Shadow AI Tripled to 45%. The Real Gap Is Who's Logged In.

A developer hits a bug at 6pm, pastes the failing code into a chatbot, and has a fix before the next meeting. A finance analyst drops a draft board pack into the same tool to tighten the wording. A salesperson feeds in a customer list to write follow-ups. None of them believes they are making a security decision, because they aren't. They are making a speed decision. The company simply wasn't in the room when they made it.

That is the shape of shadow AI, and it is now happening in every department at once.

The number behind the headline number

Verizon's 2026 Data Breach Investigations Report measured how widespread this has become. In a single year, the share of employees regularly using AI on company devices rose from 15% to 45%. That tripling outpaces almost any technology adoption on record. The 45% is the figure making headlines.

The figure that explains the risk is a quieter one in the same report. Two-thirds of those employees, 67%, are signing in with personal, non-corporate accounts. Nearly half your people using AI is not the risk worth losing sleep over. The risk is that most of them are doing it as themselves, on accounts the company never sees.

The headline number is 45%. The number that explains the risk is 67%, the share logged in with personal accounts.

Why the login matters more than the tool

When an employee uses an AI service through a company identity, with an enterprise agreement behind it, that use happens on terms you set. You can see it, put limits on the data it touches, and switch it off the day they leave. When the same person uses the same tool through a personal account, none of that holds. The session belongs to them, the data goes to a service you have no contract with, and you will most likely never know it happened.

Think of it as the difference between an employee walking into the building on their badge and propping a side door with a key they cut themselves. Same person, same building. One path is recorded and can be revoked. The other stays invisible until something goes missing.

What travels through that side door is not trivial. Verizon found source code is the most common type of data employees feed into outside AI tools, ahead of internal business data and technical documents. The OWASP Top 10 for LLM Applications 2025 puts the same categories near the top of its risk list: proprietary code, customer records, and financial detail, the material that defines a company's competitive edge. Once it lands in a consumer service, you cannot call it back.

What it costs, and who answers for it

For the board, the question is what this costs if it is left alone. IBM's 2025 Cost of a Data Breach Report gives a figure to work with. The average breach now costs $4.44 million. When shadow AI is involved, IBM adds roughly $670,000 to that, and found it a factor in one in five of the breaches it studied.

IBM adds roughly $670,000 to the cost of a breach when shadow AI is involved, on top of an average that already reaches $4.44 million.

The premium exists because ungoverned access is difficult to investigate after the fact. IBM also found that 63% of breached organisations had no AI governance policy, or were still writing one. The exposure is not only the cost of an incident. Gartner forecasts that one in four compliance audits in 2026 will ask specific questions about AI governance. The question an auditor, a regulator, or a potential acquirer puts to the board is a simple one: who had access to what, and can you prove it? If your intellectual property and customer data have been moving through consumer accounts nobody tracked, that is a hard question to answer well.

The futility of the blocklist

The traditional security reflex is to block the domains. But treating generative AI like a malicious website misunderstands the technology's appeal. Banning these tools does not halt their use. It drives them further underground. When a corporate firewall blocks an AI assistant that saves an analyst two hours of tedious formatting, the analyst does not abandon the efficiency. They pick up their personal smartphone and log in through an untracked app.

The answer is not to build higher walls. It is to pave a better road.

Organisations must provide enterprise-grade AI tools that match the capability of consumer models, governed by corporate identities and clear data boundaries. If the official front door is wide open and works well, employees have no reason to jimmy the side lock.


AKATI Sekurity · Four Moves to Close the Gap

Four moves to close the gap

Paving that road is a sequence, not a single switch. Four moves, in this order.

Before writing any policy, find out which AI tools your people use, under which logins, with which data. IBM found that only 34% of organisations with an AI policy ever check for unsanctioned use. You cannot govern access you have never measured.
The debate over which AI tools to approve is the wrong debate. The control that matters is the identity behind the session. Make the company account the way in, so AI use happens as the organisation, on terms you set, and can be turned off. That single shift is what closes the 67% gap.
People reach for personal tools because the sanctioned option is slower, or missing. The approved tool has to be better to use than the one they would have found on their own, or they will route around it. Make the safe path the easy path, and the shadow version loses its pull.
Treat AI access the way you already treat other access you govern. Assign one accountable person, run it against a recognised structure such as the NIST AI Risk Management Framework, and review it on the board's calendar rather than once a year. AI adoption keeps moving, and a policy written in March is stale by June.
A milestone, not a crisis

The 45% adoption rate is a milestone, not a crisis. The real vulnerability lies with the 67% operating in the dark. The mandate for modern security teams is no longer to keep artificial intelligence out of the building. It is to ensure that when it does the work, it wears a corporate badge.


AKATI Sekurity · Shadow AI FAQ

Frequently Asked Questions

Shadow AI is the use of AI tools inside an organisation without approval or oversight, usually consumer chatbots and AI browser features reached through personal accounts. It is the AI version of shadow IT, with more sensitive data in motion.
Verizon's 2026 DBIR found 45% of employees regularly use AI on company devices, up from 15% a year earlier, and that roughly two-thirds sign in with personal rather than corporate accounts. Source · Verizon 2026 DBIR
It is better understood as an access problem. The risk comes less from the tool than from how it is reached. The same AI service is governable through a company identity and largely invisible through a personal one.
Bans tend to remove visibility rather than behaviour. Verizon's data shows usage tripled while organisations were restricting it. Providing a governed alternative and controlling the login is more effective than prohibition. Source · Verizon 2026 DBIR
IBM's 2025 report attributes about $670,000 in additional breach cost when shadow AI is involved, on top of a $4.44 million average, and found it a factor in one in five breaches. Source · IBM Cost of a Data Breach 2025

Sources


Disclaimer

This article is provided for general information only and does not constitute legal, regulatory, or professional security advice. Statistics are drawn from the publicly available sources cited above and were accurate at the time of writing; figures and report findings may be revised by their publishers. Organisations should validate any control or policy decision against their own risk profile, regulatory obligations, and the current version of each source. AKATI Sekurity accepts no liability for actions taken on the basis of this article.


Next
Next

What PCI ASV Scans Require