SecondBrain
Ask the Brain
Index/Conceptupdated Sat May 30 2026 08:00:00 GMT+0800 (Philippine Standard Time)

Shadow AI

shadow-aigovernancecisoenterprise-aiagent-sprawl

Shadow AI

The new variant of Shadow IT: employees adopting AI tools / building AI agents without central IT approval. Three sources in this wiki agree it's an inevitable byproduct of AI tooling becoming consumer-grade and a signal of unmet need, not just a security threat — but Martin Keen / IBM Technology is the sharpest on the individual-career consequences (Five AI Risks That Can Get You Fired (IBM Technology)).

The three-source consensus

  • CIO Agenda 2026 (CXOTalk) (Tim Crawford / Isaac Sacolick): the best CIOs encourage shadow AI with guardrails — it surfaces what employees actually need, what tools work, what doesn't. Banning it loses the signal. Worst CIOs blanket-ban and end up with the same problem invisibly.
  • Governing AI Agents at Scale (Glean + Cvent, CXOTalk) (Pradeep Mannakkara / Ben Mayrides): Cvent deliberately encouraged sprawl to ~6,000 agents to build organizational AI fluency, then layered moderation and metrics in over a 3–4 month window via Glean. "We knew this was going to be a hot mess, but the purpose was different — get people interacting."
  • Five AI Risks That Can Get You Fired (IBM Technology) (Martin Keen): names the consequences at the individual level — "1 in 5 organizations have reported a data breach caused by shadow AI" (IBM Cost of a Data Breach report), and the career-ending conversation lands on the employee who brought the tool in AND the AI/IT leader who didn't put governance in place. Same ban-doesn't-work argument as the other two: "employees are going to find workarounds — personal devices, or switch to a tool that hasn't been blocked yet. ... the organization has the same shadow AI problem, except now it has lost any visibility."

The Cvent case is the most concrete worked example of "encourage with guardrails"; the Keen video is the sharpest single articulation of why a blanket ban makes the security problem worse, not better.

"Agentic sprawl" — the agent-era variant

Tim Crawford's coinage. Of Cvent's 6,000 created agents, ~1,300 are actively used. The ratio is informative — sprawl is real, but most experiments die quietly. The minority that stick teach the org what's actually valuable.

Michael Krigsman: "You have agents and then they have kids and they move out to the suburbs and then before you know it, you have agentic sprawl."

Keen sharpens the same observation into the Zombie AI Agent failure mode — those ~4,700 inactive Cvent agents aren't dormant; they're still authenticated, still holding API keys, "an unmonitored backdoor into organization systems." Counts as agent sprawl from a productivity lens; counts as a security incident waiting to happen from a CISO lens.

What "guardrails" look like in practice

Synthesized from both sources:

  • Pre-defined non-negotiables (e.g. no PII into open LLMs) — short, memorable, enforced at runtime
  • Decision principles rather than 200-page policies (which nobody reads)
  • Sandbox / test-and-learn workspaces disconnected from production data
  • Tiered risk process — small agents get light review, integrated agents get full AWARE evaluation
  • Mandatory AI training — Cvent did this for all 5,500 employees with the CEO in the first session
  • Platform with built-in fine-grained ACLs — Glean was Cvent's choice; the right platform reduces governance load
  • Risk decisions are time-bounded: "risk is too high for now", not just "no"

Why this matters strategically

If you ban shadow AI, you don't make it stop — you push it off-platform (personal ChatGPT, copy-paste through email), where you have less visibility, not more. The shadow becomes invisible shadow, which is worse for security.

Encouraging shadow AI with the right guardrails (sandbox + per-task identity scoping per AWARE Framework + observability) is governance, not abdication.

Open question

Cvent had Glean as a single platform with strong ACLs to consolidate around. What happens at orgs without that consolidation? The same playbook may not work — they may need to build the platform first before they can encourage sprawl. Worth tracking as more enterprise sources land.

Sources