The scope of the problem remains partially unclear. While Verizon's data establishes the prevalence of shadow AI use, specific details about which industries face the highest risk and the types of data most frequently exposed have not been fully detailed in public reporting.
Organizations should treat this as an urgent governance issue. The report signals that shadow AI is no longer a fringe behavior but a mainstream workplace practice requiring immediate controls: approved tool policies, user training, and monitoring systems to prevent data leakage. Legal and compliance teams should prioritize developing AI use policies and working with IT to implement access restrictions and detection mechanisms before shadow AI becomes embedded in organizational workflows.