The Invisible Problem: What is Shadow AI?
In the age of digital transformation, employees naturally seek tools to increase their efficiency. The explosive growth of generative artificial intelligence in the past couple of years has opened a new dimension in this field. However, this drive for innovation has also brought a serious and often invisible security risk: the phenomenon of Shadow AI. This term refers to AI-based applications, services, and models that employees use in their daily work without the knowledge or permission of the company’s IT and security departments.
The scale of the problem is well illustrated by IBM’s research, which found that 38% of employees share sensitive work data with AI tools without permission. While this number is alarming on its own, from an AIQ standpoint, the real figure is likely much higher, as employees rarely self-report such activities for fear of restrictions. This uncontrolled data sharing is a direct path to severe data breaches and the loss of intellectual property.
Do you have a question about AI security? You can reach us here:
The Financial and Technical Dimensions of Risk
Shadow AI is not just a theoretical threat. According to IBM’s 2025 Cost of a Data Breach Report, the average cost of a data breach is $4.88 million. Incidents involving shadow data can run much higher. When an employee uploads a customer list, an internal financial report, or source code to an unapproved AI tool, the company loses control over that data: it doesn’t know where it’s stored, who can access it, or what it’s being used for.
The risk is further compounded by vulnerabilities in open-source AI ecosystems. For instance, researchers recently found nearly 40,000 agents in the OpenClaw ecosystem sitting wide open, with no authentication required. These unprotected agents could potentially access sensitive systems and data. Microsoft’s own guidance for OpenClaw recommends evaluating it inside a fully isolated environment, using dedicated non-privileged credentials, constant monitoring, and having a rebuild plan ready. The average employee, merely looking for a more efficient tool, will almost certainly not take these security precautions.
AIQ Analysis: A Compliance Nightmare in the Age of GDPR and the EU AI Act
In a corporate context, the Shadow AI phenomenon raises not only cybersecurity issues but also serious compliance questions, especially within the European regulatory framework.
From an AIQ standpoint, the use of unauthorized AI tools violates the core principles of GDPR on multiple fronts:
- Data processing without a legal basis: When an employee uploads personal data (e.g., customer information) to an external AI service, this processing lacks a proper legal basis, which can lead to heavy fines.
- Data transfer to third countries: Many popular AI tools transfer and process data outside the EU, which requires appropriate safeguards (e.g., an adequacy decision, standard contractual clauses). The absence of these also constitutes a GDPR violation.
- Lack of transparency and accountability: The company cannot account for what data is being processed by these shadow tools, for what purpose, or for how long, thereby breaching the principle of accountability.
The soon-to-be-fully-enforced EU AI Act further complicates the situation. The regulation imposes strict requirements on high-risk AI systems, including risk management, data quality, transparency, and human oversight. AIQ’s position is that no company can meet these requirements if AI systems are operating on its network without its knowledge.
The Link Between the OWASP LLM Top 10 and Shadow AI
In our work at AIQ, we pay close attention to the OWASP LLM Top 10 vulnerabilities. The Shadow AI phenomenon is directly linked to several of these risks:
- LLM05: Sensitive Information Disclosure: This is the most obvious connection. Employees inadvertently leak sensitive corporate data, trade secrets, or personal information when using an unvetted LLM.
- LLM08: Excessive Agency: The example of the 40,000 unprotected agents in the OpenClaw ecosystem perfectly illustrates this risk. Unchecked AI agents with excessive permissions can autonomously perform malicious actions on the corporate network.
- LLM10: Insecure Plugins/Tools: By definition, Shadow AI involves the use of unvetted, potentially insecure third-party tools. These tools may contain vulnerabilities that open up an attack surface into the company’s systems.
According to AIQ, risk registries alone do not solve the problem, as they rely on self-reporting. And employees are not going to self-report the tools they use if they think the IT department will slow them down or block them. The attack surface is growing by the hour, and traditional security tools—firewalls, DLP systems—are often powerless, as AI tool traffic typically runs over encrypted (HTTPS) channels, masquerading as legitimate web traffic.
The Solution: Visibility and Governed Innovation
The key takeaway is that traditional cybersecurity tools are unable to effectively detect and manage the risks posed by Shadow AI. An outright ban is not a viable strategy, as it stifles innovation and pushes users further towards under-the-radar solutions. Instead, companies need platforms specifically focused on AI, providing real-time discovery and control to identify AI usage within the network.
From an AIQ standpoint, alongside technological solutions, it is essential to develop a comprehensive internal AI Governance Policy, educate employees, and provide a curated toolkit of approved, secure AI tools. Services such as LLM red teaming and security audits help uncover hidden risks and build a proactive, security-conscious AI culture within the organization. The goal is not to ban AI, but to enable its use within a secure and governed framework to create business value.