Somewhere in your organization, today, someone pasted work data into an AI tool you’ve never heard of. Maybe it was a contract. Maybe it was a chart note, a customer list, or a piece of source code. They weren’t trying to cause harm. They had a deadline, the tool was free, and it worked.
That’s shadow AI: employees using AI tools without the knowledge or approval of IT and security. It’s the AI version of shadow IT, with one difference. These tools run on data. Whatever your people feed them leaves your control and lands on infrastructure you never vetted, under retention policies you never read.
The instinct is to treat this as an edge case. The numbers say it’s the norm.
How big this actually is
Microsoft and LinkedIn surveyed 31,000 knowledge workers across 31 countries for the 2024 Work Trend Index. Among employees who use AI at work, 78% bring their own tools rather than using anything their employer provides. That cuts across every generation, from Gen Z to boomers.
It gets worse. A 2025 global study by KPMG and the University of Melbourne, covering 48,000 people in 47 countries, found that 57% of employees hide their AI use and present AI-generated work as their own. Almost half admit to using AI in ways that break company policy. That includes uploading sensitive company information to free public tools.
That’s most of your workforce, and most of them are keeping it quiet.
78% of employees who use AI at work bring their own tools (Microsoft & LinkedIn, 2024). 57% hide their AI use from their employer, and nearly half admit to breaking company AI policy, including uploading sensitive data to free public tools (KPMG & University of Melbourne, 2025).
The 91% problem
Here’s the stat that should reframe how you think about policy. Mimecast’s State of Human Risk 2026 report, built on a survey of 2,500 IT and security decision makers across nine countries, found that 91% of organizations face obstacles getting employees to comply with security policies.
Read that again. Most of those organizations have a policy. They report they can’t get people to follow it. The rule exists on paper while the actual work happens somewhere else.
The same report found 80% of organizations worry about sensitive data leaking through generative AI tools. Yet 60% have no specific strategy to address it, and only 28% combine regular security training with continuous monitoring. The worry is nearly universal. The plan mostly isn’t there.
Shadow AI lives in exactly that gap, between what the policy says and what people do at 4:45 on a Thursday.
What it costs when it goes wrong
For years, shadow AI risk was theoretical. IBM’s 2025 Cost of a Data Breach Report put numbers on it. One in five organizations that suffered a breach traced it to shadow AI. Organizations with high levels of shadow AI paid an average of $670,000 more per breach than those with little or none.
The breaches were also worse in kind. Shadow AI incidents exposed customer PII in 65% of cases, against a 53% global average, and intellectual property in 40% of cases against 33%. The data that walks out through an unsanctioned chatbot is precisely the data you least want walking.
And the oversight gap is wide. Per the same report, only 37% of organizations have policies to manage AI or detect shadow AI. 63% either have no AI governance policy at all or are still writing one.
One in five breaches now involves shadow AI. High shadow AI usage adds an average of $670,000 per breach. Only 37% of organizations have policies to manage AI or detect unsanctioned use. (IBM Cost of a Data Breach Report, 2025)
Regulated industries carry the most exposure
If you operate under HIPAA, CMMC, GLBA, or attorney-client privilege, the same behavior carries a heavier penalty, because the data that leaks is the data your regulator cares about.
Netskope’s Threat Labs healthcare report makes this concrete. In healthcare, regulated data such as patient records accounted for 89% of AI-related data policy violations. The average across all industries is 31%. When a healthcare worker overshares with an AI tool, it’s almost always PHI.
The financial stakes match. IBM found healthcare breaches remain the costliest of any industry at $7.42 million on average, and U.S. breach costs overall hit a record $10.22 million. A defense contractor pasting controlled technical data into a public chatbot has an ITAR and CMMC problem. A clinic has a HIPAA problem. Same paste, very different consequences.
A prior auth coordinator is behind on a queue of requests. She pastes a patient’s clinical summary into a free AI tool to draft the justification letter. It takes ninety seconds and the letter is good. The tool’s terms allow it to retain inputs. No one approved it, no one logged it, and no risk analysis covers it. Your organization just disclosed PHI to an unvetted third party, and the only record of it is in her browser history.
Why bans fail, and what works instead
The reflex answer is to block the tools. The data suggests that mostly drives the behavior underground. Remember the KPMG finding: 57% of employees already hide their AI use. People hide things that are banned. They don’t stop doing them, because the productivity gain is real and they can feel it.
What does move the number is giving people a sanctioned tool that’s as easy as the one they’re hiding. Netskope watched this happen in healthcare over a single year: as organizations rolled out managed AI platforms, use of personal AI accounts at work fell from 82% to 32%, while organization-managed AI use rose from 12% to 56%. Nobody had to win an argument about policy. The sanctioned path just got easier than the shadow one.
That’s the actual lesson in all of these numbers. Shadow AI is a demand signal. Your employees are telling you, at scale and in their own time, that they want AI in their workflow. The only question is whether that demand gets met on infrastructure you govern or infrastructure you can’t see.
This is where deployment becomes the compliance decision. A locally hosted AI platform, running on infrastructure your organization controls, gives your people the capability they’re already seeking out, while the data stays inside the boundary your existing governance already covers. There’s no third-party retention policy to audit, because there’s no third party. The 4:45-on-a-Thursday paste goes into a system you can log, monitor, and answer for.
You can’t out-policy a behavior that 78% of AI users engage in and 57% hide. The organizations that reduced shadow AI did it by making the governed tool the convenient one. Where that tool runs determines whether your data ever leaves.
Sources: Mimecast, State of Human Risk 2026 (survey of 2,500 IT and security decision makers across nine countries). IBM, Cost of a Data Breach Report 2025 (conducted by Ponemon Institute across 600 breached organizations). Microsoft & LinkedIn, 2024 Work Trend Index (31,000 knowledge workers, 31 countries). KPMG & University of Melbourne, Trust, Attitudes and Use of AI: A Global Study 2025 (48,000 respondents, 47 countries). Netskope Threat Labs, Healthcare Report 2026. This article is informational and not legal advice.
Give Your Team a Better Option Than the Shadow One
Cognetryx runs a capable AI platform on infrastructure you control, with your access management and audit logging. Your people get the tool they’re already looking for. Your data never leaves your network.
Book a Free AI Strategy Assessment →