Shadow AI surge raises security risks as employees build custom apps
Enterprise GenAI platform usage grows 50% as employees create custom AI tools, but shadow AI adoption increases security vulnerabilities.
Top LLM interfaces by percentage in organizations (source: Netskope)
New data from Netskope reveals a 50% increase in GenAI platform usage among enterprise employees, driven by demand for tools to develop custom AI applications. However, over 50% of all current app adoption is estimated to be shadow AI - unsanctioned applications creating security risks.
GenAI Platforms Fuel Shadow AI Growth
GenAI platforms, which enable building custom AI apps and agents, represent the fastest-growing shadow AI category due to their simplicity. These tools allow direct connection to enterprise data stores, creating new security risks that highlight the need for:
- Enhanced data loss prevention (DLP)
- Continuous monitoring
- User awareness
Network traffic for GenAI platforms surged 73% in three months. Current adoption includes:
- Microsoft Azure OpenAI (29%)
- Amazon Bedrock (22%)
- Google Vertex AI (7.2%)
"Organizations need to overhaul AI app controls and evolve DLP policies with real-time user coaching," said Ray Canzanese, Director of Netskope Threat Labs.
On-Premises AI Deployment Expands
34% of organizations now use LLM interfaces, with Ollama leading adoption. Other trends include:
- 67% of organizations have users downloading from Hugging Face
- GitHub Copilot usage at 39% of companies
- 5.5% running on-premises AI agents
API calls to AI services are growing integration:
- 66% to api.openai.com
- 13% to api.anthropic.com
SaaS GenAI App Market Explodes
Netskope now tracks 1,550+ distinct GenAI SaaS apps, up from just 317 in February. Key findings:
- Average organization uses 15 GenAI apps (up from 13)
- Monthly data uploads increased from 7.7GB to 8.2GB
- Enterprises consolidating around purpose-built tools like Gemini and Copilot
ChatGPT saw its first usage decline since 2023 tracking began, while competitors like Anthropic Claude and Perplexity AI gained ground. Grok entered the top 10 most-used apps despite remaining on blocked lists.
For more on GenAI security risks and shadow AI challenges, see our related coverage.
Related News
CometJacking Attack Hijacks Perplexity AI Browser to Steal User Data
A malicious URL exploit turns Perplexity's Comet AI browser into a data thief, exfiltrating emails, calendar, and memory via encoded payloads.
Zero Trust Auditing Essential for AI Era Cybersecurity
Exploring how Zero Trust Auditing is redefining enterprise assurance in the AI era by continuously verifying trust across devices, networks, and AI systems.
About the Author
David Chen
AI Startup Analyst
Senior analyst focusing on AI startup ecosystem with 11 years of venture capital and startup analysis experience. Former member of Sequoia Capital AI investment team, now independent analyst writing AI startup and investment analysis articles for Forbes, Harvard Business Review and other publications.