How AI Is Repeating Familiar Shadow IT Security Risks

The rapid adoption of AI across the enterprise is introducing a new class of security and governance challenges that many organizations are only beginning to understand. This week, the SANS Institute released an eBook on AI security model maturity that offers guidance on addressing AI-related security issues.

One of the most immediate concerns is the movement of sensitive corporate data into public AI models. Employees routinely paste source code, customer records, financial information, intellectual property, and internal business plans into generative AI tools to accelerate workflows. Once that information enters a public model ecosystem, organizations often lose visibility and control over how the data is stored, retained, or potentially used in future model training. This creates significant compliance, data sovereignty, intellectual property exposure, and inadvertent leakage of regulated information risks.

At the same time, developers are increasingly downloading and integrating unverified models, agents, and AI components from open repositories without the same level of scrutiny traditionally applied to enterprise software supply chains. Malicious or compromised models can contain embedded backdoors, poisoned training data, hidden behaviors, or insecure dependencies that introduce vulnerabilities directly into production environments. The problem is amplified by the speed of AI experimentation, where governance processes are often bypassed in favor of rapid innovation. Organizations are discovering that AI models must now be treated as critical software assets that require validation, provenance tracking, continuous monitoring, and lifecycle management.

Perhaps the most concerning trend is the rise of autonomous AI agents granted operational authority within enterprise environments. These agents are increasingly connected to business systems, cloud infrastructure, databases, development pipelines, and customer-facing applications. In many cases, they operate without clearly defined ownership, identity management, or documented permission boundaries. This creates dangerous conditions where AI systems can execute actions, access sensitive resources, or trigger downstream automation without sufficient oversight or accountability. Traditional security models were built around human users and deterministic software systems, not semi-autonomous agents capable of making dynamic decisions. As a result, enterprises must now rethink identity, access control, auditing, and governance frameworks to account for machine-driven actors operating within production ecosystems.

See also: Shadow AI Is Making BYOD Security Even Harder

Repeating Security Problems of the Past

Importantly, these challenges are not entirely new. Enterprise organizations faced remarkably similar security and governance issues during earlier waves of consumer technology adoption.

When employees first began using personal email accounts for business communications, organizations quickly discovered that sensitive corporate information was leaving controlled environments and moving into unmanaged platforms. Users favored the convenience and accessibility of public email services, often bypassing corporate systems that were perceived as slower or less user-friendly. This created widespread concerns around data leakage, regulatory compliance, records retention, and the inability of IT departments to monitor or secure business communications occurring outside official channels.

A nearly identical pattern emerged with the rise of free file-sharing applications and consumer cloud storage platforms. Employees adopted these tools to simplify collaboration and remote access to documents, but the result was the uncontrolled distribution of corporate data across external services with limited enterprise oversight. Organizations struggled to determine where files were stored, who had access to them, and whether sensitive information was being shared inappropriately. The widespread adoption of unsanctioned “shadow IT” forced enterprises to develop new security policies, data loss prevention strategies, identity management systems, and cloud governance frameworks to regain operational control.

The expansion of web-based SaaS applications created another major inflection point. Business units increasingly procured and deployed applications independently of centralized IT approval processes, introducing fragmented security models and inconsistent governance practices. Enterprises learned that simply prohibiting the use of external applications was ineffective because employees would continue using tools that improved productivity and efficiency. Instead, organizations eventually shifted toward creating structured governance models that balanced innovation with security oversight. This included implementing single sign-on, centralized identity management, application vetting processes, monitoring systems, and formal risk assessments for third-party platforms.

Bottom line: The current wave of AI adoption follows many of the same historical patterns, but with even greater potential impact because AI systems can both process sensitive information and independently take action within enterprise environments.

The lesson from prior technology transitions is clear: organizations cannot rely solely on restrictive policies to control adoption. Instead, they must establish governance frameworks that provide visibility, accountability, identity controls, and operational safeguards while still enabling innovation. Enterprises that successfully manage AI risk will likely be those that treat AI not as an isolated toolset, but as a new operational layer that must be governed with the same rigor applied to networks, applications, cloud platforms, and human users.

See also: Shadow MCP: Find the Ghosts Hiding in Your Codebase

Where to Turn for Help? SANS AI Security Maturity Model

SANS Institute has released the SANS AI Security Maturity Model eBook, which offers a practical, stage-by-stage framework to guide organizations toward a clear, evidence-based path from ad hoc AI use to a fully governed, secured program.

The SANS AI Security Maturity Model is built on three pillars and five maturity stages. The pillars (Protect AI, Utilize AI, and Govern AI) align with the SANS Secure AI Blueprint. The stages run from Stage 1 (Unaware / Ad Hoc) through Stage 5 (Optimizing / Adaptive), with detailed program indicators, people indicators, metrics, and a sequenced set of steps to advance at every stage.

A defining feature is its insistence that no single maturity level is correct for every organization. A 30-person company at a genuine, evidence-based Stage 2 is in a stronger security posture than an enterprise claiming Stage 3 without documentation to back it up. The right target depends on AI adoption pattern, industry, regulatory environment, and risk tolerance. The model includes a “Determining Your Target Maturity” table and an evidence-based scoring system to help organizations set a defensible goal.

The framework is mapped directly to the NIST AI RMF, the EU AI Act, ISO 42001, the OWASP AI Exchange, and the OWASP Agentic Top 10. SANS’s formal partnership with OWASP on AI security standards is reflected throughout. For organizations facing regulator, customer, or partner scrutiny on AI governance, the model is designed to produce executive-ready reporting language and audit-defensible evidence.