Somewhere in your organisation, right now, someone is pasting a confidential document into a chatbot they pay for personally, on a browser tab they’ll close before the next meeting. They’re not a bad actor. They’re a good employee trying to do their job faster than your tools allow. And the moment you found out, your instinct was probably to block it.

That instinct is the actual problem.

“Shadow AI” — employees using AI tools that IT never approved — is now the default state of corporate work, not the exception. A WalkMe survey in mid-2025 found 78% of employees admit to using unapproved AI tools. An UpGuard report later that year put it above 80%, and notably found that executives were among the heaviest users. This isn’t a fringe of rule-breakers. It’s most of the workforce, leadership included.

You can treat that as a security incident to be suppressed. Or you can read it for what it is: a signal that the people doing the work have found something that helps, and your organisation hasn’t given them a sanctioned way to use it. Shadow AI is a verdict on your culture and your change management. The security risk is real, but it’s a symptom.


For the rest of us: what shadow AI is and why it spreads

Shadow AI is the AI cousin of “shadow IT” — the old problem of employees using unsanctioned apps (a personal Dropbox, a side Trello board) because the official tools were too slow or too clumsy.

What makes the AI version spread faster is the near-zero friction. There’s nothing to install and no budget to request. An employee opens a browser, logs into a chatbot with a personal account, and is more productive within minutes. The benefit is immediate and personal; the risk is abstract and the company’s. From the employee’s seat, that’s not a hard call.

The risk that lands on the company is concrete: confidential data pasted into systems with unknown retention; outputs nobody reviewed feeding real decisions; no record of which tools touched which information. But here’s the trap — if your only response is to block, employees don’t stop. They just get better at hiding it. You lose the one thing that actually reduces risk: visibility.


Restriction doesn’t reduce the behaviour. It hides it.

The intuitive corporate response to shadow AI is a ban. Block the domains, add a clause to the acceptable-use policy, send the stern email.

It doesn’t work, and the data shows why. With roughly four in five employees already using these tools — and many doing so weekly — a ban doesn’t reach a small group of offenders. It criminalises the majority of your workforce overnight. People who were quietly more productive don’t become less productive; they become less visible. They switch to personal devices, personal accounts, their phones. The usage continues. What disappears is your ability to see it, guide it, or protect anything.

So a ban achieves the precise opposite of its goal. The behaviour you wanted to control moves into a blind spot, and the data you wanted to protect now leaves through a channel you can’t even observe. You’ve traded a manageable, visible risk for an unmanageable, invisible one — and called it security.

The real driver is unmet demand

It’s worth sitting with why people reach for these tools in the first place. They’re not trying to leak data or break policy. They’ve found something that makes the work genuinely easier, and the organisation hasn’t offered a sanctioned equivalent.

That reframes the whole problem. Shadow AI isn’t primarily a discipline failure or a security gap. It’s unmet demand — a gap between what employees need to do their jobs well and what they’ve officially been given. The fact that executives are among the heaviest users makes the point unmissable: this isn’t junior staff cutting corners. It’s the entire organisation, top to bottom, signalling that the sanctioned toolset is behind where the work already is.

Every hour of shadow AI usage is a small data point telling you exactly where your official capability falls short. Suppress it and you destroy the signal. Listen to it and it becomes a roadmap.

Culture and empowerment are the actual controls

The organisations handling this well have inverted the instinct. Instead of asking “how do we stop people using AI,” they ask “how do we make the safe path the easy path.”

That means providing sanctioned tools that are genuinely good — good enough that there’s no productivity penalty for staying inside the lines. It means being open about what’s allowed, what isn’t, and why, so the rules read as protection rather than obstruction. It means treating the people who experiment as scouts, not threats — they’re showing you the frontier of useful work. Above all, it’s a culture question: do employees feel trusted and equipped, or policed and starved?

When the sanctioned path is the good path, shadow AI shrinks on its own — not because you banned it, but because there’s no longer a reason to go around. You can’t enforce your way to that outcome. You can only build it.

This is a change-management problem

The discipline this calls for already exists, and it isn’t cybersecurity. It’s change management — taking people on the journey of adopting a new way of working, rather than dropping a policy on them and hoping they comply.

Adopting AI well means understanding where employees are, what they’re already using, and what they’re afraid of. It means training, not just policy. It means bringing people along so the new tools feel like an upgrade they were given, not a leash they were handed. This is exactly the work I built the Agent Setup Workshop around — getting individuals and teams confident and capable with AI on terms they trust, so the empowered path and the safe path become the same path.

The companies that get this right won’t be the ones with the strictest blocklists. They’ll be the ones whose employees never needed a shadow in the first place.


What this means

If shadow AI is rampant in your organisation — and statistically, it is — resist the urge to read it as a control failure. Read it as a measurement.

Stop measuring success as “usage blocked.” That metric rewards invisibility, which is the opposite of safety. Measure it as “safe usage enabled.”

Treat the heavy users as your research department. They’ve already found where AI helps most. Sanction the good tools, fast, and bring the usage into the light where you can actually govern it.

Run it as change management, not enforcement. Take people on the journey. The goal isn’t compliance — it’s a culture where the safe way to work is also the best way to work.

Shadow AI tells you something true: your people are ready for this and your organisation hasn’t caught up. That’s not a threat to be suppressed. It’s an invitation to lead.


References

  • WalkMe / SAP, Shadow AI survey (July 2025) — 78% of employees admit using AI tools not approved by their employer.
  • UpGuard report (November 2025) — 80%+ of workers use unapproved AI tools; executives among the heaviest users. (Reported by Cybersecurity Dive.)
  • Gartner survey of cybersecurity leaders — 69% of organisations suspect or have evidence of employees using prohibited public GenAI tools.
  • keller-ai — Agent Setup Workshop.