IBM's 2025 Cost of a Data Breach report introduced a new data point: shadow AI adds $670,000 to the average breach cost. Organizations where employees use unapproved AI tools experience more expensive breaches because the data exposure surface is wider, detection takes longer, and containment is more complex.
Salesforce's 2024 Generative AI Snapshot surveyed 14,000 workers globally. 38% admitted to sharing company data with AI tools their employer has not approved. Microsoft's 2024 Work Trend Index found that 78% of AI users bring their own AI tools to work. Cisco's 2025 AI Readiness Index found that 97% of organizations lack adequate access controls for AI tools.
The pattern: employees use AI to be more productive. They paste customer data into ChatGPT to draft emails. They upload financial spreadsheets to Claude to generate summaries. They feed source code into Copilot to find bugs. The data leaves the organization's security perimeter and enters systems the organization does not control, cannot audit, and may not even know exist.
The Numbers
IBM (2025 Cost of a Data Breach):
- Shadow AI increases average breach cost by $670K
- Total average US breach cost: $10.22M
- 16% of breaches now involve AI (both as attack tool and as uncontrolled data channel)
Salesforce (2024, n=14,000):
- 38% of employees share data with unapproved AI tools
- 64% have passed off AI-generated work as their own
- 55% use AI tools their employer has not sanctioned
Cisco (2025 AI Readiness Index):
- 97% of organizations lack adequate AI access controls
- Only 29% have a formal policy governing AI tool usage
- 61% of organizations have "limited" or "no" visibility into which AI tools employees use
Microsoft (2024 Work Trend Index):
- 78% of AI users bring their own AI tools to work
- BYOAI (bring your own AI) is the new BYOD — but with higher data risk
Why This Matters for Engineering
If your employees paste customer data into public AI tools, that data may be used to train the model (depending on the tool's terms of service), could surface in another user's response, and is certainly outside your data governance and compliance framework.
For companies we work with in healthcare (HIPAA), FinTech (PCI DSS, PSD2), and legal tech (GDPR, litigation privilege), shadow AI is not just a security risk. It is a compliance violation. Patient data pasted into ChatGPT is a HIPAA breach. Customer financial data uploaded to an unsanctioned AI tool is a potential PCI violation.
What Companies Should Do
Provide approved AI tools
Prohibition does not work. 78% of employees already use AI tools at work. Banning them pushes usage underground and increases shadow AI. Instead: provide approved tools with enterprise agreements that include data processing terms, no-training clauses, and audit capabilities.
For engineering teams: GitHub Copilot Enterprise (data does not train the model), Azure OpenAI (enterprise data isolation), Anthropic Claude Teams (enterprise terms). For non-engineering teams: approved ChatGPT Enterprise or equivalent with admin visibility.
Build AI features into your product
The best way to eliminate shadow AI is to make the official product smarter. If your customer support team pastes tickets into ChatGPT because the CRM does not have AI-assisted response drafting, build AI-assisted response drafting into the CRM.
This is what we build for clients. RiseMD has AI-powered call grading built into the platform. The marketing team does not need to paste call transcripts into external AI tools because the analysis is built in. Woodies Clothing has AI-powered recommendations built into the ecommerce platform. The merchandising team does not need external tools.
The AI integration is deployed on controlled infrastructure, with proper data isolation, under enterprise terms. The data stays inside the perimeter. The risk stays manageable.
Implement access controls
97% of organizations lack AI access controls (Cisco). That means: no visibility into which tools are used, no policies governing data sharing, no technical controls preventing data exfiltration.
Basic controls: DLP (Data Loss Prevention) rules that flag when sensitive data patterns (SSNs, credit card numbers, medical records) are pasted into web-based AI tools. Network monitoring that identifies traffic to AI tool domains. Browser policies that restrict which AI tools can be accessed on company devices.
Advanced controls: API-level AI integration with token-scoped access. No direct employee access to base models. All AI interaction through the company's application layer with logging, audit trails, and data retention policies.
Train your team
Most employees do not know that pasting company data into ChatGPT is a security risk. They see it as a productivity tool, not a data channel. A 30-minute training that explains what shadow AI is, why it matters, and what the approved alternatives are reduces shadow AI usage significantly.
The training should be practical, not fear-based. "Here is the approved AI tool. Here is how to use it. Here is what you should not paste into any AI tool, approved or not."
The Engineering Responsibility
We build applications that handle sensitive data. The applications we build must include AI features that are secure by design: enterprise model APIs with no-training clauses, data isolation on HIPAA-eligible or SOC2-compliant infrastructure, audit logging for every AI interaction, and role-based access controls for AI features.
Shadow AI is an organizational problem. But the fix is partly an engineering problem. Build the AI features your users need, deploy them securely, and the shadow disappears.
Last updated March 16, 2025