based exploits. Adopt AI-focused DLP, real-time monitoring, and automation that flags suspicious prompts. Set up centralized AI inventory and catalog. A vetted list of approved AI tools reduces the lure of ad-hoc services, and when IT and security take the initiative to update the list frequently, the motivation to create shadow AI apps is lessened. The key to this approach is staying alert and being responsive to users' needs for secure advanced AI tools. Mandate employee training that provides examples of why shadow AI is harmful to any business. "Policy is worthless if employees don't understand it," Arora says. Educate staff on safe AI use and potential data mishandling risks. Integrate with governance, risk and compliance (GRC) and risk management. Arora and Golan emphasize that AI oversight must link to governance, risk and compliance processes crucial for regulated sectors. Realize that blanket bans fail, and find new ways to deliver legitimate AI apps fast. Golan is quick to point out that blanket bans never work and ironically lead to even greater shadow AI app creation and use. Arora advises his customers to provide enterprise-safe AI options (e.g. Microsoft 365 Copilot, ChatGPT Enterprise) with clear guidelines for responsible use. Unlocking AI's benefits securely By combining a centralized AI governance strategy, user training and proactive monitoring, organizations can harness genAI's potential without sacrificing compliance or security. Arora's final takeaway is this: "A single central management solution, backed by consistent policies, is crucial. You'll empower innovation while safeguarding corporate data -- and that's the best of both worlds." Shadow AI is here to stay. Rather than block it outright, forward-thinking leaders focus on enabling secure productivity so employees can leverage AI's transformative power on their terms.

What is Shadow AI? The Hidden Risks and Challenges in Modern Organizations

Imagine this: a marketing manager uses ChatGPT to draft a personalized email campaign. Meanwhile, a developer experiments with a machine learning model trained on customer data, and an HR team integrates an artificial intelligence (AI) tool to screen resumes. None of these actions go through the IT department for approval. What's happening here? This is shadow AI in action. Shadow IT -- which is using unapproved software or tools at work -- isn't new. However, with the rapid adoption of AI, shadow IT has evolved into something more complex: shadow AI. Employees now have easy access to AI-powered tools like ChatGPT, AutoML platforms, and open source models, enabling them to innovate without waiting for approval. While this might sound like a win for productivity, it comes with serious risks. Shadow AI is a growing concern for organizations embracing AI-driven solutions because it operates outside the boundaries of IT governance. Employees using these tools may unknowingly expose sensitive data, violate privacy regulations, or introduce biased AI models into critical workflows. This unmanaged AI usage isn't just about breaking rules -- it's about the potential for ethical, legal, and operational fallout. Shadow AI refers to the unauthorized or unmanaged use of AI tools, models, or platforms within an organization. It's a new form of shadow IT, where employees or teams adopt AI technologies without approval from IT or governance teams. Unlike traditional tools, AI's reliance on data and decision-making capabilities makes its risks more significant. A marketing intern is pressured to create a press release quickly. They've heard about ChatGPT's ability to write content and decided to try it. The intern copies a previous press release containing confidential client details and pastes it into ChatGPT's input box for "inspiration." ChatGPT generates an impressive draft, but the platform's data policy allows it to retain user inputs for model improvements. Now, sensitive client information is stored on external servers without the company's knowledge. A data scientist is eager to prove the value of predictive analytics for the company's sales department. He downloads customer purchase history without formal approval and trains a machine-learning model. He uses an open source dataset to supplement the training data to save time. However, this external dataset contains biased information. The model predicts purchasing behavior, but its results are skewed due to the bias in the training data. Without oversight, the model is deployed to make critical sales decisions. Customers from certain demographics are unfairly excluded from promotions, causing reputational harm to the company. A developer is tasked with adding a translation feature to a company's customer service portal. Instead of building a solution internally, she finds a third-party AI-powered API that offers instant translation. The developer integrates the API without vetting its provider or informing the IT department. The API contains vulnerabilities that the developer did not know. Within weeks, attackers exploit these vulnerabilities to access sensitive customer communication logs. The company suffers a significant security breach, resulting in operational downtime and financial losses. Shadow AI is spreading because it's easier than ever for employees to adopt AI tools independently. But this independence comes with risks, from compliance issues to security vulnerabilities. AI tools are now more accessible than ever, with many being free, inexpensive, or requiring minimal setup, making them appealing to employees seeking quick solutions. For example, a sales team might use a free AI chatbot to manage customer queries, unknowingly uploading real customer data for training. This data could be retained on external servers, creating a potential privacy breach. The problem lies in the lack of governance, as using easily accessible tools without oversight can result in data leaks or compliance violations, posing significant risks to the organization. User-friendly platforms like AutoML and DataRobot, and pre-trained models on platforms like Hugging Face, allow non-technical users to create AI models or deploy AI solutions quickly. For example, a marketing analyst might use Google AutoML to predict customer churn by uploading purchase histories to train a model. While the tool works seamlessly, she may unknowingly violate the company's data handling policy by failing to anonymize sensitive information and exposing private customer data to a third-party platform. The problem lies in the lack of technical oversight, as this capability increases the risk of errors, data misuse, and ethical issues, potentially compromising organizational security and compliance. The drive to innovate often leads employees to bypass IT governance to deploy AI tools more quickly, especially when facing tight deadlines where waiting for approval feels like a bottleneck. For example, a product team under pressure to launch a new feature in weeks might skip IT approval and deploy an open source AI-powered recommendation system found on GitHub. While the system functions, it produces biased recommendations that alienate certain customer segments. This rush to innovate without proper oversight can lead to significant long-term issues, including biased decisions, technical debt, and reputational harm, undermining organizational trust and performance. The absence of clear AI policies or approved tools often forces employees to find their solutions, creating an environment where shadow AI thrives. For example, an employee needing to analyze customer sentiment might use an external platform without understanding the associated risks if no internal options are available. This lack of governance leads to challenges in adopting AI responsibly, stemming from unclear data privacy and security guidelines, insufficient training on AI risks, and the unavailability of approved tools or platforms, ultimately exposing the organization to compliance and security vulnerabilities. Shadow AI introduces significant risks to organizations, often exceeding those associated with traditional shadow IT. From data breaches to ethical dilemmas, unmanaged AI usage can create problems that are difficult to detect and costly to resolve. Unauthorized AI tools pose significant security risks, mainly when sensitive data is uploaded or shared without proper safeguards, making it vulnerable to exposure. For example, employees using free generative AI tools like ChatGPT might inadvertently upload proprietary information, such as business plans or customer data, which the platform may retain or share for training purposes. Also, developers downloading open source AI models to accelerate projects could unknowingly introduce malicious models with hidden backdoors that exfiltrate sensitive data during use. Shadow AI often breaches data privacy laws and licensing agreements, exposing organizations to regulatory and legal risks. For example, a healthcare provider might use an unauthorized diagnostic AI tool, unknowingly uploading patient data to a non-compliant server, thereby violating regulations like HIPAA or GDPR and incurring substantial fines. Similarly, a team might train a machine learning model using a dataset with restricted licensing terms, and upon commercialization, the organization could face legal action for intellectual property infringement. AI tools deployed without proper oversight can perpetuate bias, make unfair decisions, and lack transparency, resulting in significant ethical and reputational issues. For example, a hiring tool trained on biased data might inadvertently exclude qualified candidates from underrepresented groups, reinforcing systemic inequalities. Similarly, a customer credit scoring system using an opaque AI model can deny loans without clear explanations, eroding trust and damaging the organization's credibility. Shadow AI frequently leads to fragmented systems, redundant efforts, and technical debt, disrupting business operations and efficiency. For example, when different departments independently adopt AI tools for similar tasks, it creates inefficiencies and integration challenges. Also, a team may develop a machine learning model without proper documentation or maintenance, leaving the organization unable to troubleshoot or rebuild it when the model fails, compounding technical debt and operational risks. Shadow AI thrives in environments without oversight, clear policies, or accessible tools. To mitigate its risks, organizations need a proactive and comprehensive approach. A strong AI governance framework provides clear policies and guidelines for using AI within an organization, forming the foundation for managing risks associated with AI tools and models. This includes defining policies that establish rules for approved AI tools, model development, and data handling practices, as well as specifying acceptable use cases such as data anonymization requirements and licensing compliance. The framework should also implement model lifecycle management by outlining AI model development, deployment, monitoring, and decommissioning processes while requiring comprehensive datasets, algorithms, and performance metrics documentation. Also, appointing AI stewards -- individuals or teams responsible for enforcing governance policies and overseeing AI projects -- ensures consistent adherence to these standards. Policy example: "AI tools used within the organization must be pre-approved by IT and security teams. Any data uploaded to external AI services must be anonymized and comply with relevant data protection laws." Education is essential for addressing shadow AI, as employees often adopt unauthorized tools due to a lack of awareness about the associated risks. Offering workshops and training sessions on AI ethics, data privacy laws (for example, GDPR and HIPAA), and the dangers of shadow AI helps build understanding and accountability. Regular updates through newsletters or internal communications can keep employees informed about approved tools, new policies, and emerging risks. Also, conducting simulated exercises or tabletop scenarios can vividly demonstrate the potential consequences of shadow AI breaches, reinforcing the importance of compliance and vigilance. Training example: Organize a company-wide training session titled "The hidden risks of shadow AI: Protecting our organization." Security controls are critical for monitoring and restricting unauthorized use of AI tools, enabling early detection and mitigation of shadow AI activities. AI monitoring tools, such as MLFlow and Domino Data Lab, can track AI model development and deployment within the organization. APIs and log monitoring solutions help detect unauthorized interactions with external AI platforms. Data Leakage Prevention (DLP) tools can identify and block attempts to upload sensitive data to unapproved AI platforms. Also, network controls, including blocklists for known external AI services, can restrict access to unauthorized AI applications, strengthening overall security. Employees often resort to shadow AI due to a lack of access to approved tools that meet their needs, making it crucial to provide alternatives that reduce the appeal of unauthorized platforms. Conducting surveys or interviews can help identify the specific tools employees require while centralizing approved options in a well-documented catalog ensures accessibility and clarity. Also, providing user-friendly interfaces and training for sanctioned tools encourages adoption and minimizes reliance on unsanctioned solutions. Compliance example: Provide pre-approved access to cloud-based AI platforms like Google Cloud AI or Azure AI, configured with organizational security and compliance policies. Effective management of AI initiatives requires fostering communication and alignment between IT, security, and business teams, ensuring that AI governance supports operational goals while maintaining security and compliance. Establishing cross-functional teams, such as an AI governance council with IT, security, legal, and business unit representatives, promotes collaboration and comprehensive oversight. Implementing feedback loops allows employees to request new tools or raise concerns about AI governance policies, ensuring their voices are heard. Also, aligning AI initiatives with organizational objectives reinforces their importance and fosters shared team commitment. Collaboration example: Hold quarterly AI governance meetings to discuss new tools, review compliance updates, and address employee feedback. As AI evolves, so does the challenge of managing its unauthorized use. Emerging trends in AI, such as generative models and foundation systems, bring both opportunities and risks, further amplifying the complexities of shadow AI. AI governance is increasingly central to modern DevSecOps practices, ensuring security, compliance, and ethical considerations are embedded throughout the AI lifecycle. This includes shift-left AI governance, where governance checks like dataset validation and model bias testing are integrated early in development. DevOps practices are also evolving to incorporate AI-specific CI/CD pipelines, including model validation, performance benchmarking, and compliance checks during deployment. Also, real-time monitoring and incident response mechanisms, such as automated alerts for anomalies like unexpected outputs or data integrity violations, play a critical role in maintaining the integrity and reliability of AI systems. New tools and technologies are emerging to tackle the unique challenges of monitoring AI systems, particularly those operating autonomously. Explainability and transparency tools like SHAP, LIME, and ELI5 allow organizations to interpret model decisions and ensure alignment with ethical standards. Continuous model monitoring platforms like Arize AI and Evidently AI offer ongoing performance tracking to detect issues like model drift or accuracy degradation. And network-based monitoring solutions can automate the detection of unauthorized AI usage by flagging interactions with unsanctioned AI APIs or platforms. Generative AI and foundation models like GPT and BERT have drastically lowered the barriers to developing AI-driven applications, increasing both the risks and benefits of shadow AI. Their user-friendly nature enables even non-technical employees to create sophisticated AI solutions, increasing accessibility. However, this ease of use complicates governance, as these tools often rely on large, opaque datasets, making compliance and ethical oversight more challenging. Additionally, generative models can produce biased, inappropriate, or confidential content, further amplifying risks to organizational integrity and reputation. As organizations increasingly embrace AI-driven solutions, shadow AI emerges as both a catalyst for innovation and a source of significant risk. On the one hand, it empowers employees to solve problems, automate tasks, and drive efficiency. On the other hand, its unmanaged nature introduces vulnerabilities, ranging from data breaches to compliance violations, ethical challenges, and operational inefficiencies. Shadow AI is a byproduct of AI's accessibility and democratization, reflecting the growing role of technology in modern workflows. However, its risks cannot be ignored. Left unchecked, shadow AI can erode trust, disrupt operations, and expose organizations to regulatory and reputational damage. AI tools have become ubiquitous in modern work, but their potential benefits come with responsibilities. Employees and decision-makers must: Ultimately, the question isn't whether shadow AI will exist -- it's how we manage it.