AI Governance

Shadow AI: Risks and How to Govern It Safely

Standarity Editorial Team·AI Governance Practitioners
··8 min read

Shadow AI is the use of artificial intelligence tools and services by employees without the knowledge, approval or oversight of IT, security or governance functions. It is the AI-era successor to shadow IT: instead of an unsanctioned file-sharing app, a marketer pastes a customer list into a public chatbot, an engineer routes source code through an unvetted coding assistant, or a finance analyst uploads a draft board deck to summarise it. The tools are powerful and free, the friction is near zero, and almost none of it appears on an approved-software register.

For most organisations the question is no longer whether shadow AI exists but how much of it is running and what it is exposing. In this guide we define the problem, explain why it spreads so fast, set out the concrete risks, show how to detect it, and lay out a governance response you can actually implement.

What is shadow AI?

Shadow AI covers any AI capability adopted outside official channels. That includes public generative AI chatbots used through personal accounts, AI features quietly switched on inside sanctioned SaaS products, browser extensions and plug-ins that call third-party models, and home-grown scripts wired to a model API on a corporate card no one reviewed. The common thread is the absence of oversight: no risk assessment, no data-handling contract, no logging, and no owner accountable for what the tool does with company information.

It is worth separating shadow AI from sanctioned AI that is simply governed poorly. Both are problems, but shadow AI is harder because you cannot manage what you cannot see. This is the same visibility gap that an AI management system is designed to close, and it is why formal frameworks treat an inventory of AI use as a foundational control rather than a nice-to-have.

Why shadow AI spreads so quickly

The scale of adoption is the first driver. In the 2024 Work Trend Index, Microsoft and LinkedIn found that 75 percent of knowledge workers were already using generative AI at work, and that 78 percent of those users were bringing their own tools rather than waiting for an approved option, a pattern the report labelled bring your own AI, or BYOAI (Microsoft and LinkedIn, 2024). When three in four people use a technology and most of them supply it themselves, unsanctioned use is the default state, not the exception.

The second driver is a governance vacuum. Employees adopt tools faster than committees can evaluate them, and policy rarely keeps pace. The consequences show up in the breach data: IBM reported that 63 percent of breached organisations either had no AI governance policy or were still developing one (IBM, 2025). Add genuine productivity pressure, zero cost, consumer-grade ease of use, and the natural human tendency to reach for the fastest tool, and rapid, invisible adoption is entirely predictable.

IBM found that shadow AI was involved in roughly one in five breaches (20 percent) and that incidents involving shadow AI cost organisations an average of USD 670,000 more than breaches without it (IBM Cost of a Data Breach Report, 2025).

The real risks of shadow AI

Shadow AI is not a hypothetical worry. It creates a cluster of connected, measurable risks that land on security, legal and the business at once.

  • Data leakage into public models. When staff paste confidential material into consumer tools, that data can leave your control and, depending on the terms, be retained or used to train the provider models. Cisco found that employees were entering internal process information (62 percent), non-public company information (48 percent) and employee names or personal details (45 percent) into generative AI tools (Cisco 2024 Data Privacy Benchmark Study).
  • Compliance and regulatory exposure. Feeding personal data into an ungoverned tool can breach the GDPR principles of lawfulness, purpose limitation and having a valid processing basis, and unsanctioned tools rarely sit behind a data processing agreement. Higher-risk uses can also fall under the EU AI Act, which nobody is assessing when the tool is invisible.
  • Intellectual property loss. Source code, product designs, pricing models and unpublished strategy pasted into a public model can leak your competitive edge, and content generated from third-party training data can carry its own IP and licensing uncertainty.
  • Inaccurate and fabricated outputs. Models hallucinate confidently. When ungoverned output flows into decisions, code or customer communications without review, errors propagate silently and accountability is unclear.
  • Expanded attack surface. Unvetted extensions, plug-ins and API integrations widen the ways an attacker can reach your data. IBM found that 13 percent of organisations reported breaches of their AI models or applications, and 97 percent of those lacked proper AI access controls (IBM, 2025).

The regulatory exposure is worth dwelling on because it compounds. Gartner has predicted that by 2027, 40 percent of AI-related data breaches will be caused by the improper use of generative AI across borders (Gartner, 2024). Data pasted into a public model can be processed and stored in a jurisdiction your privacy notices never contemplated, turning a convenience into a cross-border transfer problem you did not know you had.

How to detect shadow AI

Because shadow AI hides in ordinary web traffic and inside tools you already own, detection has to be deliberate. No single technique catches everything, so combine several and treat the result as a living inventory rather than a one-off scan.

  • Analyse network and proxy logs for traffic to known AI domains and model API endpoints, and review your secure web gateway or CASB for AI categories.
  • Query expense reports and SaaS spend for AI subscriptions bought on cards or expensed by individuals and teams.
  • Audit browser extensions, marketplace add-ins and OAuth grants across your identity provider, where AI plug-ins frequently request broad data scopes.
  • Review the settings of sanctioned SaaS products for AI features that were enabled by default or switched on without review.
  • Run anonymous surveys and open amnesty channels so employees can declare the tools they rely on without fear of punishment.

Expect the numbers to surprise you. Detection is not about catching people out; it is about building an accurate picture of real usage so that governance can meet employees where they already are rather than where policy imagines them to be.

How to govern shadow AI: a step-by-step response

The goal is not to ban AI. Cisco found that more than a quarter of organisations (27 percent) had banned generative AI at least temporarily (Cisco, 2024), yet bans mostly push usage further underground. The durable answer is to make the sanctioned path easier than the shadow one. We recommend a sequenced programme.

  • Establish an AI governance committee. Stand up a cross-functional body spanning security, legal, privacy, data and the business to own AI risk decisions, approve tools and set direction. This is the group that should be fielding the hard board-level questions about AI risk.
  • Build and publish an approved-tool catalogue. Give employees a clear, curated set of vetted tools with enterprise data protections, so the compliant choice is the obvious one.
  • Write an AI acceptable use policy. Define what data may and may not be entered, which tools are permitted, and the review steps for AI-assisted output. Keep it short enough to read and specific enough to follow.
  • Deploy technical controls and data loss prevention. Use DLP, a CASB or secure web gateway to detect and block confidential data leaving for unsanctioned tools, and enforce access controls and logging on the tools you do approve.
  • Train people continuously. Explain the risks, the approved alternatives and the reasoning behind the rules, because informed employees are your most effective control against data leakage.
  • Monitor, measure and iterate. Keep the AI inventory current, track policy exceptions, feed incidents back into the catalogue, and revisit the whole cycle as tools and regulation evolve.

This response maps cleanly onto recognised frameworks. The NIST AI Risk Management Framework organises the work into Govern, Map, Measure and Manage functions, and its practical value here is the Govern function that insists on knowing what AI you run before you try to control it. If you want a defensible, auditable structure, an ISO/IEC 42001 AI management system provides the certifiable backbone, while the EU AI Act sets the legal obligations that a governed catalogue helps you actually meet. Our practical guides to the NIST AI RMF and to EU AI Act compliance go deeper on each.

Policy essentials: what a good shadow AI policy contains

A shadow AI policy fails when it is vague or purely prohibitive. The strongest ones we see are concrete about data, tools and accountability. At a minimum, a workable policy should specify the following.

  • Data classification rules that state plainly which categories of information may never be entered into any external AI tool, and which are acceptable in approved, contracted tools.
  • An approved-tool list with a lightweight, fast route for employees to request that a new tool be assessed and added.
  • Human-in-the-loop review requirements for AI-assisted output before it reaches customers, code repositories or formal decisions.
  • Clear roles and accountability, naming who owns AI risk, who approves tools, and who employees ask when in doubt.
  • Transparency and record-keeping expectations, including where AI use must be disclosed and how it is logged for audit.
  • A regular review cadence so the policy keeps pace with new tools, new features and changing regulation.

Shadow AI is ultimately a governance signal, not a discipline problem. It tells you that people need capabilities faster than your official processes can supply them. Treat it that way and the response is straightforward: see what is actually in use, give people safe tools that are genuinely easier to reach, back them with clear rules and real technical controls, and keep the whole thing under continuous review. Organisations that do this convert an invisible liability into a managed, and often significant, source of productivity.

Frequently Asked Questions

What is shadow AI?

Shadow AI is the use of AI tools and services by employees without the knowledge, approval or oversight of IT, security or governance teams. Common examples include pasting confidential data into public chatbots, using unvetted AI browser extensions, or switching on AI features inside sanctioned software without review.

Why is shadow AI a risk?

Shadow AI can leak confidential data into public models, create GDPR and EU AI Act compliance exposure, cause intellectual property loss, propagate inaccurate or fabricated outputs, and widen your attack surface. IBM found shadow AI was involved in about 20 percent of breaches and added around USD 670,000 to the average breach cost in 2025.

How common is shadow AI in the workplace?

Very common. Microsoft and LinkedIn found that 75 percent of knowledge workers already used generative AI at work in 2024, and 78 percent of those users brought their own tools rather than waiting for an approved option. When most usage is self-supplied, unsanctioned AI is effectively the default.

How do you detect shadow AI?

Combine several methods: analyse network, proxy and CASB logs for AI traffic, review expense reports for AI subscriptions, audit browser extensions and OAuth grants, check sanctioned SaaS products for enabled AI features, and run anonymous surveys or amnesty channels so employees can declare the tools they use.

Should we just ban AI tools to stop shadow AI?

Generally no. More than a quarter of organisations have banned generative AI at least temporarily, but bans tend to drive usage underground rather than eliminate it. A better approach is to make the sanctioned path easier than the shadow one, with an approved-tool catalogue, clear policy, training and data loss prevention controls.

How do you govern shadow AI?

Stand up an AI governance committee, publish an approved-tool catalogue, write an AI acceptable use policy that defines what data may be entered, deploy DLP and access controls, train employees continuously, and maintain a living inventory that you monitor and review. Frameworks such as the NIST AI RMF and ISO/IEC 42001 provide a structured backbone.

Explore Courses on Udemy

Intermediate

Implement GenAI Governance Step by Step

Intermediate

The NIST AI Risk Management Framework (AI RMF)

Intermediate

Risks and Cybersecurity in Generative AI