Report: AI Expands Corporate 'Shadow IT'
A new report from SaaS management platform Torii finds that the proliferation of AI tools is accelerating SaaS sprawl and expanding 'shadow IT' within enterprises. According to the 2026 benchmark report, 61% of applications used by employees are unmanaged, increasing governance and security risks.
- The growth of "Shadow AI" mirrors the broader trend of shadow IT, where employees use unapproved technology, posing risks as these tools operate outside the organization's security and governance frameworks. Gartner predicts that by 2027, 75% of employees will acquire, modify, or create technology outside of IT's visibility. - Unmanaged AI and SaaS applications create significant security vulnerabilities, including data leakage, compliance violations with regulations like GDPR and HIPAA, and new entry points for cyberattacks. For example, employees at Samsung reportedly shared confidential source code and meeting notes with ChatGPT, highlighting the risk of data exposure. - The proliferation of AI features within existing SaaS platforms is a major driver of this trend, with vendors for tools like Slack, Salesforce, and Microsoft 365 embedding AI capabilities, which can double or triple a company's aggregate software costs in a single renewal cycle. - Average SaaS spending per employee rose to $4,830 in 2025, a 21.9% year-over-year increase, partly driven by the adoption of more expensive AI-embedded tools. Enterprises now manage an average of 275 SaaS applications. - To manage the influx of AI tools, GTM teams are adopting platforms for specific functions like account-based marketing (Demandbase), sales intelligence (Cognism), conversational AI (Drift), and revenue intelligence (Gong). - The build-vs-buy calculation for AI infrastructure is shifting for hyperscalers, who increasingly lease capacity from specialized "neo-cloud" providers like CoreWeave and Lambda Labs to meet immediate, uncertain demand driven by the AI arms race. This allows them to offer cutting-edge AI infrastructure to clients without the 4-5 year internal build cycle. - For AI startups, making the right infrastructure choices from day one is critical, as retrofitting AI capabilities is difficult. Startups are leveraging AI for core functions like fraud detection, algorithmic trading, and competitive intelligence, which requires scalable data pipelines and efficient model serving infrastructure. - The rise of AI agents is expected to transform enterprise software, moving away from monolithic SaaS platforms toward a more fragmented ecosystem of "headless" software modules accessible via APIs, changing how IT budgets are planned and risk is governed.
