Is Shadow AI the New Enemy Labyrinth?

Artificial Intelligence | Reports & Predictions

Posted: Monday, May 19

KBI.Media
$
Is Shadow AI the New Enemy Labyrinth?

Karissa Breen, crowned a LinkedIn ‘Top Voice in Technology’, is more commonly known as KB. A serial Entrepreneur that Co-Founded the TMFE Group, a holding company and consortium of several businesses all relating to cybersecurity including, an industry-leading media platform, a marketing agency, a content production studio, and the executive headhunting firm, MercSec. KBI.Media is an independent and agnostic global cyber security media company led by KB at the helm of the journalism division. As a Cybersecurity Investigative Journalist, KB hosts her flagship podcast, KBKast, interviewing cybersecurity practitioners around the globe on security and the problems business executives face. It has been downloaded in 65 countries with more than 300K downloads globally, influencing billions in cyber budgets. KB asks hard questions and gets real answers from her guests, providing a unique, uncoloured position on the always evolving landscape of cybersecurity. As a Producer and Host of the streaming show, 2Fa.tv, she sits down with experts to demystify the world of cybersecurity and provide genuine insight to businesses executives on the downstream impacts cybersecurity advancement and events have on our wider world.

i 3 Table of Contents

Is Shadow AI the New Enemy Labyrinth?

From Karissa Breen

Most Australian companies remain exposed to the round the clock threats, especially those exploiting AI technology. A new survey conducted by Cisco covering 8,000 organisations worldwide, with 301 from Australia unveil a new state of affairs.

‘Shadow AI’ as we know it, is the use of unauthorised AI tools by employees, outside the official scrutiny of IT and security teams. Over 80% of surveyed organisations admit that staff are accessing company data and networks from unmanaged devices, often logging in from as many as six different networks a week. From airport lounges to coffee shops, the modern workplace has become a maze of entry points, many of them poorly secured. Roughly half of Australian companies say employees use public AI tools… the likes of ChatGPT or Gemini, on personal and work devices. A quarter have tried to ban these apps outright, but enforcement lags, and shadow usage persists. With the lines between safe and unsafe are now blurred, security experts warn that sensitive company data can easily slip through the cracks.

Carl Solder, Chief Technology Officer, Cisco Australia & New Zealand at Cisco lead the discussion around the insights of the report.

“…Start to look at aspects like shadow AI where you have a whole bunch of employees and users using unauthorised tools and what threats that presents to organisations and the opportunities that gives those threat actors.”

The Cisco report reveals that 82% of Australian companies experienced an AI-related cyber incident in the past year. The attacks range from classic malware and phishing campaigns which are now automated and personalised by AI, to sophisticated social engineering, like deepfake voicemails tailored to trick executives. Ironically, while half of organisations say they’re deploying AI to ‘defend’ against threats, fewer than 40% believe they have the internal expertise to assess AI’s security risks.

“When you look at how people are connecting into the network, interestingly, nearly eight in 82% of of, organisations say employees are accessing company networks from unmanaged devices.” Added Solder.

Only 9% consider AI ‘the most difficult pillar to secure’. Well what does that mean? That means more than 90% of companies may be underestimating the vulnerabilities that come with AI…a classic case of not knowing what you don’t know.

Solder went on to say; “9% of Australian organisations believe that AI is the most difficult pillar to secure. Now if you kind of flip that, we're saying that 91% of Australian organisations believe that AI is not that hard to secure.”

Beyond AI, the survey exposes another problem permeating enterprise networks: tool sprawl. Nearly two-thirds of Australian organisations juggle more than 10 separate security solutions; nearly a third, over 30. Instead of building resilience, this patchwork approach often slows detection and response, as vital clues are scattered across silos. Add to that a chronic skills shortage, over 60% of companies have more than 10% of cyber roles unfilled.

Companies are asked to self-assess their state of preparedness across five pillars which include: identity, device security, network resilience, cloud protection, and AI fortification.

Fewer than a quarter feel fully prepared to defend against today’s threats; three quarters are left in the limited-to-no-preparedness camp. AI is the proverbial wild card. Almost half of companies believe they’re ahead of the curve on AI security, but frontline experts caution that’s wishful thinking. Early dips into AI readiness have shown preparedness actually receding year on year, as organisations begin to reckon with complexities they initially overlooked.

Recently, Cisco announced the launch of their AI Defence suite, which locates and secures both sanctioned and shadow AI within the network. It offers everything from vulnerability scans to policy guardrails that automatically block dangerous prompts and data leaks in real time. Yet, as with any solution, effectiveness depends on uptake and execution, not just availability.