Skip to main content
← All posts Aurora Brief · Essay

Shadow AI Is the New Shadow IT — What Leaders Need to Know

Shadow AI Is the New Shadow IT

Ninety-eight per cent of organisations have employees using AI tools nobody approved. Your organisation is almost certainly one of them. The question isn't whether to stop it — you can't — it's whether you know what's happening, who owns it, and what data is going where. Most leaders I talk to don't. That's not a discipline problem. That's a clarity problem.

What Shadow AI Actually Looks Like

Let me be specific about what I mean when I say shadow AI.

Your marketing manager pastes customer email lists into ChatGPT to draft segmentation copy. Your finance analyst runs Q3 forecasting data through a personal Claude account to catch anomalies faster. Your dev team uses GitHub Copilot on company code — except three of them are on the free tier with their personal Gmail addresses, not your enterprise subscription. None of them asked permission. None of them think they're doing anything wrong. And they're not wrong to think that — because nobody ever told them which tools were okay, what data they could put in, or who to ask.

This isn't hypothetical. Seventy-eight per cent of AI users bring their own tools to work. They're not waiting for your IT team to provision something. They're solving problems now, with the free-tier LLM that's one browser tab away.

And here's the part that makes this hard: they're probably getting better results than they would if they waited for you to catch up.

Why the Usual Responses Fail

The first instinct is to ban it. Block ChatGPT at the firewall. Send an email that says "unapproved AI tools are prohibited effective immediately." I've watched organisations do this. It doesn't work. It just drives the behaviour underground — now people use their phones, their home wifi, their personal laptops. You've traded visible risk for invisible risk, and you've told your best people that solving problems faster makes them rule-breakers.

The second instinct is to write a policy. Forty pages, definitions on page three, a framework for acceptable use, a review process that requires three signatures and two weeks. Nobody reads it. The people who would've asked permission keep asking. The people who weren't asking still aren't. You've spent a quarter on a document that changes nothing.

The third instinct is to wait and see — maybe this is a fad, maybe it'll regulate itself, maybe we'll have clarity in six months. That one's already too late. The agentic AI wave is coming; organisations that haven't sorted out what data can leave their perimeter and who owns that decision are going to be making it under pressure, in the middle of an incident, with regulators watching.

None of these work because they all start from the wrong place. They assume you know what's happening and need to control it. You don't know what's happening. That's the actual problem.

The Honest Cost

I'm not going to pretend there's no risk here. There is.

The IBM 2025 Cost of a Data Breach Report found that breaches involving shadow AI cost an average of $4.63 million — $670,000 more than breaches that didn't involve unsanctioned tools. It took organisations an average of 247 days to detect those breaches. That's not a small number, and it's not a hypothetical scenario. It's what happens when someone puts regulated data into a tool that logs it, stores it, or trains on it — and nobody knew the tool existed until the breach notification landed.

But here's what I want you to notice about that number: it's not a technology failure. It's a clarity failure.

The breach didn't happen because AI is inherently insecure. It happened because nobody knew which tools people were using, what data was going into them, or who owned the decision about whether that was acceptable.

The organisation didn't have an inventory. They didn't have a named owner. They didn't have an answer to the question "what data can leave our perimeter, and under what conditions?"

That's fixable. Not with a ban. Not with a policy. With an audit.

What an Audit Actually Is

An audit isn't a framework. It's not a maturity model. It's not a consultant-led engagement that takes three months and produces a deck.

It's four questions:

1. What AI tools are people in this organisation actually using? Not "what tools are approved" — what tools are people using right now, today, whether you know about it or not.

2. What data are they putting into those tools? Customer lists, financial forecasts, strategy decks, code, employee records, contract terms — name it specifically.

3. Who owns the decision about whether that's acceptable? Not "the policy says..." — who is the actual human being who can say yes or no, and what information do they need to make that call?

4. What's the next decision we need to make? Do we need to provision an enterprise version of a tool people are already using? Do we need to pull certain data types out of scope? Do we need to name an AI governance owner who doesn't exist yet? One decision. Not a roadmap. Not a five-year plan. The next decision.

You can run this audit in an afternoon. You don't need to hire anyone. You need one person who's willing to ask the questions, a spreadsheet, and the organisational authority to say "we're going to name what's happening, and then we're going to decide what to do about it."

That person is probably you.

Where to Start

I built a governance audit checklist — the actual questions to ask, the format to capture answers in, and the follow-up decision tree that tells you what to do with what you find. It's designed for someone who's running this audit for the first time, in an organisation that doesn't have an AI policy yet and isn't sure it needs one.

Download the AI Governance Readiness Checklist

If this is useful — if you run the audit and it surfaces something you didn't know, or if you forward it to someone on your leadership team and it helps you have the conversation you've been avoiding — that's the signal I'm looking for. I write about this kind of work once a month in Aurora Brief. It's where I think out loud about AI adoption, governance decisions, and what actually works when you're trying to move an organisation forward without breaking it.

Shadow AI isn't going away. The tools are too useful, the behaviour is too embedded, and the next wave — agentic AI that takes actions on your behalf, not just generates text — is going to make this ten times harder if you don't have the basics sorted now.

You don't need a 40-page policy. You don't need a ban. You need to know what's happening. Start there.