Shadow AI

The use of AI tools, models, or services by employees within an organization without the knowledge, approval, or oversight of IT or security teams. Shadow AI is the AI equivalent of Shadow IT, driven by the gap between what employees need and what officially sanctioned tools provide. The risks are significant: sensitive company data may be fed into external models, outputs go unaudited, and the organization loses visibility into how AI is actually being used. As consumer AI tools become more capable and more accessible, shadow AI is becoming one of the more difficult governance challenges facing modern workplaces.
See also: AI governance.