Shadow AI: One In Four Employees Use Unapproved AI Tools, Rese...

Shadow AI is emerging as one of the top forms of shadow IT, a new 1Password report has revealed.

The unauthorized use of AI tools was found to be the second-most prevalent form of shadow IT, ranking only behind email, according to 1Password’s 2025 Annual Report, published on October 30.

Overall, workers are broadly encouraged by their company to use AI as part of their workloads and the 1Password report found that of 5000 workers surveyed 73% said their company is in favor of such experimentation.

However, 37% admitted they do not always follow their company’s AI policies when using AI tools. Worse, 27% of employees recognized having worked with AI tools that had not been authorized by their company.

This number is still much lower than general shadow IT, the report said, with 52% of employees admitting they have downloaded apps without IT approval.

Shadow AI has been  described by 1Password as an even more pervasive practice than general shadow IT as these tools “can absorb sensitive information into their training data, violate legal and compliance mandates or function as outright malware.”

Read now: Why Shadow AI Is the Next Big Governance Challenge for CISOs

Speaking at a CISO roundtable during a launch event for the 1Password report, Mark Hazleton, CSO for Formula One racing team Oracle Red Bull Racing, explained the rise of shadow AI was partly due to productivity gains being a top priority for most employee when adopting new tools.

He said that workers are “focused on getting the job done, so if we try and restrain them, they will find a way to do what they need to do.”

“In F1, if somebody comes up on a Saturday night with a mechanism that’s going to save a second in the race on Sunday, we want to enable them to go forward with it,” he said.

Source: InfoSecurity Magazine