AI moves fast. Stay in the know.

As generative AI adoption accelerates across organizations, a growing number of employees are using unapproved AI tools and autonomous agents without oversight. This rise of “shadow AI” is creating new security, compliance, and governance challenges, especially as AI systems begin to actively process and act on sensitive enterprise data.

Source: TechRadar

What to know:

• A large proportion of employees, including security professionals, are using unapproved AI tools at work, often bypassing organizational policies.
• Unlike traditional shadow IT, AI tools do not just store data but actively process and sometimes retain it, increasing exposure risks.
• Sensitive data such as customer information, proprietary code, and internal documents is frequently shared with external AI systems without audit trails or control.
• Organizations with high levels of unsanctioned AI usage face significantly higher breach costs, with some estimates showing an increase of ~$670,000 per incident.
• The rise of agentic AI tools like OpenClaw introduces additional risks, as these systems can autonomously access emails, execute code, and manage files.
• Malicious extensions and vulnerabilities in such agent ecosystems have already enabled data exfiltration and unauthorized system access.
• These agents can mimic legitimate user behavior, making it difficult for traditional security tools to detect abnormal activity.
• Attempts to ban AI tools are largely ineffective, with nearly half of employees continuing to use them even when explicitly prohibited.

Why it matters:

For businesses adopting GenAI, shadow AI represents one of the most immediate and invisible risks. When employees use AI tools outside approved environments, organizations lose visibility into what data is being shared, how it is processed, and where it is stored. The addition of autonomous agents further amplifies this risk by enabling actions across systems without clear oversight. To stay ahead, businesses must shift from reactive security to continuous AI risk detection, embedding visibility, behavioral monitoring, and control directly into everyday AI usage rather than relying on perimeter-based defenses.

As OpenAI restructures its partnership with Microsoft, enterprise AI is entering a new phase defined by multi-cloud flexibility rather than single-provider dependence. This shift enables broader deployment of AI models like ChatGPT across platforms but introduces new governance, security, and operational complexities for organizations.

Source: CX Today

What to know:

• OpenAI has ended its exclusive cloud dependency on Microsoft, allowing its AI models and services to be deployed across multiple cloud providers.
• Microsoft remains the primary partner, but its licensing is now non-exclusive, and OpenAI can choose alternative infrastructure when needed.
• This transition signals a broader industry move toward multi-cloud AI architectures, enabling enterprises to scale AI workloads across different platforms.
• Multi-cloud AI environments increase operational flexibility but also create fragmentation in data flows, access controls, and governance enforcement.
• Enterprises will need to manage AI deployments across multiple ecosystems, each with different security models, compliance requirements, and monitoring capabilities.
• The shift reflects growing enterprise demand for avoiding vendor lock-in while maintaining performance, scalability, and cost efficiency in AI adoption.
• At the same time, it introduces new challenges in maintaining consistent oversight, auditability, and policy enforcement across distributed AI environments.

Why it matters:

For mid-sized businesses adopting GenAI, the move to multi-cloud AI significantly increases the complexity of governance and risk management. When AI systems like ChatGPT operate across multiple cloud environments, organizations lose centralized visibility into how data is accessed, processed, and shared. This fragmentation creates gaps in compliance, security monitoring, and auditability. To maintain control, businesses must implement unified observability, cross-platform monitoring, and policy-driven governance that tracks AI usage across environments in real time, making AI observability platforms critical for secure and scalable enterprise adoption.