All resources AI Security for the C-Suite

Shadow AI: The Risk Survey You Haven't Done

A 5-question survey to run at your next leadership offsite. The two findings that recur in every organization, and what to do about them.

TL;DR

The 5-question survey to run at your next quarterly leadership offsite:

  1. Have you used AI tools (ChatGPT, Claude, Copilot, etc.) for work in the last 30 days? (Most CXOs: yes.)
  2. Have you uploaded company data into any AI tool? (Most CXOs: yes.)
  3. Was that tool approved by IT or security? (Most CXOs: don’t know.)
  4. Has your team been told what data is OK to share with AI tools? (Most CXOs: not specifically.)
  5. If we discovered a confidential document was leaked through an AI tool, how would we know? (Most CXOs: we wouldn’t.)

The two findings that recur in every shadow-AI survey: senior leaders are routinely uploading sensitive data to consumer AI tools, and nobody can answer how they’d detect a leak. Both are addressable; neither is being addressed in most organizations.

A 5-question audit to run at your next quarterly leadership offsite. The two findings that recur in every org we’ve surveyed.

Shadow AI — employees and vendors using AI tools the organization hasn’t approved or doesn’t know about — is universal in 2026. Estimating its scope is harder than estimating shadow IT was in 2014, because the tools are easier to access (a browser, no software install) and the data sharing is invisible (a paste, not a download). Most organizations underestimate shadow AI by a factor of 3–10×.

This piece is the survey, the predictable findings, and what to do about them.

The 5-question shadow AI survey

Run this at your next leadership offsite, anonymously. Five minutes per respondent.

1. Have you used AI tools (ChatGPT, Claude, Copilot, Perplexity, or similar) for work in the last 30 days? Expected: 70–95% yes. Higher in roles with content creation, research, or analysis.

2. Have you uploaded any company data into an AI tool? Expected: 50–80% yes. Includes pasting documents, uploading files, sharing screenshots.

3. Was the AI tool you used approved by IT or security? Expected: 30–50% don’t know. Of those who say yes, many will be wrong — they assume approval that wasn’t given.

4. Has your team been told what data is OK to share with AI tools and what isn’t? Expected: 60–80% no, or only in vague terms. Most organizations have policies; few have communicated them in actionable form.

5. If we discovered a confidential document was leaked through an AI tool, how would we know? Expected: 80–95% don’t know. The honest answer is “we wouldn’t — until it surfaced externally.”

The predictable findings

Run the survey across a few hundred organizations and two findings recur.

Finding 1: Senior leaders are the heaviest shadow-AI users. Counter-intuitively, executives use AI more than ICs because they have more synthesis work, more drafting work, more research work. They’re also the ones uploading the most sensitive data — board documents, competitive analyses, M&A materials. The shadow AI risk is concentrated at the top.

Finding 2: Detection is essentially nil. Almost no organizations have controls to detect data sent to consumer AI tools. The DLP (data loss prevention) systems most companies use don’t understand AI uploads as a category. The leak path is invisible.

These two findings together describe most organizations’ actual shadow AI exposure: high-value data, high-volume usage, no detection. The risk is real and the visibility is zero.

What to do about it

Three actions, in order.

1. Sanction what’s already happening

Most employees using shadow AI are doing so with productivity intent, not malicious intent. Banning it pushes them to consumer tools with worse data handling; sanctioning it brings them to enterprise-tier tools with better controls.

The right move: contract for an enterprise AI tool (Anthropic Claude for Work, ChatGPT Enterprise, Microsoft Copilot, etc.) with appropriate data-handling terms. Communicate that this is the approved tool. Provide it broadly enough that employees don’t fall back to consumer alternatives.

2. Specific data classification guidance

A blanket policy (“don’t share confidential data”) doesn’t work because everyone has a different definition of confidential. The fix is specific: list the categories of data that are OK and the categories that aren’t, with examples.

OK to share (typical): public research, internal but non-sensitive content, your own writing. Not OK to share (typical): customer data, employee personal data, financial information not yet public, strategy or M&A documents, code from production systems, third-party confidential.

The list isn’t universal; it depends on your industry and policies. The point is that it should exist and be specific.

3. Detection where possible

Most enterprises won’t get full detection. Some helpful steps:

  • Network monitoring for traffic to known AI tool endpoints. Catches usage; doesn’t catch content.
  • Browser extension or DLP that flags AI-tool URLs. Awareness mechanism.
  • Periodic survey (annual minimum) to update the picture.
  • Anomaly detection on file-sharing patterns to AI tool domains.

Detection is partial; the policy and tool-sanctioning matter more.

What to do this quarter

  1. Run the 5-question survey. Anonymous, leadership offsite or company-wide.
  2. Contract for an enterprise AI tool. Make it broadly available so employees have a sanctioned option.
  3. Write the data-classification guidance. Specific examples, not abstract principles.
  4. Communicate clearly. What’s approved, what isn’t, what the consequences are.

FAQ

Should we ban consumer AI tools entirely? Probably not. Enforcement is impractical, and the productivity loss is real. The right move is sanctioning enterprise alternatives that are at least as good as the consumer tools, then communicating that those are the approved channel.

How big is our shadow AI exposure compared to traditional shadow IT? Significantly bigger. Shadow IT was bounded by software-installation requirements; shadow AI is bounded by browser access. The exposure surface is at least an order of magnitude larger.

Will employees actually switch to the sanctioned tool? Most will, if the sanctioned tool is comparable to what they’re using. They will not if the sanctioned tool is meaningfully worse. Pick a comparable tool, not a watered-down internal version.

What about vendor and contractor shadow AI? Often forgotten. Add AI usage clauses to vendor contracts: what tools they can use with your data, what data-handling terms apply, what disclosure requirements exist. Update at renewal.

Will the survey results stay anonymous? Make them anonymous in fact (third-party survey tool, no names) and communicate that. The honest answers are valuable; the punitive responses to honest answers destroy future survey credibility.

Working with JAIN on shadow AI risk? We help executive teams run the survey, sanction the right alternatives, and communicate the policy clearly. Book a 30-minute call.

Related reading:

Want to talk through this for your team?

30 minutes, no slides. We'll work the specific call your company is facing.