According to Computerworld, cybersecurity expert Etay Maor of Cato Networks is sounding the alarm on “Shadow AI,” the unauthorized use of AI tools by employees without IT approval. In a discussion on the Today in Tech podcast, Maor explains that this trend has become the new weakest link in corporate cybersecurity. The core danger is employees unintentionally leaking confidential company information into public AI platforms like ChatGPT or Midjourney while trying to do their jobs. Attackers are simultaneously exploiting generative AI to accelerate cybercrime, using techniques like prompt injection attacks. The conversation also warns about the rise of “zero-knowledge” threat actors and the future risk posed by AI agents that have been granted excessive permissions within corporate systems.
The Invisible Data Leak
Here’s the thing about Shadow AI: it’s not malicious. That’s what makes it so insidious. An employee isn’t trying to steal data; they’re just trying to write a marketing email faster, summarize a complex report, or generate an image for a presentation. So they pop over to a free, public AI tool. But in doing so, they might paste in a confidential product roadmap, a draft of an unreleased financial report, or proprietary code. That data is now out there, potentially ingested into the model’s training data or stored in a way that could be accessed. And IT has no record, no control, and no visibility. It’s a data exfiltration event with a smiley face on it.
A Double-Edged Sword
But the risk isn’t just data leaking out. It’s also about what’s coming in. Maor points out that attackers are using this same generative AI to supercharge their operations. Think about it: AI can now craft hyper-convincing phishing emails at scale, write malicious code, or analyze stolen data faster than ever. The “zero-knowledge” threat actor he mentions is a scary evolution—hackers who use AI to execute attacks without needing deep technical expertise themselves. The barrier to entry for sophisticated cybercrime is plummeting. So while your team is using AI to boost productivity, bad actors are using it to boost their attack success rates. It’s an arms race where one side doesn’t even know it’s competing.
The Coming Wave of Autonomous Risk
Now, let’s talk about the next phase: AI agents. We’re moving beyond simple chatbots to systems that can act autonomously—an AI that can execute a purchase order, adjust network settings, or manage data workflows. Maor’s warning about “excessive permissions” is crucial. If you connect one of these powerful agents to your core business systems and give it broad access to “get its job done,” you’ve essentially created a new, highly privileged user that can be manipulated. A single successful prompt injection attack could turn your business automation into a business destruction tool. The future of Shadow AI might not be an employee typing into a website, but an authorized AI agent gone rogue because its instructions were hacked. That’s a whole different level of enterprise risk that most companies are completely unprepared for.
So, What’s the Play for Leaders?
Banning AI tools outright is probably a losing battle. It’s too useful, and employees will find a way. The solution has to be about managed enablement. Businesses need clear policies, yes, but they also need to provide approved, secure alternatives. That means investing in enterprise-grade AI platforms that offer data privacy guarantees and keep sensitive information within the corporate boundary. It also means continuous education. Employees need to understand *why* using a random AI website for work tasks is as risky as emailing a secret document to their personal Gmail. Security leaders have to regain control not by building a taller wall, but by building a better, safer path inside the walls. The goal isn’t to stop AI use; it’s to make the shadow disappear by turning on the lights.
