Why Measuring Shadow AI Is Harder Than It Looks
Shadow AI — the use of AI-powered tools by employees without the knowledge, approval, or oversight of IT and security teams — has become one of the most discussed risk categories in enterprise security. But unlike shadow IT from a decade ago, shadow AI is uniquely difficult to quantify. Employees don't install desktop applications or spin up rogue cloud storage accounts. They open a browser tab, navigate to ChatGPT, Claude, or a specialized AI writing or coding tool, and begin working. There's no network anomaly. No procurement flag. No ticket.
This invisibility problem is precisely why prevalence estimates vary so widely. Some industry surveys put the share of employees using unauthorized AI tools at 40 percent. Others cite figures above 70 percent. The gap isn't just methodological noise — it reflects a genuine measurement crisis. Most organizations simply don't have the tooling to know what's happening at the browser level, where the overwhelming majority of AI usage now occurs.
To close that gap, Zelkir conducted a structured survey of IT, security, and compliance professionals across mid-market and enterprise organizations in 2024, supplemented by aggregated telemetry data from platform deployments. The findings paint a detailed picture of where shadow AI is concentrated, what tools employees are gravitating toward, and where current governance approaches are failing. This post presents those benchmarks alongside practical guidance for security and compliance teams who need to move from awareness to accountability.
What the Data Shows: Shadow AI Prevalence by Industry
Across the organizations in our survey sample, 67 percent reported that employees were actively using AI tools that had not been reviewed or approved by IT or security. When we narrowed the question to ask about tools used in contexts involving sensitive business data — customer records, financial information, intellectual property, or regulated health data — that figure dropped to 54 percent, but remained alarmingly high given the compliance implications. The key takeaway: shadow AI is not a fringe phenomenon. It is a mainstream behavior.
Industry segmentation reveals meaningful variation. Financial services organizations reported the lowest self-assessed prevalence at 49 percent, likely reflecting stricter access controls and a higher baseline of security awareness training. However, when those same organizations were shown anonymized telemetry data from peer deployments, the actual detected rate was 61 percent — a 12-point gap that illustrates the limits of survey-based self-reporting. Healthcare and life sciences came in highest, with 74 percent of respondents acknowledging some form of unsanctioned AI tool usage, driven by a combination of high-pressure workflows and historically under-resourced IT governance functions.
Professional services firms — legal, consulting, and accounting — clustered around the 68 percent mark, which aligns with anecdotal reports from compliance officers who describe knowledge workers using AI drafting and summarization tools to accelerate billable work, often with little awareness that these tools may be ingesting client-privileged content. Technology companies showed high prevalence but also the highest rate of formal AI governance program adoption, suggesting that the industry most exposed to shadow AI is also the one moving fastest to address it.
The Tools Employees Are Using Without IT Approval
Identifying which specific tools constitute the shadow AI surface area is essential for any meaningful governance response. Our telemetry data, drawn from organizations that had deployed Zelkir's browser-level monitoring, produced a ranked list of the most frequently accessed unsanctioned AI tools. General-purpose large language model interfaces dominated: ChatGPT accounted for the largest share of unmanaged AI sessions by a significant margin, followed by Claude, Google Gemini accessed outside of approved Workspace configurations, and Microsoft Copilot instances accessed through personal rather than enterprise accounts.
Beyond the headline LLM platforms, the data revealed a long tail of specialized tools that security teams were largely unaware of. AI-powered code generation tools — including GitHub Copilot accessed via personal accounts, Cursor, and Replit's AI features — appeared frequently among engineering teams. Marketing and communications staff showed a pattern of heavy usage across AI writing platforms including Jasper, Copy.ai, and a rotating cast of newer entrants. Legal and compliance professionals were notable consumers of AI document summarization and contract analysis tools, several of which had no enterprise privacy terms on offer.
One finding that surprised even experienced security practitioners: approximately 18 percent of detected shadow AI sessions involved tools embedded inside other productivity applications — browser extensions, add-ins for document editors, and AI features baked into project management platforms. These embedded AI features are effectively invisible to any governance approach that focuses only on standalone AI tool destinations. They represent a rapidly growing and undercounted portion of the actual risk surface.
Where the Governance Gaps Are Widest
Survey respondents were asked to assess the maturity of their AI governance programs across five dimensions: policy coverage, technical enforcement, visibility and monitoring, employee awareness, and incident response readiness. The results identified visibility and monitoring as the single most underdeveloped capability, with 71 percent of respondents rating their organization's ability to detect and classify AI tool usage as either poor or nonexistent. This is the foundational gap. Without visibility, every other governance control operates in the dark.
Policy coverage was rated more favorably — 58 percent of respondents reported having some form of written AI acceptable use policy — but follow-up questions revealed that most of these policies were high-level statements that lacked specificity about approved tools, prohibited use cases, or data classification requirements. A policy that says 'employees should exercise caution when using AI tools with confidential information' provides almost no operational guidance and creates little accountability. Effective AI policies name approved tools, define data handling boundaries by classification tier, and establish a clear escalation path.
Technical enforcement showed the starkest divide between large enterprises and mid-market organizations. Large enterprises with mature security stacks were more likely to report having some URL-based blocking for known AI destinations, though they universally acknowledged that such controls were trivially easy to circumvent and failed entirely against embedded AI features. Mid-market organizations were more likely to have no technical controls whatsoever, relying entirely on policy awareness — a posture that our data suggests produces no measurable reduction in shadow AI prevalence.
How Organizations Are Responding — and Where They Fall Short
The most common organizational response to shadow AI risk we observed was the issuance of updated acceptable use policies, cited by 61 percent of respondents. The second most common was employee training or awareness communications, cited by 47 percent. Both responses reflect a fundamentally communications-centric view of a problem that is deeply behavioral and structural. Employees aren't using unauthorized AI tools because they're unaware of policy. They're using them because these tools deliver immediate, tangible productivity benefits, and the friction cost of waiting for IT approval processes is high.
A smaller but growing subset of organizations — approximately 23 percent of our enterprise respondents — reported deploying technical controls specifically designed for AI governance, including AI-aware secure web gateways, dedicated AI usage monitoring platforms, or browser extension-based visibility tools. Among this group, measured shadow AI prevalence was not necessarily lower, but the ability to detect, classify, and respond to high-risk usage was dramatically better. This distinction matters: the goal of AI governance is not to eliminate AI tool usage but to ensure that usage is visible, classifiable, and auditable.
The organizations that showed the most mature response profiles shared a common characteristic: they had separated the question of 'is this tool approved?' from the question of 'is this usage risky?' An employee using an approved AI tool to summarize public industry reports is categorically different from an employee using the same tool to draft responses containing customer PII. Governance programs that conflate tool approval with usage risk tend to be both overly restrictive and insufficiently protective — blocking low-risk productivity use cases while missing the high-risk patterns that actually create liability.
Building a Measurement Framework That Actually Works
Addressing shadow AI starts with establishing a measurement baseline that your governance program can operate against. This requires moving beyond survey-based self-assessment to instrumented, continuous detection at the layer where AI usage actually happens. For the vast majority of enterprise AI tool usage, that layer is the browser. Any measurement framework that doesn't include browser-level telemetry will systematically undercount the problem.
The core metrics a functional AI governance measurement program should track include: total AI tool sessions per user cohort, the ratio of sanctioned to unsanctioned tool usage, the frequency of high-sensitivity usage classifications (defined by the nature of the task, not just the tool), and trend lines that show whether governance interventions are producing measurable behavior change. Organizations that track only tool presence — 'did an employee visit this domain?' — are measuring access, not risk. Classifying the nature of AI usage, even without capturing prompt content, provides orders of magnitude more actionable signal.
Benchmarking against peer organizations is a valuable complement to internal measurement. The industry-level figures in this post provide a starting point, but sector-specific benchmarks are more useful for calibrating your governance ambition. If your financial services organization detects an AI usage prevalence rate of 35 percent when peer telemetry suggests the actual rate is closer to 61 percent, that 26-point gap is almost certainly a measurement gap, not a compliance success. Investing in detection capability before investing further in policy or training will yield better returns.
What These Findings Mean for Your AI Governance Strategy
The aggregate picture from this research is uncomfortable but clarifying. Shadow AI is not a future risk to be planned for — it is a present condition affecting the majority of enterprise organizations today. The tools employees are using are varied, often embedded invisibly in familiar workflows, and frequently applied to sensitive data without adequate safeguards. And the governance programs most organizations have deployed to date are not yet equipped to detect, measure, or respond to this reality with the specificity that compliance and risk management require.
The practical priority for security and compliance leaders reading these benchmarks should be establishing visibility before expanding policy. You cannot govern what you cannot see, and the data consistently shows that organizations overestimate their compliance posture when they rely on policy acknowledgment as a proxy for actual behavioral compliance. Instrumenting your environment for AI usage detection — at the browser level, without capturing raw prompt data in ways that create employee privacy concerns — is the foundational investment that makes every other governance control more effective.
The organizations that will manage AI risk most successfully over the next two to three years are not those that block the most AI tools. They are those that build the measurement infrastructure to distinguish between low-risk productivity usage and high-risk data exposure, respond to the latter with precision, and demonstrate to regulators and auditors that they have a functioning, evidence-based AI governance program. The benchmark data in this report is a starting point for understanding where you stand relative to that standard — and where the work still needs to go.
Take control of AI usage in your organization — Try Zelkir for FREE today and get full AI visibility in under 15 minutes.