Full Report
Think you know all there is to know about cybersecurity? Guess again. Shadow AI is challenging security leaders with many of the same issues raised by other “shadow” technologies. Only this time, it’s evolving at breakneck speed.Key takeaways:The vast majority of organizations (89%) are either using AI or piloting it. Shadow AI lurks beyond these sanctioned deployments — and beyond the view of security teams. Exposure management gives you a unified view of the entire attack surface, so you can find and mitigate AI risks across endpoints, networks, cloud, data, and AI platforms.Cybersecurity Awareness Month, led every October by the U.S. National Cybersecurity Alliance (NCA) and the Cybersecurity and Infrastructure Security Agency (CISA), is aimed at teaching employees and the general public how to stay safe online.Security leaders and practitioners working on the frontlines every day may rightfully believe they’ve heard it all already. But I’ve got news for you: we’re in the midst of a technology transformation that will make the early days of shadow IT seem like a walk in the park.I’m talking about shadow AI.While you’re reading this, some of your employees are probably using AI to paste sensitive information into tools like Microsoft Copilot and Google Gemini so they can do their jobs faster. Some of your developers are likely using it for “vibe coding,” sending the output straight to production without quality control. Business managers are probably using large language models to make strategy recommendations for their next quarterly business review meeting.The vast majority of organizations are formally embracing AI. A recent study commissioned by Tenable and developed in collaboration with the Cloud Security Alliance found that 89% of organizations are either using AI (55%) or piloting it (34%).In the best of circumstances, organizations are rolling out sanctioned AI deployments accompanied by clear usage guidelines and education about best practices. Even so, the CSA study found a third of organizations (34%) have already suffered an AI-related breach. While some of these breaches are the result of security flaws or model manipulation specific to AI itself, many are caused by the same old issues that have plagued us for years: exploited software vulnerabilities and insider threats.Even when your organization has an approved list of AI tools available for employees, odds are they’re also making use of shadow AI. That’s because AI is a core driver of business innovation and, like the cloud and smartphones and every innovative technology that came before it, nothing is going to hold AI back from being an enabler of business.For security leaders, AI is redefining the modern attack surface, with new models, agentic actions, and complex data flows constantly surfacing. The velocity of AI creates too many new exposures, too quickly, because AI agents are taking actions with no human supervision, making this an even faster evolution than any that have come before.Security teams lack visibility into what AI tools are being used. They often have no inventory of AI models, agents, data inputs and outputs, or integrations, making it nearly impossible to monitor or enforce controls effectively. The complexity of modern AI ecosystems further increases risk for organizations that build AI. AI stacks rely on layered cloud services, APIs, and vector databases, introducing misconfigurations, over-permissioned roles, and inherited vulnerabilities. Plus, AI workloads are particularly exposed; a study by Tenable Cloud Research found that 70% contain at least one unpatched critical flaw, compared to 50% for non-AI workloads.Addressing shadow AI requires a proactive approachSecurity, historically a reactive function, is playing catch-up. The traditional cycle of finding and patching individual vulnerabilities is too slow to handle the exponential growth of AI. To close this gap, security needs to move from a reactive posture to a preventative one focused on proactive exposure management.With exposure management, you get:A unified view of the entire attack surface, so you can find and mitigate AI risks across endpoints, networks, cloud, data, and AI platforms;The ability to understand how employees interact with tools like ChatGPT Enterprise and Microsoft Copilot, including what data is involved, how AI assistants and AI agents behave, and which workflows those interactions trigger across the organization’s environment;A way to spot and disable prompt manipulation techniques like direct and indirect prompt injection or jailbreaks; andA means of protecting against malicious actions triggered by AI agents, whether accidental or attacker-driven, while also uncovering misconfigurations, unsafe workflows, or tools connected to risky external systems.In short, you get the ability to predict likely attack paths. Including those targeting AI, so you can proactively secure AI before it is compromised.It’s time to be aware of shadow AI as a new category of enterprise risk, one we ignore at our own peril. The lesson here is that AI security is not optional. It is not a future concern. It is not someone else’s problem. It is the next frontier of enterprise risk, and security leaders have a responsibility to educate themselves and implement programs like exposure management to reduce risk.Learn moreDownload the Tenable Cloud AI Risk Report 2025 and the State of AI and Cloud Security 2025Read the blog Introducing Tenable AI Exposure: Stop Guessing and Start Securing Your AI Attack SurfaceVisit the Exposure Management Resource Center
Analysis Summary
# Best Practices: Addressing Shadow AI as Enterprise Risk
## Overview
These practices address the emerging category of enterprise risk posed by "Shadow AI," which refers to the unmanaged and unvetted adoption or use of Artificial Intelligence tools and services by employees outside of established IT and security governance. Security leaders must proactively manage this risk now, as AI security is not optional or a future concern.
## Key Recommendations
### Immediate Actions
1. **Acknowledge Shadow AI as an Enterprise Risk Category:** CISOs must immediately recognize Shadow AI usage as a distinct, high-priority category of security and compliance risk, akin to shadow IT.
2. **Mandate Security Leader Education:** Security leaders must educate themselves on the current landscape of AI tools being used within the organization and the associated risks (data leakage, model compromise, etc.).
3. **Initiate Risk Reduction Programs:** Begin the implementation of concrete security programs, specifically adopting or adapting **Exposure Management**, to reduce the newly identified AI-related risks.
### Short-term Improvements (1-3 months)
1. **Develop an AI Usage Policy Draft:** Rapidly draft and communicate clear, risk-based policies governing the use of external generative AI tools by employees, focusing initially on data sensitivity restrictions.
2. **Enhance Visibility into Cloud/AI Usage:** Deploy tools (like CNAPP or CASB solutions) capable of identifying and monitoring the use of cloud services, including those related to AI processing, to gain initial visibility into the attack surface.
3. **Prioritize AI-Specific Threat Modeling:** Conduct initial threat modeling sessions focused on how sensitive organizational data could be unintentionally input, stored, or exploited via unmanaged AI services.
### Long-term Strategy (3+ months)
1. **Establish Vetted AI Tool Catalog:** Create a structured process for evaluating, approving, and cataloging AI tools that meet security and compliance standards, providing employees with "safe" alternatives.
2. **Integrate AI Security into Exposure Management:** Fully integrate the discovered AI attack surface (including deployed models, infrastructure, and third-party AI integrations) into the comprehensive enterprise **Exposure Management** platform.
3. **Implement Continuous Monitoring for AI Components:** Establish ongoing monitoring capabilities for deployed and sanctioned AI systems, including validating the integrity of models, inputs, and outputs.
## Implementation Guidance
### For Small Organizations
- **Focus on Policy and Education:** Prioritize creating and strictly enforcing an acceptable use policy (AUP) for generative AI. Conduct mandatory employee training detailing data handling restrictions when using external AI services.
- **Restrict Data Types:** For unknown AI interactions, enforce a blanket ban on inputting any proprietary, customer PII, or regulated data into public AI interfaces.
- **Leverage Free/Trial Tools for Scanning:** Utilize free tiers of vulnerability scanners (like Nessus) or open-source tools to gain foundational visibility into accessible network assets that might interact with external AI services.
### For Medium Organizations
- **Deploy CASB/Cloud Security Tools:** Implement Cloud Access Security Broker (CASB) solutions to monitor egress traffic for indicators of high-volume usage of unsanctioned AI platforms.
- **Formalize CIEM Review:** Begin reviewing Cloud Infrastructure Entitlement Management (CIEM) policies specifically for entitlements that might inadvertently grant excessive permissions to data used by experimental AI projects.
- **Pilot Approved AI Gateways:** Investigate and pilot solutions that can act as proxies or gateways to vetted AI services, allowing usage while providing necessary security controls and logging.
### For Large Enterprises
- **Deploy Comprehensive Exposure Management Platform:** Fully adopt an Exposure Management platform that can ingest data from vulnerability management, cloud security (CNAPP/CIEM), and asset inventory systems to map the entire AI attack surface.
- **Develop AI Security Governance Team:** Establish a cross-functional team (Security, Legal, Engineering leadership) responsible for AI governance, risk assessment, and managing the "AI Allow List."
- **Automate Just-in-Time (JIT) Access:** If internal AI development pipelines are established, use JIT access methodologies to strictly limit who can deploy or manage sensitive AI model environments.
## Configuration Examples
*Note: The provided context mainly emphasizes *strategy* rather than specific command-line configurations. Platform reference suggests reliance on integrated tooling.*
If utilizing a platform that provides Exposure Management functionality:
1. **Configure Data Connectors:** Ensure connectors are active between your core security tools (Vulnerability Management, Cloud Security, Identity Management) and the central Exposure Management platform to feed data on all assets, including those potentially supporting AI workloads.
2. **Define AI-Specific Risk Models:** Within the prioritization engine, elevate the severity score for any assets or vulnerabilities found in code repositories or cloud environments linked to known AI model development or deployment pipelines.
3. **Implement Identity Control:** Configure Cloud Infrastructure Entitlement Management (CIEM) checks to flag overly permissive roles assigned to service accounts that interact with machine learning data stores.
## Compliance Alignment
While the article does not cite specific compliance mandates regarding Shadow AI, the required actions align with foundational security principles found in:
- **NIST CSF:** Identify (ID.SC, ID.RA), Protect (PR.IP, PR.AC), and Detect (DE.CM) functions, particularly as they relate to emerging technology risk.
- **ISO 27001/27002:** Annex A controls related to acceptable use of assets, access control, and secure development practices.
- **Security Hygiene Principles:** Ensuring basic cyber hygiene across the attack surface, now extended to include data used in AI processes.
## Common Pitfalls to Avoid
- **Treating AI as only a Future Problem:** Ignoring Shadow AI now ensures that by the time a major incident occurs, remediation and control implementation will be significantly harder and more expensive.
- **Focusing Only on External Tools:** Overlooking the risks associated with internal development teams building and deploying unvetted models on enterprise infrastructure.
- **Banning Without Providing Alternatives:** Security teams that only issue outright bans on AI tools without offering secure, sanctioned alternatives drive high-risk behavior underground (deeper shadow operations).
## Resources
- **Tenable One Exposure Management Platform:** Mentioned as a framework for managing the consolidated risk surface, including AI exposure.
- **Tenable Cloud AI Risk Report 2025:** Recommended reading for understanding the current threat landscape.
- **The State of Cloud and AI Security 2025:** Recommended reading for context.
- **Tenable AI Exposure Solution:** Mentioned as a specific toolset to "Stop Guessing and Start Securing Your AI Attack Surface."