Shadow AI Governance Lags as AI Adoption Soars, According to Cato Networks Survey
Global survey of 600+ IT leaders reveals critical gaps in AI oversight, with 69 percent of respondents lacking a formal tracking system to monitor AI adoption
TEL AVIV, Israel, Dec. 3, 2025 /PRNewswire/ -- Cato Networks, the SASE leader, today announced the results of a global survey showing that most organizations lack monitoring capabilities and governance policies needed to mitigate risks posed by shadow AI.
The survey of more than 600 IT leaders across North America, EMEA, and APJ reveals a troubling disconnect. While more than half (61 percent) of respondents found unauthorized AI tools in their environments, only 26 percent have solutions in place to monitor AI usage. Nearly half (49 percent) of the respondents either don't track AI usage at all or address AI on a reactive basis.
"In many enterprises, AI adoption is happening from the bottom up," said Etay Maor, chief security strategist at Cato Networks. "Employees are always going to gravitate towards using the AI tools they feel comfortable with. They feel it will give them a productivity edge. However, without proper visibility and governance, enterprises are expanding their attack surface—in many cases without realizing it."
AI Security Preparedness Falls Short
The research exposes a critical flaw in how enterprises approach AI adoption. The primary use case for AI adoption according to 71 percent of respondents, is to increase productivity and efficiency. However, 69 percent of respondents report that they lack a monitoring system for AI adoption. Most enterprises remain oblivious to the AI tools that employees are using, what data they are sharing, and what compliance risks may be emerging.
This governance gap extends beyond oversight and monitoring. Only 13 percent of respondents consider their organization's management of shadow AI risks as 'highly effective'. Less than one in ten respondents (9 percent) think the organization has a 'highly effective' defense against AI-generated cyber threats such as deepfakes, hallucinations, and prompt injection attacks.
Shadow AI operates much like shadow IT—unauthorized technology is being adopted to solve an immediate problem—but the risks tied to data processing, model training, and the lack of clear AI decision-making present security concerns. IT leaders clearly recognize the stakes at play. Most respondents (53 percent) are highly or extremely concerned about AI security risks.
"It is not a question of whether there is shadow AI usage within an enterprise, but whether you have the ability to detect it, govern it, and secure it before an issue arises," said Maor. "Our research shows that most enterprises need to take rapid action to gain visibility and control of their AI usage."
Resources
About Cato Networks
Cato Networks delivers enterprise security and networking in a single cloud platform. The SASE leader creates a seamless and elegant customer experience that effortlessly enables threat prevention, data protection, and timely incident detection and response. With Cato, organizations replace costly and rigid legacy infrastructure with an open and modular SASE architecture based on SD-WAN, a purpose-built global cloud network, and an embedded cloud-native security stack.
Want to learn why thousands of organizations secure their future with Cato? Visit us at www.catonetworks.com.
Media Contact
Cato Communications
press@catonetworks.com
View original content:https://www.prnewswire.com/news-releases/shadow-ai-governance-lags-as-ai-adoption-soars-according-to-cato-networks-survey-302631799.html
SOURCE Cato Networks