Your staff are already using AI tools you cannot see. Not because they are reckless, but because those tools make the working day faster, and because nobody told them where the line is. The problem is that every one of those tools is a door your data can walk out of, and most leadership teams have no idea just how many doors are open.
This stopped being a future problem some time ago. In IBM's most recent Cost of a Data Breach research, one in five breached organisations was compromised through shadow AI. Unsanctioned AI tools adopted by employees without IT or security oversight. Those incidents added roughly £670,000 to the average breach cost, on top of an already seven-figure bill. For UK organisations, where the average breach now runs to several million pounds, that is not a rounding error. It is a board-level exposure that happens to live on your network today.
Here is why the window to deal with it cheaply closes in 2027 and what to do about it now:
What is shadow AI?
Shadow AI is any AI tool used for work without approval, oversight or governance from IT or security. In practice that means:
-
A finance team uploading management accounts to a personal AI account to "find the story in the numbers."
-
An AI note-taker quietly joining and transcribing a confidential board call.
-
An AI feature switched on inside a SaaS tool you already pay for, that nobody reviewed before it went live.
It is the direct successor to the "shadow IT" wave of the 2010s, when staff routed around slow procurement to use consumer file-sharing and messaging apps. The difference now is the payload. Shadow IT mostly stored your files in the wrong place. Shadow AI ingests your data. Client records, contracts, source code, pricing, strategy, and sends it to third-party model providers that sit entirely outside your control, where it may be retained or used to train future models.
The scale is the uncomfortable part. Industry surveys through 2025 and 2026 put unsanctioned AI use among employees well into the majority, with research from Netskope finding that most generative-AI activity happens through personal accounts that bypass enterprise controls altogether. By most estimates, the overwhelming majority of organisations have little or no visibility into these data flows. In other words, the largest new data-exposure surface in your business is also the one you can see the least.
Why this is a board-level risk, not an IT footnote
It is tempting to file this under "something for the IT team." The numbers say otherwise. Drawing on IBM's breach research as reported through 2026:
-
20% of breached organisations were compromised via shadow AI.
-
Shadow AI added around $670,000 to the average breach.
-
97% of organisations that suffered an AI-related breach had no AI access controls in place.
-
Shadow AI breaches exposed customer personal data (PII) in 65% of cases, against 53% across breaches generally and exposed intellectual property more often too.
-
63% of breached organisations had no AI governance policy at all, or were still drafting one.
There is an accountability dimension as well. In one 2026 survey of senior leaders, roughly two-thirds believed their own organisation had already suffered a data breach tied to unapproved AI tools, they simply could not prove it either way. That uncertainty is the real exposure. When the people running the business cannot say with confidence what AI is touching their most sensitive data, the risk has already left the IT department and arrived in the boardroom.
This is, at its core, a data-protection, regulatory and reputational issue. It belongs with the leadership team because the consequences, a regulator's enquiry, a failed insurance claim, a client breach notification - land there.
Why the clock runs out in 2027
Shadow AI is a manageable nuisance in 2026. By 2027, three forces converge to turn it into a liability you are formally held to.
1. Agentic AI scales
The tools are shifting from things a person prompts to autonomous agents that take sequences of actions across your systems with minimal human oversight. Deloitte's 2026 enterprise research expects a sharp rise in agentic AI over the next two years, yet only about one in five organisations has a mature governance model for these agents. A copy-pasted prompt is one kind of exposure. An agent with standing access to your data, acting on its own, is a different category of risk entirely, and analysts have already flagged that autonomous agents dramatically expand the attack surface. The shadow AI you fail to govern in 2026 becomes the ungoverned agent you cannot account for in 2027.
2. Regulation arrives with teeth
The EU AI Act is phasing in. Transparency obligations land in 2026, and the most demanding requirements for high-risk systems are now anchored to 2 December 2027, with deadlines for general-purpose AI models in August 2027. Crucially, the Act has extraterritorial reach and fines that exceed GDPR, up to €35 million or 7% of global turnover, so UK businesses placing AI-enabled products or services on the EU market are squarely in scope. Domestically, the UK's Cyber Security and Resilience Bill is moving through Parliament and will raise the baseline for supply-chain security and incident reporting. The era of "we'll write an AI policy when we get round to it" is ending.
3. Insurers and auditors are already asking
Cyber-insurance underwriting and certifications such as Cyber Essentials and ISO 27001 increasingly expect you to know what is processing your data. "We didn't realise staff were using it" is not a position that pays out a claim or passes an audit.
The pattern is clear. In 2026, shadow AI is a governance gap you can close quietly and cheaply. In 2027, it becomes something a regulator, an auditor or an insurer holds you to. The inexpensive window is the one you are in right now.
Banning it is the wrong move
The instinct, faced with all this, is to block everything. It does not work. Prohibition simply drives usage underground and destroys the visibility you need to manage the risk in the first place. Staff adopt these tools because they genuinely help and IBM's data shows the dominant failure mode is ungoverned data exits by ordinary employees, not malicious insiders.
The objective is not to stop people using AI. It is to make the safe path the easy path, so that the productive thing and the secure thing are the same thing.
What to do before 2027: a practical checklist
You do not need a sprawling transformation programme. You need a short, structured piece of work, in this order:
Get visibility first.
You cannot govern what you cannot see. Build a real AI inventory: tools you have approved, tools you tolerate, shadow tools in active use, and the AI features quietly switched on inside SaaS platforms you already own.
Write a usable AI policy.
Plain-English rules on what data can and cannot go into which tools and, critically, which approved alternatives to use instead. A policy nobody reads protects nobody.
Enforce at the point of action.
Browser-level controls and AI-aware data-loss prevention that can redact or block a sensitive upload before it leaves. IBM's findings are blunt on this: technical controls reduce breach cost, awareness training on its own does not.
Provide sanctioned tools.
Unauthorised AI use drops sharply when staff are given a properly governed alternative. Give them a good one, and most of the shadow problem evaporates.
Treat AI agents as identities.
As agentic AI arrives, every agent needs least-privilege access scoped tightly to its task, the same discipline you already apply to a human user, applied to software that acts autonomously.
Use training as a backstop, not the strategy.
Awareness helps. But it is the seatbelt, not the brakes. Lead with controls.
Where to start
Most organisations do not have a shadow AI problem because they are careless. They have one because AI adoption outran their controls, which is exactly what you would expect from a technology this useful, moving this fast.
The fix is achievable well within the time you have: discover what is actually in use, classify the data at risk, wrap policy and enforcement around it, and revisit before the 2027 deadlines arrive. Done now, it is a contained piece of work. Done in response to a breach, an audit finding or a declined insurance claim, it is a great deal more expensive and a great deal more public.
EBC Group helps UK businesses turn shadow AI from an invisible liability into a governed, defensible part of how they work, starting with a clear picture of what is already on your network. If you are not certain what AI your organisation is exposed to, that is the conversation to have first.
