#shadow-ai — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #shadow-ai, aggregated by home.social.
-
Shadow AI ve vývoji začne být problém ve chvíli, kdy do pull requestu přijde změna navržená přes soukromý AI účet a nikdo už nedoloží, jaký kód, logy nebo interní dotaz model viděl. Samotný zákaz nestačí; dohled musí být v nástroji, kontrole kódu a CI.
https://zdrojak.cz/clanky/shadow-ai-ve-vyvoji-skryty-problem-ktery-musite-resit-v-pull-requestu/ -
Shadow AI: The Risk Quietly Undermining Your Competitive Edge
Employees are already using AI with or without your approval. Learn why blocking Shadow AI fails and how to build a practical governance strategy that works.https://jseggers.com/technology/shadow-ai-the-risk-quietly-undermining-your-competitive-edge/
-
https://winbuzzer.com/2026/06/30/microsoft-details-edge-security-controls-for-shadow-ai-xcxwbn/
Microsoft has improved Edge for Business controls for shadow AI, data loss prevention, contractors, extensions, and scareware.
#AI #EdgeForBusiness #MicrosoftEdge #Microsoft #ShadowAI #MicrosoftSecurity #Cybersecurity
-
When AI providers exhausted free training data, they monetized user inputs.
#ShadowAI is already happening; employees bypass security for productivity.
#PrivateAI infrastructure solves this: you choose the region, verify no cross-border routing, ensure zero training on inputs.
Same AI capabilities (GPT, Claude, Gemini, etc.), but with full data privacy. To whom do you entrust your data?
https://amazee.ai/blog/how-private-ai-ensures-data-sovereignty-and-protection
-
New by me: Shadow AI Is the New Shadow IT, but Blocking It Won't Work
https://www.kylereddoch.me/blog/shadow-ai-is-the-new-shadow-it-but-blocking-it-wont-work/
-
78% of employees are bringing their own AI to work. Most without approval.
Banning AI doesn't work. It pushes usage into the shadows where you have zero visibility.
The solution to #ShadowAI: Provide a sanctioned alternative. A private #AIGateway keeps data sovereign, prevents model training on your IP, and maintains audit trails for compliance.
Replace shadow risk with controlled innovation:
https://amazee.ai/blog/solving-shadow-ai-dilemma -
#ShadowAI isn't really a tech problem. It's a visibility problem.
If your org can't see where #AI is being used, you can't manage the #risk..or the opportunity.
Check out this thoughtful discussion on how to govern AI without slowing innovation: https://loom.ly/evtMxXg
-
"Most organizations still think about Shadow AI as employees using an unapproved chatbot. That definition is already outdated.
The LayerX research shows that enterprise AI usage is rapidly fragmenting across a growing ecosystem of AI tools, embedded assistants, AI browser extensions, AI search engines, coding copilots, and AI-powered SaaS features that often operate outside traditional visibility and governance controls.
Nearly 30% of enterprise users already use multiple AI platforms, while the top 5% interact with six or more AI applications. Employees are no longer relying on a single assistant for isolated tasks. They are combining multiple AI systems inside the same workflows, often switching between tools depending on the task, data type, or convenience.
This is what modern Shadow AI actually looks like. It's the growing long tail of AI tools that organizations struggle to see, track, or govern. In many cases, organizations may not even realize AI is being used at all, creating a far larger governance challenge than most organizations anticipate."
https://thehackernews.com/2026/05/new-ai-usage-report-enterprise-ai-risk.html
-
CxO: "Holy shizzle! We need to get control of AI use! It's out of control! We're going to get fined, sued, and maybe executives might go to jail!"
Information Security: "Great! First we will inventory the use of AI, map that against employees and contractors who are using " Shadow AI", and have a conversation with them to cease and desist while we bring rigor to the use of AI"
CxO: "Excellent! But, I need to still keep vibe coding while using this Claude Bot thing I downloaded to my company laptop last night. Oh! And I also need to keep using that Agentic AI stock trading bot I loaded on my company laptop as well!"
Information Security: 😳🧐😒🙄
Turns out the C-suite loves shadow AI - Help Net Security
#shadowai #executivesuite #policyexception
https://share.google/UjrLQ4tcbLH1LnfhF -
Everyone is navigating AI security in real time -- even Google | TechCrunch https://techcrunch.com/2026/05/24/everyone-is-navigating-ai-security-in-real-time-even-google/ #cybersecruity #AI #AISecurity #GoogleCloud #ShadowAI #ShiftLeft #Governance
-
#GoogleCloud COO #FrancisdeSouza emphasises the need for a #platformapproach to #AIsecurity, integrating #security from the start and addressing the threat of #shadowAI. He highlights the need for consistent security across clouds and the emergence of AI-native defences. https://techcrunch.com/2026/05/24/everyone-is-navigating-ai-security-in-real-time-even-google/?AIagents.at #AIagent #AI #ML #NLP #LLM #GenAI
-
🗽 Sono appena tornato da una vacanza a New York.
🤖 E mi sono portato a casa qualcosa di inaspettato: non souvenir, ma una riflessione molto concreta su dove siamo davvero arrivati con l’AI.
🌃 A Times Square, accanto a Coca-Cola e Samsung, c’era la pubblicità di una piattaforma AI.
Nei café, da Starbucks a Gregorys, chiunque avesse un laptop aperto — studenti, sviluppatori, giornalisti — stava interagendo con Claude, Copilot o ChatGPT.
Non come una novità. Come normalità.Negli USA, l’AI ha già superato il punto di non ritorno culturale.
📊 I dati lo confermano: il 41% dei lavoratori americani usa la GenAI per scopi professionali, contro circa il 20% delle aziende europee. E il divario è ancora più ampio tra grandi imprese (55%) e PMI (17%).
Nel mio nuovo articolo parlo di:
🏙️ Quello che ho visto tra Times Square e i café di Manhattan
📈 I dati reali dietro al divario USA vs Europa
⚠️ Shadow AI: perché la crescita incontrollata è il rischio più sottovalutato
🔐 Come governance e identity management stanno diventando fondamentali per adottare l’AI in modo sostenibile🔗 Leggi il post qui:
https://iam.fabiograsso.net/it/blog/okta-ai-newyork/?utm_source=infosec.exchange&utm_medium=social&utm_campaign=2026q2_masto_pushState già governando gli agenti AI nella vostra organizzazione? O siete ancora nella fase “proviamo e vediamo cosa succede”? Qual è oggi il principale gap di governance AI nella vostra azienda?
#AI #IntelligenzaArtificiale #AISecurity #AIGovernance #Cybersecurity #IAM #GenAI #ShadowAI #Okt
-
From #Venture Beat: "5,000 vibe-coded apps just proved shadow #AI is the new S3 bucket #crisis"
The post mentions examples from a Bank in #Brazil, a #Clinical study in #UK, etc.
#VibeCoding #ShadowAI #Security
https://venturebeat.com/security/vibe-coded-apps-shadow-ai-s3-bucket-crisis-ciso-audit-framework
-
Can You Name Every AI Running in Your Organization Right Now? https://youtu.be/IY1-RAgeSo4 #AIGovernance #ArtificialIntelligence #GenerativeAI #AgenticAI #AIAgents #Cybersecurity #RiskManagement #DataGovernance #ShadowAI #ResponsibleAI #AICompliance #CISO #BoardroomCybersecurity
-
78% of your employees are bringing their own AI to work.
A sales hire pastes a confidential transcript into ChatGPT to save time. Your IP is now training a public model.
60% admit they'll bypass an #AI ban to hit productivity targets. Banning doesn't stop #ShadowAI, it just moves it to personal devices where you have zero control.
This is an access problem, not a compliance problem.
https://amazee.ai/blog/solving-the-shadow-ai-dilemma-with-private-ai
-
You can’t protect what you can’t see. 🔍 AI adoption is growing, but your security doesn't have to suffer. Cloudflare’s Max Imbiel shares how to gain visibility using your existing SASE & DNS data.
Read more via Dark Reading: https://www.darkreading.com/cyberattacks-data-breaches/visibility-is-the-first-step-to-securing-shadow-ai #ShadowAI #CloudflareOne -
Shadow AI: This New Productivity Secret Is Also a Massive Liability https://www.inc.com/chloe-aiello/shadow-ai-silicon-valleys-new-productivity-secret-is-also-a-massive-liability/91331997 #cybersecurity #risk #ShadowAI #AI #ArtificialIntelligence #DataLeaks #DataPoisoning #misinformation
-
#Hollywood #assistants are increasingly using #AI tools, both officially sanctioned and #shadowAI, to manage larger workloads and shrinking headcounts. While AI is being used for tasks like composing emails and generating script coverage, concerns exist about its limitations in capturing the nuances of storytelling and its potential impact on job security. https://www.hollywoodreporter.com/movies/movie-features/hollywood-assistants-ai-development-1236553905/?eicker.news #tech #media #news
-
El Caballo de Troya en tu Navegador: Los Riesgos de la IA Generativa en la Empresa
Por: Ariel Corgatelli
El dilema de la productividad: ¿A qué costo estamos ahorrando tiempo? La fuga de datos a través de chatbots se ha convertido en el nuevo dolor de cabeza para los departamentos de ciberseguridad.
El avance de la Inteligencia Artificial generativa ha sido meteórico. Herramientas como ChatGPT, Claude o Gemini se han vuelto compañeros inseparables de miles de empleados que buscan optimizar tareas tediosas. Sin embargo, en esta carrera por la eficiencia, se está abriendo una brecha de seguridad silenciosa pero letal: la exposición de datos corporativos sensibles.
https://www.instagram.com/reel/DWwfk4GoASs/
1. El algoritmo nunca olvida
El concepto fundamental que muchos usuarios ignoran es que los chatbots no son herramientas de procesamiento estático, sino modelos en constante aprendizaje. La mayoría de las versiones gratuitas de estas plataformas utilizan los «prompts» (las instrucciones o textos que ingresamos) para re-entrenar sus algoritmos.
Cuando un empleado sube un código fuente para buscar un error, o un acta de directorio para que la IA redacte un resumen, esa información deja de pertenecer a la empresa. Pasa a formar parte del vasto conjunto de datos del modelo y, en teoría, podría aparecer filtrada o influenciar respuestas generadas para otros usuarios en el futuro.
2. El peligro del «Shadow AI»
Así como hace años hablábamos del Shadow IT (el uso de software no autorizado por el departamento de sistemas), hoy nos enfrentamos al Shadow AI.
El riesgo es doble:
- Pérdida de Propiedad Intelectual: Algoritmos, estrategias de marketing antes de ser lanzadas o procesos industriales únicos.
- Cumplimiento Legal (Compliance): Subir datos de clientes o empleados a servidores de terceros puede violar leyes de protección de datos personales (como la GDPR o normativas locales), exponiendo a la empresa a multas millonarias.
3. El factor humano y el «atajo» peligroso
El eslabón más débil sigue siendo el usuario. Muchos empleados, bajo la presión de la inmediatez, trabajan documentos importantes con IA sin saber los daños que pueden generar. No hay mala intención, hay falta de formación en cultura de ciberseguridad. Una planilla de Excel con sueldos o una base de datos de clientes subida a una IA «para que la ordene» es, técnicamente, una filtración de datos autoinfligida.
Guía de Buenas Prácticas: ¿Cómo usar la IA sin comprometer a la empresa?
Para aprovechar los beneficios de la IA sin convertirla en un riesgo, es fundamental seguir estos pilares:
- Anonimización: Antes de interactuar con una IA, se deben eliminar nombres reales, direcciones IP, correos electrónicos y cifras financieras exactas. Usar «Empresa X» o «Monto Y» protege el contexto sin sacrificar el resultado.
- Uso de Versiones Enterprise: Las empresas deben invertir en licencias corporativas que garantizan que los datos no se utilicen para entrenar modelos públicos y que cumplen con estándares de privacidad específicos.
- Políticas de Uso Claro: No se trata de prohibir, sino de regular. Crear una guía interna que especifique qué tipo de información puede tocar la IA y cuál debe permanecer estrictamente en servidores locales.
- Revisión de Configuraciones: Verificar siempre en los ajustes de la herramienta si existe la opción de «Desactivar historial y entrenamiento».
Conclusión
La Inteligencia Artificial es una herramienta de transformación increíble, pero en ciberseguridad, la confianza ciega no es una opción. Como siempre decimos, la seguridad de la información comienza con la conciencia del usuario.
#arielmcorg #chatgpt #ciberseguridad #IA #infosertec #PORTADA #RADIOGEEK #SeguridadInformatica #ShadowAI #tecnologia -
KiloClaw targets shadow AI with autonomous agent governance https://www.artificialintelligence-news.com/news/kiloclaw-targets-shadow-ai-autonomous-agent-governance/ #kiloclaw #agenticai #enterpriseai #openclaw #shadowai #governance #ai #technology
-
Mobvoi TicNote Pods bring 4G AI note taking to earbuds and ditch your phone
https://fed.brid.gy/r/https://nerds.xyz/2026/03/mobvoi-ticnote-pods-4g-ai-earbuds/
-
Join us tomorrow @ 12:30 PM CT as Recon’s very own threat hunting aficionado, Watson Brown, dives into Detecting AI in the tuMoltuous Shadows!
Don’t get left in the dark with the AI - secure your spot here: thursdef.com
-
ICYMI: As new AI tools enter workplaces, privacy risks don’t always come from where people expect.
We analyzed 3 emerging AI tools and explained the real governance questions businesses should be asking before adoption.
-
A bit nostalgic to read this piece about law firms in my old stomping grounds (#Hawaii) and their cautious approach to #AI. 100% agree that firms need to have an acceptable use policy, otherwise their associates are going to use it without oversight. #ShadowAI
https://www.bizjournals.com/pacific/news/2026/01/16/hawaii-law-firms-adopting-ai.html