Shadow AI: how to see which AI tools your teams actually use

Your employees are already using AI. The question is whether you know which tools, with what data, and to what effect.

Three out of four knowledge workers already use AI at work. Nearly four in five bring their own tools rather than relying on what their employer provides. These aren’t rogue actors. They’re people trying to do their jobs with tools that actually work. The problem isn’t that employees adopted AI. It’s that governance never caught up, and now most organizations can’t see what’s running across their estates, can’t measure whether it delivers value, and can’t prove it meets compliance standards.

The gap between perception and reality is where the real damage sits. McKinsey’s Superagency in the Workplace report found that C-suite leaders estimated 4% of employees use generative AI for a significant portion of their daily work. Employees self-reported the figure at roughly 13%: three times higher. Employees self-reported the figure at roughly 13%: three times higher. Leadership isn’t just behind on policy. They’re behind on basic awareness of what’s happening inside their own organizations.

And this isn’t because employees are acting recklessly. It’s because the sanctioned alternatives either don’t exist or don’t meet the need. Microsoft’s 2024 Work Trend Index, surveying 31,000 knowledge workers across 31 markets, confirmed the pattern: 78% of AI users choose their own tools. When four out of five people route around what IT provides, the enterprise loses visibility into a significant part of its technology estate. Not through negligence, but through the absence of anything better to use.

What this looks like in practice, and why you can’t see it

Shadow AI doesn’t look like traditional shadow IT. There’s no unauthorized hardware, no rogue install, no procurement request to intercept. An analyst pastes customer data into ChatGPT to summarize a quarterly review. A nurse enters clinical notes into a free-tier tool to draft discharge instructions. A procurement team adopts a department-level AI contract without telling IT. These tools run in the browser, often through personal accounts, and leave no trail that conventional asset management can follow.

Netskope’s 2025 Cloud and Threat Report, based on telemetry from over 3,500 enterprises, confirms the scale: 72% of generative AI use runs through personal rather than corporate-managed accounts. Gartner’s November 2025 analysis is instructive: shadow AI typically requires nothing more than visiting a website in a browser. That single observation explains why network monitoring, software inventories, and CASBs all miss it. They were designed to catch a different category of problem entirely.

If you’re running IT in a regulated organization, that blind spot is wider than you think. The Zylo 2026 SaaS Management Index, analyzing over 40 million licenses, found that IT leaders have visibility into only about 13.5% of the applications their organizations actually use. AI tools don’t just fall into that gap. They expand it, because existing inventories were never built to track browser-based, personal-account tooling.

The cost of not knowing

The compliance exposure is already well documented. Samsung’s engineers pasted proprietary source code into ChatGPT within weeks of internal approval, and the case became the canonical cautionary tale. IBM’s 2025 Cost of a Data Breach Report found shadow AI involved in 20% of breaches, adding $670,000 to the average cost, and 97% of organizations that experienced an AI-related breach lacked proper access controls. The pattern is clear: governance policies exist on paper, but only a third of organizations actually audit for unsanctioned use.

For regulated industries, this compounds in ways that generic risk framing undersells. A nurse entering patient data into a free-tier AI tool creates a HIPAA exposure regardless of intent. A financial services analyst using a personal AI account to process client data breaches data residency requirements that the organization is contractually bound to uphold. The obligations don’t pause while governance catches up.

But compliance risk is only half the picture. When multiple departments independently purchase overlapping AI tools, the organization pays for redundancy it can’t see, with no basis for consolidation, negotiation, or measurement. The spend optimization conversation here isn’t just about software licenses. It’s about the total cost of technology and enablement spend that sits outside any line of sight.

Detection isn’t enough: you need measurement

Blocking doesn’t work. Gartner’s research on AI agent sprawl confirms that employees route around restrictions, and organizations that banned ChatGPT in 2023 simply watched usage migrate to personal devices and alternative tools. The NIST AI Risk Management Framework points toward a more durable approach: understand AI use rather than try to eliminate it. Map what exists. Measure risk and value over time. Manage based on evidence rather than assumption.

In practice, that means continuous, browser-level visibility into which AI tools people use, through which accounts, and how often. Not a one-time audit. Not an annual survey. Real-time telemetry that updates as new tools appear and usage patterns shift. The market is moving in this direction; Gartner projects AI governance platform spend will exceed $1 billion by 2030. But the tooling only matters if it measures outcomes, not just presence.

That distinction is where most governance strategies stop short. Detection tells you what exists. Measurement tells you whether any of it works. The organizations that close that gap won’t just reduce risk. They’ll have the evidence to decide which AI investments to scale, which to retire, and where the next dollar of spend is actually justified. That’s a fundamentally different conversation from “how do we stop people using ChatGPT.”