Shadow IT has turned into shadow AI, according to a cyber firm, which says that data sent to generative AI (genAI) apps by enterprise users in the last year went up 30-fold; including sensitive data such as source code, regulated data, passwords and keys, and intellectual property. The 2025 Generative AI Cloud and Threat Report from Netskope Threat Labs looked into genAI apps such as ChatGPT, Google Gemini, and GitHub Copilot.
James Robinson, CISO at Netskope, said that nearly three-quarters of users are accessing genAI apps through personal accounts. He said: โThis ongoing trend, when combined with the data in which it is being shared, underscores the need for advanced data security capabilities so that security and risk management teams can regain governance, visibility, and acceptable use over genAI usage within their organizations.โ
Many businesses lack full or even partial visibility into how data is being processed, stored, and leveraged within indirect genAI usage, according to the report. Often, users are choosing to apply a โblock first and ask questions laterโ policy by explicitly allowing certain apps and blocking all others.
GenAI is no longer a niche technology; it’s everywhere, said Ray Canzanese, Director of Netskope Threat Labs. He said: โIt is becoming increasingly integrated into everything from dedicated apps to backend integrations. This ubiquity presents a growing cybersecurity challenge, demanding organizations adopt a comprehensive approach to risk management or risk having their sensitive data exposed to third parties who may use it to train new AI models, creating opportunities for even more widespread data exposures.โ
Over the past year, Netskope Threat Labs also observed the number of those businesses running genAI infrastructure locally has increased dramatically, going from less than 1pc to 54pc and this trend is expected to continue. Despite reducing risks of unwanted data exposure to third-party apps in the cloud, a shift to local infrastructure introduces new types of data security risks from supply chains, data leakage, and improper data output handling to prompt injection, jailbreaks, and meta prompt extraction, according to the report. As a result, many businesses are adding locally-hosted genAI infrastructure on top of cloud-based genAI apps already in use.
Ari Giguere, Vice President of Security and Intelligence Operations at Netskope, said: โAI isnโt just reshaping perimeter and platform security โ itโs rewriting the rules. As attackers craft threats with generative precision, defenses must be equally generative, evolving in real-time to counter the resulting โinnovation inflation.โ Effective combat of a creative human adversary will always require a creative human defender, but in an AI-driven battlefield, only AI-fueled security can keep pace.โ
Perspective
The firm says that nearly all businesses are working to reduce their AI risks with policies that allow them to block access to AI tools and/or control which users can access specified AI tools and what data can be shared with these tools. Netskope recommends enterprises review, adapt and tailor their risk frameworks specifically to AI or genAI. Visit netskope.com.
