Defensive Intelligence
Defensive
Intelligence
← Insights/Intelligence Brief

Shadow AI in Your Organisation: How to Find It and What to Do Next

Most organisations underestimate how many AI tools their teams are using. Here is a practical approach to mapping your exposure, and why the answer is not a ban.

nV

ninthLABS Ventures

Staff Writers

April 22, 20267 min read
SharePostLinkedIn

Shadow IT, the use of technology outside sanctioned channels, has been a familiar challenge for IT and security teams for decades. A team discovers a file-sharing tool is faster than the corporate alternative. A manager signs up for a project management platform before IT has finished evaluating it. The risk has always been data in places you cannot see.

Shadow AI is the same pattern with a categorically different exposure profile. The difference is not the fact of an unsanctioned tool. It is what that tool processes. An employee using an unapproved cloud storage service might expose a file. An employee using an unapproved AI tool exposes every question, document, strategy discussion, client detail, and sensitive draft they put into it. The content surface is orders of magnitude larger. And the governance gap (no log, no classification, no scrubbing, no audit record) is almost total.

65%

Of knowledge workers regularly use AI tools not approved by IT

Microsoft Work Trend Index, 2025

21%

Of organisations have established GenAI use policies

McKinsey, 2024

89%

YoY growth in AI-enabled adversary operations

CrowdStrike, 2026

0

Organisation-level audit logs in a typical ungoverned AI deployment

How to find shadow AI in your organisation

Most organisations significantly underestimate their shadow AI footprint. A reasonable estimate for a 200-person knowledge-work firm with no sanctioned AI program is that between 30 and 60 percent of employees are actively using AI tools, a number that climbs quickly in technical, legal, and creative functions. If you have not looked, here is where to look.

1. Network traffic and DNS logs

The most reliable technical signal. Look for outbound requests to AI provider domains: api.openai.com, api.anthropic.com, generativelanguage.googleapis.com, api.mistral.ai, and the growing list of AI-powered SaaS platforms that route through these same providers. A single afternoon of DNS log analysis in a mid-sized organisation will typically surface AI traffic from tools that IT has not evaluated, approved, or heard of.

2. Expense reports and SaaS spend

AI tool subscriptions show up on corporate cards. ChatGPT Plus, Claude Pro, Perplexity, Jasper, and dozens of AI writing and productivity tools have individual subscription tiers that employees purchase independently. A review of expense categories (particularly software, subscriptions, or productivity tools) will surface these. Finance teams running a SaaS audit in 2026 are consistently surprised by how many AI subscriptions exist across departments.

3. Browser extension audits

An underestimated vector. AI grammar tools, writing assistants, email composing tools, and summarisation plugins operate as browser extensions, and many route content to cloud AI backends. They run in the same browser context as corporate web applications, internal tools, and email clients. An enterprise grammar tool purchased centrally is visible. A shadow equivalent installed by an individual employee often is not.

4. Voluntary disclosure with an amnesty framing

Surprisingly effective, and consistently underutilised. A short, anonymous survey framed as 'we want to understand what tools you are using so we can make them available to everyone' rather than 'we are auditing for policy violations' typically surfaces AI tool usage that network logs miss. Employees using mobile devices, personal laptops for work tasks, or web-based tools that proxy through content delivery networks will not always appear in DNS logs.

What you typically find when you look

The typical finding in a shadow AI audit is not that employees are being careless. It is that they found AI tools genuinely useful, adopted them without friction, and have been using them for months without anyone asking. The content they are putting into them reflects their actual work: contract drafts, client emails, strategy documents, financial models, HR notes, meeting summaries, research questions. The full range of an organisation's most sensitive material.

The second finding is that the volume is typically higher than leadership expected. A survey of 200 employees that finds 80 active AI tool users is not unusual. That number (80 people, across months of usage, submitting organisational content to tools with no log, no scrubbing, and no governance) is the actual exposure surface.

Why banning does not work

The instinct when the shadow AI audit comes back with more than expected is to ban. A strong acceptable use policy. AI tools prohibited on corporate devices. Disciplinary consequences for violations. This is the wrong response, and not primarily because it is hard to enforce, though it is.

It is the wrong response because the productivity case for AI tools is real. The employees using them are, in most cases, more effective because of them. A ban that successfully sticks removes a genuine productivity advantage and drives usage further underground: onto personal devices, home networks, and mobile data connections that are genuinely invisible to corporate IT. You do not reduce the exposure. You stop seeing it.

The goal is not zero AI use. It is governed AI use.

An acceptable use policy tells employees what they should not do. A governed AI gateway gives them something better than the tools they are already using, with the governance built in. When there is a sanctioned AI program that is genuinely good to use, the incentive to go around it largely disappears. That is the design objective.

The governed gateway as the answer

A governed AI gateway, a single access point through which all AI requests flow with PII scrubbing, data classification, audit logging, and spend controls applied automatically, changes the dynamic entirely. Employees get access to the models they want to use. The organisation gets visibility and control it currently lacks. The shadow AI problem is not solved by prohibition. It is solved by providing something better.

The organisations that have done this well have not framed the governed gateway as a restriction. They have framed it as access. You get frontier models, you get support, you get the confidence that what you are using is approved and appropriate. The governance operates at the infrastructure layer, not the behaviour layer. Employees do not notice it. IT and security teams do.

The first step is knowing your actual footprint

If you have not done a shadow AI audit, start with understanding what tools your team is already using. OBEL can replace a fragmented set of individual AI subscriptions with a single governed workspace, giving your people the models they want and your organisation the visibility it needs. If that conversation is useful, it starts here.


References

  1. [1]Microsoft - "Work Trend Index 2025: AI at Work" (May 2025)
  2. [2]McKinsey & Company - "The State of AI in 2025" (November 2025)
  3. [3]CrowdStrike - "2026 Global Threat Report" (February 2026)
SharePostLinkedIn

More in Intelligence Brief

Act before the incident does

Do you know what your AI program is sending out the door?

Most organisations do not - until they have to explain it to a regulator, an insurer, or a client. OBEL gives you the observability to see it and the enforcement to stop it. If this post has raised a question your current stack cannot answer, that is worth an urgent conversation.

Book an urgent briefingStart free trial