AI Shadows Pervade Businesses: 80% of Corporations Impacted

In today's digital landscape, the increasing use of Artificial Intelligence (AI) in organizations has become a common trend. However, this rise in AI adoption also brings forth a new set of challenges, particularly when it comes to security and compliance.

According to a Microsoft survey, 78% of AI users bring their own tools to work. This trend, often referred to as AI Tool Sprawl, doesn't specify the number of different AI services used per endpoint and organization. This lack of clarity can lead to a complex landscape, making it difficult for IT and security teams to maintain control.

One of the most significant concerns is the phenomenon known as Shadow AI. This term refers to the use of AI tools within companies without the approval or control of IT or security teams. Over 80% of the organizations examined by XM Cyber show signs of unauthorized AI activities.

Shadow AI can process sensitive data like proprietary code, customer data, financial models, or login credentials without leaving a trace. In fact, one in five companies has had a security incident related to shadow AI, according to IBM's "2025 Cost of a Data Breach" report.

Traditional security tools such as Data Loss Prevention (DLP), Cloud Access Security Brokers (CASB), and Secure Web Gateways (SWG) often miss a significant portion of shadow AI activities. This gap in security coverage is a major concern, especially since around 60% of these users employ unmanaged applications.

Employees in heavily regulated industries continue to upload sensitive data to unmanaged AI services despite established compliance frameworks. To address this issue, XM Cyber's platform will continuously detect and report violations of regulatory requirements such as the EU AI regulation or NIST AI risk management.

XM Cyber's Continuous Exposure Management solution, CTEM, visualizes all attack paths to critical resources in a diagram. This allows organizations to focus on the 2% of fixes that effectively block the most relevant attack paths, saving time on measures that don't impact risk.

Moreover, XM Cyber is expanding its platform to cover the entire attack surface of AI. This includes detection and warning of Shadow AI activities, identification of techniques for collecting login credentials, discovery of vulnerabilities in cloud AI services, and evaluation of risks on devices using MCP servers.

The frequency of MCP servers and development workflows exposing API keys, tokens, and other access credentials is not mentioned. However, it's crucial to create transparency, close blind spots, and build long-term strategies for resilience in the face of increasing AI use in organizations.

As the use of AI in organizations continues to increase, it's essential to address the risks associated with Shadow AI. By implementing robust security measures and fostering a culture of compliance, organizations can mitigate these risks and ensure the safe and effective use of AI.