Shadow AI: What It Is, the Risks, and How to Govern It Without Blocking AI
Shadow AI is employees using unsanctioned AI tools at work. Learn the risks, real examples, and how to detect and govern it without blocking AI.

What Is Shadow AI?
Shadow AI is the use of AI tools at work that the security team has not approved or does not even know about. Picture an employee pasting a customer list into a free chatbot, a team wiring an unsanctioned AI copilot into company data, or a browser extension that quietly ships documents to an outside AI service. It is the AI version of shadow IT, and it is spreading fast because AI tools are free, genuinely useful, and one click away.
The core problem is simple. Data you cannot see is data you cannot protect. When staff feed company information into outside AI tools, that data can be stored, logged, or used to train models far beyond your control.
Or Eshed, co-founder and CEO of LayerX Security, captured the human side on the podcast with a blunt line. A lot of AI risk, he said, is "natural stupidity to artificial intelligence," meaning ordinary people making ordinary mistakes with very powerful tools.
Shadow AI Examples You Are Probably Missing
Shadow AI is rarely one obvious app. It hides inside daily work. The common forms:
Pasting sensitive data into public chatbots: customer records, source code, or contracts dropped into a free tool to summarize or rewrite.
Unsanctioned copilots and plugins connected to email, code repositories, or cloud drives, often on personal accounts.
AI browser extensions that read the contents of a page and send it to a third party.
Bring-your-own-AI on personal devices, where nothing touches a company log.
Meeting bots that silently join calls and send transcripts to an outside service.
The copilot and plugin cases are the riskiest, because they act with a user's access. That is the same least-privilege problem we cover in agentic AI security: an AI tool inherits whatever the employee can reach.
Why Shadow AI Is a Security Risk
The numbers are no longer theoretical. IBM's 2025 Cost of a Data Breach Report found that 20 percent of breached organizations were compromised through shadow AI, and those breaches cost about 670,000 dollars more than the average incident. Just as telling, only 17 percent of organizations have technical controls that can stop employees from uploading confidential data to public AI tools. The other 83 percent rely on training, warning emails, or nothing at all.
Four risks stack up fast:
Data leakage: sensitive information leaves your control the moment it enters an outside model.
Compliance exposure: customer and regulated data in an ungoverned tool can break privacy rules.
Identity and credential risk: connected AI tools and saved logins widen the blast radius if an account is phished, the same pattern behind why passwords still get stolen.
No audit trail: when an AI tool is invisible, you cannot prove what data went where.
You also cannot protect data if you do not know what is going into the model in the first place, which is the case for tracking an AI data bill of materials. Shadow AI breaks that visibility at the source.
Shadow AI vs Shadow IT
Shadow AI is a cousin of shadow IT, but it is harder to catch and the damage is different.
Shadow IT | Shadow AI | |
|---|---|---|
What it is | Unapproved apps and services | Unapproved AI tools and AI features |
Main risk | Ungoverned access and data sprawl | Company data fed into models you do not control |
Why it is harder | Usually a separate app to discover | Often hidden inside approved apps and the browser |
The key difference: with shadow IT, your data usually stays in a database you could in theory reach. With shadow AI, data pasted into a model may be gone for good, absorbed into a system you have no claim on.
How to Detect and Govern Shadow AI
You cannot govern what you cannot see, and most shadow AI happens in the browser, not in network logs. That is the detection gap most teams miss. A workable order of operations:
Get visibility where AI is actually used: the browser session, where employees type into prompts, not just the network edge.
Inventory the tools in play and the data flowing to them, so you know your real exposure.
Apply controls at the point of use: warn or block when someone tries to paste regulated data into an AI prompt.
Tie AI use to identity, so every action maps to a person and a role.
Or Eshed's whole argument is that control belongs where users are. Network tools sit too far from the action to see a paste into a chatbot. The browser sits right on top of it.
Building a Shadow AI Policy That Does Not Block Productivity
A flat ban backfires. Tell people they cannot use AI and they will use it on their phones, off your network, with zero oversight. That is more shadow AI, not less. The better path is safe enablement, the same posture behind why security leaders should enable AI instead of blocking it.
A policy that holds up in practice usually does four things:
Offers sanctioned AI tools that are good enough that staff do not need to sneak.
States clearly what data can go into which tools, in plain language people remember.
Enforces the rules with guardrails at the point of use, not just a document nobody reads.
Gets reviewed often, because new AI tools appear every week.
The goal is not zero AI. It is AI you can see. Govern the doorway, and you can say yes to the tools your teams want without losing track of your data.
Listen to the Full Episode
On this episode of the Security Podcast of Silicon Valley, host Jon McLachlan (co-founder of YSecurity and Cyberbase.ai) talks with Or Eshed, co-founder and CEO of LayerX Security, about why the browser became the new battleground for enterprise AI.
Eshed makes a strong case that you cannot block your way out of AI, so the job is to enable it safely with control where people actually use it. He also explains why he thinks trying to be the single AI security vendor for everything is a trap.
It is a practical conversation for any security leader trying to say yes to AI without losing the data behind it.
What is shadow AI?
What is an example of shadow AI?
What are the risks of shadow AI?
How do you protect against shadow AI?
Security as a growth engine, not a tax
Submit a Security Request
Meet the hosts


