Report: AI Tools Are Expanding 'Shadow IT' in Companies
What happened
Contrary to expectations that AI would consolidate software stacks, a new report from Torii finds it is accelerating SaaS sprawl. The 2026 benchmark report concludes that the proliferation of AI tools is expanding "shadow IT," with 61% of applications being unmanaged by central IT departments. This trend is reportedly increasing governance and security risks for enterprises.
Why it matters
- The average organization now utilizes approximately 830 applications, with large enterprises using an average of 2,191. Of these, only 15.5% are officially sanctioned by IT departments. - "Shadow IT" refers to any hardware or software used by employees without the knowledge or approval of the central IT department. It often arises because employees find that unsanctioned tools offer better functionality or can be implemented more quickly than company-approved alternatives. - Security vulnerabilities are a primary risk of shadow IT, as unvetted tools may lack necessary security measures, increasing the chances of data breaches. This can lead to compliance violations with regulations like GDPR and HIPAA when sensitive data is handled by unapproved applications. - While much of the focus is on customer-facing AI, a recent survey found that 39% of companies are prioritizing AI to streamline internal processes. For startups, AI tools are being used to accelerate tasks like market research, content creation, and drafting pitch decks. - The rise of "Shadow AI" presents new challenges; unlike traditional shadow IT which primarily stores or moves data, shadow AI can create entirely new data that gets reused, making its influence harder to track. - A 2023 report indicated that 70% of employees were already using generative AI at work, with half of them doing so without official approval. This trend is most prominent in product, design, and engineering teams. - In response to AI proliferation, many companies are establishing formal governance programs and AI policies to create clear accountability and oversight for how and where these tools are used. - The rapid adoption of AI has created a significant market, with projections expecting it to reach a value of $407 billion by 2027. As of August 2024, about 70% of startups were paying for at least one AI tool.
Key numbers
- The 2026 benchmark report concludes that the proliferation of AI tools is expanding "shadow IT," with 61% of applications being unmanaged by central IT departments.
- - The average organization now utilizes approximately 830 applications, with large enterprises using an average of 2,191.
- Of these, only 15.5% are officially sanctioned by IT departments.
- While much of the focus is on customer-facing AI, a recent survey found that 39% of companies are prioritizing AI to streamline internal processes.
What happens next
- Security vulnerabilities are a primary risk of shadow IT, as unvetted tools may lack necessary security measures, increasing the chances of data breaches.
Quick answers
What happened in Report: AI Tools Are Expanding 'Shadow IT' in Companies?
Contrary to expectations that AI would consolidate software stacks, a new report from Torii finds it is accelerating SaaS sprawl. The 2026 benchmark report concludes that the proliferation of AI tools is expanding "shadow IT," with 61% of applications being unmanaged by central IT departments. This trend is reportedly increasing governance and security risks for enterprises.
Why does Report: AI Tools Are Expanding 'Shadow IT' in Companies matter?
The average organization now utilizes approximately 830 applications, with large enterprises using an average of 2,191. Of these, only 15.5% are officially sanctioned by IT departments. "Shadow IT" refers to any hardware or software used by employees without the knowledge or approval of the central IT department. It often arises because employees find that unsanctioned tools offer better functionality or can be implemented more quickly than company-approved alternatives. Security vulnerabilities are a primary risk of shadow IT, as unvetted tools may lack necessary security measures, increasing the chances of data breaches. This can lead to compliance violations with regulations like GDPR and HIPAA when sensitive data is handled by unapproved applications. While much of the focus is on customer-facing AI, a recent survey found that 39% of companies are prioritizing AI to streamline internal processes. For startups, AI tools are being used to accelerate tasks like market research, content creation, and drafting pitch decks. The rise of "Shadow AI" presents new challenges; unlike traditional shadow IT which primarily stores or moves data, shadow AI can create entirely new data that gets reused, making its influence harder to track. A 2023 report indicated that 70% of employees were already using generative AI at work, with half of them doing so without official approval. This trend is most prominent in product, design, and engineering teams. In response to AI proliferation, many companies are establishing formal governance programs and AI policies to create clear accountability and oversight for how and where these tools are used. The rapid adoption of AI has created a significant market, with projections expecting it to reach a value of $407 billion by 2027. As of August 2024, about 70% of startups were paying for at least one AI tool.
