Shadow IT Is Threatening Businesses From Within - and Today’s Security Tools Simply Can’t Keep Up

Summary

New research highlighted by 1Password’s 2025 Annual Report shows that over half of employees (52%) have installed unauthorized apps and a third ignore AI usage policies, exposing firms to data leakage and cyber‑attack risk. The rapid adoption of AI‑driven SaaS tools outpaces traditional identity and access management solutions, creating an "Access‑Trust Gap" that leaves up to 30% of applications outside single sign‑on protection. CISOs at firms like Oracle Red Bull Racing and Brex report mounting pressure to balance rapid innovation with security, while security tools often lack visibility into shadow IT on personal devices. Experts argue that education, updated continuous context‑aware security controls, and leveraging AI for threat detection are essential to mitigate the internal threat vector.