Shadow IT continues to pose significant dangers to organizations, especially as AI introduces new unsanctioned applications. According to the ‘IBM Cost of a Data Breach Report 2025,’ 20% of studied organizations experienced breaches due to incidents involving shadow AI, leading to considerable financial losses and compromised data protection. The report indicates breaches involving shadow AI can cost organizations an additional USD 670,000 on average compared to those with controlled environments and that these security incidents often lack proper governance and access controls.
Implementing a Zero Trust strategy offers a pathway to combat the threats posed by shadow IT and AI. John Kindervag, a proponent of Zero Trust, argues that organizations typically operate on an ‘allow all’ policy, leading to security gaps. Zero Trust upends this approach by denying all access initially and only allowing necessary communications based on specific user needs. This proactive stance can help organizations recognize and control all applications within their network, reducing the likelihood of shadow IT and enhancing overall security posture.
👉 Pročitaj original: CIO Magazine
