ManageEngine, a division of Zoho Corporation, has released a report titled ´The Shadow AI Surge in Enterprises: Insights from the U.S. and Canadian Workplace´ that uncovers a growing divide between IT decision makers (ITDMs) and employees regarding shadow AI: the use of unauthorized artificial intelligence tools at work. The survey, involving 350 ITDMs and 350 employees in the U.S. and Canada, reveals that 97% of IT leaders perceive significant risks associated with shadow AI, chiefly the threat of data leakage or exposure. In sharp contrast, 91% of employees believe that shadow AI is not risky, only minimally risky, or that its benefits outweigh any risk.
The report highlights that 60% of employees are using unapproved artificial intelligence tools more often than a year ago, and 93% admit to entering work-related information without official approval. Notably, the most common uses for shadow AI include summarizing meeting notes or calls (55%), brainstorming (55%), and analyzing data or reports (47%). While organizations are beginning to approve some generative artificial intelligence tools, including writing and coding assistants, a significant gap in perspective persists between IT governance and employee usage habits. The proliferation of shadow AI has accelerated faster than IT teams can assess and secure these tools: 85% of ITDMs say employees are outpacing security assessments, and over half point to the use of personal devices as a major blind spot.
This rapid growth has exposed glaring gaps in education, visibility, and governance. Many employees have entered confidential or internal data into artificial intelligence tools without proper confirmation of company approval, raising genuine security and privacy concerns. Only 54% of ITDMs report actively enforced and monitored artificial intelligence governance policies in their organizations, despite 91% indicating that at least some policies are present. Strategic recommendations from both IT leaders and employees include integrating approved tools into routine workflows, establishing clear and practical policies, and increasing education around the risks and best practices of artificial intelligence.
ManageEngine executives urge organizations to pivot from a defensive posture to collaborative, proactive management of artificial intelligence adoption. By reframing shadow AI as a sign of genuine business needs rather than mere risk, IT and business teams can develop transparent ecosystems where innovation thrives securely. The report concludes that mastering this balance will separate leaders from laggards as Artificial Intelligence is woven deeper into daily business operations.
