Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders.<\/em> Subscribe Now<\/em><\/p>\n\n\n\n VentureBeat\u2019s exclusive interview with Sam Evans, CISO of Clearwater Analytics, reveals why enterprise browsers are quickly becoming the frontline defense against shadow AI in its many forms.\u00a0 \u00a0<\/p>\n\n\n\n Evans faced a critical challenge in October 2023. Standing before Clearwater Analytics\u2019 board, he had to confront concerns that employees might inadvertently expose data that could potentially compromise the firm\u2019s $8.8 trillion assets under management. \u00a0<\/p>\n\n\n\n \u201cThe worst possible thing would be one of our employees taking customer data and putting it into an AI engine that we don\u2019t manage,\u201d Evans told VentureBeat. \u201cThe employee not knowing any different or trying to solve a problem for a customer\u2026that data helps train the model.\u201d<\/p>\n\n\n\n Here is our conversation with Evans, edited for length and clarity<\/p>\n\n\n\n VentureBeat: <\/strong>How do you see AI shaping cybersecurity today?<\/p>\n\n\n\n Evans:<\/strong> The attacks have become significantly more sophisticated. If you consider it from the perspective of a bad actor, the phishing emails and attempts we receive have become much more complex. However, AI also possesses response capabilities.<\/p>\n\n\n\n I like to explain it to our board, as the ultimate cat-and-mouse game. As bad actors start to use AI to advance phishing, or perhaps expedite the time it takes for exploits to emerge after vulnerabilities are announced, there\u2019s the opposite side of security practitioners using AI to help advance how we respond.<\/p>\n\n\n\n VentureBeat: <\/strong>How is AI helping your defensive capabilities?<\/p>\n\n\n\n Evans:<\/strong> We\u2019ve begun integrating AI into our security playbooks. By doing so, our security analysts now spend less time searching and hunting. The AI is involved in the security operations center (SOC) product, conducting its initial triage analysis and saying, \u201cBased on previous things that we\u2019ve seen and things in my model, this is where I\u2019d like to guide you.\u201d<\/p>\n\n\n\n On the defensive side, we\u2019re really starting to see AI come into play. CrowdStrike, Sentinel One, Microsoft Defender, the traditional extended detection and response (EDR) products were using some machine learning, and they would get to a probability of maybe 85% that this could be a threat, but we\u2019re not really sure. However, AI enriches the EDR engine\u2019s ability to reach a higher probability rate of identifying a threat.<\/p>\n\n\n\n VentureBeat: W<\/strong>hat keeps you up at night when it comes to AI and cybersecurity?<\/p>\n\n\n\n Evans:<\/strong> The thing that does worry me quite a bit is the deepfakes. You read multiple stories about people using deepfakes to impersonate a CEO to initiate wire transfers. Those are concerning because they do look very, very real.<\/p>\n\n\n\n But the biggest concern? The worst possible thing would be one of our employees taking customer data and putting it into an AI engine that we don\u2019t manage, and then it becomes data that helps train the model.<\/p>\n\n\n\n VentureBeat: <\/strong>How did you explain this shadow AI risk to your board?<\/p>\n\n\n\n Evans:<\/strong> I remember when one of the first board meetings I was in, they asked me, \u201cSo what are your thoughts on ChatGPT?\u201d I said, \u201cWell, it\u2019s an incredible productivity tool. However, I don\u2019t know how we could let our employees use it, because my biggest fear is somebody copies and pastes customer data into it, or our source code, which is our intellectual property.\u201d<\/p>\n\n\n\n But I didn\u2019t just come to the board with my concerns and problems. I said, \u201cWell, here\u2019s my solution. I don\u2019t want to stop people from being productive, but I also want to protect it.\u201d When I came to the board and explained how these enterprise browsers work, they\u2019re like, \u201cOkay, that makes much sense, but can you really do it?\u201d<\/p>\n\n\n\n VentureBeat: <\/strong>Walk me through your evaluation and deployment process for Island.<\/p>\n\n\n\n Evans:<\/strong> After that October 2023 board meeting, we started a pretty long due diligence process. We took a look at some of the major vendors in the enterprise browser space.<\/p>\n\n\n\n I\u2019ll share with you ultimately why we went with an Island. We needed to be able to control what browsers people are using on their endpoints. It doesn\u2019t do any good to deploy an enterprise browser when somebody can go and download Opera or \u201cFrank\u2019s browser of the month\u201d and use it, and it just bypasses all of the Island controls.<\/p>\n\n\n\n The other reason we went with Island was truly because of the speed of the deployment. I remember being on a call with Island salespeople, and they\u2019re saying, \u201cWe believe we can get this deployed in your company in a matter of weeks.\u201d I\u2019m like, \u201cOh, that\u2019s BS.\u201d<\/p>\n\n\n\n VentureBeat: <\/strong>But they delivered?<\/p>\n\n\n\n Evans:<\/strong> They took it as a personal challenge! We started our Island deployment in April 2024 with about 200 people. We went the extension route first; the Island extension in Chrome and Edge.<\/p>\n\n\n\n It wasn\u2019t until July when the board asked, \u201cHow is it going?\u201d And I said, \u201cHow about I just show you?\u201d I pulled up a screenshot because, you know, Murphy\u2019s Law demos always fail. So I showed them screenshots, \u201cHere I am on ChatGPT. I tried to paste something in. I got the prompt: \u2018Island policy prevents you from doing this.’\u201d<\/p>\n\n\n\n They\u2019re like, \u201cWow, this is fantastic! But people can still utilize the tool to ask good questions?\u201d I said, \u201cYeah, absolutely. They just can\u2019t put data into it.\u201d<\/p>\n\n\n\n VentureBeat: <\/strong>Do you feel that Island assures you and reduces the risk of Shadow AI?<\/p>\n\n\n\n Evans:<\/strong> It definitely has helped us get a handle on shadow AI. No security tool is 100% perfect. Having deployed Island, we definitely sleep a lot easier. We can feel reasonably comfortable that if an employee is going to an AI instance that we don\u2019t have licensed, they can use it, but can\u2019t paste data or upload files.<\/p>\n\n\n\n It\u2019s also helped us identify where we have gaps. Employees found this really great AI widget thing, they come to the security team, \u201cHey, look, check this out.\u201d And then we can come back to our product development teams and figure out how we help enable this, not just for our employees, but for our customers.<\/p>\n\n\n\n VentureBeat: <\/strong>How do you defend against deepfakes?<\/p>\n\n\n\n Evans:<\/strong> That\u2019s a tough one to wrap your arms around. We have an excellent security awareness program. We ask employees to use common sense. Do you really think Sandeep Sahai, our CEO, is going to call you up and ask you to buy him Apple gift cards?<\/p>\n\n\n\n We\u2019ve set up a lot of checks and balances, kind of like the two-person buddy check system. There\u2019s no technology solution for something like that. It\u2019s a human problem that we\u2019ve had to implement a human solution.<\/p>\n\n\n\n VentureBeat: <\/strong>What advice would you give other CISOs facing shadow AI?<\/p>\n\n\n\n Evans:<\/strong> This isn\u2019t just about blocking, it\u2019s about enablement. Bring solutions, not just problems. When I came to the board, I didn\u2019t just highlight the risks; I proposed a solution that balanced security with productivity.<\/p>\n\n\n\n Evans\u2019 insights reveal how quickly shadow AI has become an existential threat to every data-intensive business. \u00a0<\/p>\n\n\n\n \u201cWe see 50 new AI apps a day, and we\u2019ve already cataloged over 12,000,\u201d Itamar Golan, CEO of Prompt Security, told VentureBeat, quantifying what security teams are calling their worst nightmare since ransomware.<\/p>\n\n\n\n The onslaught of unauthorized AI use and apps has triggered intense competition among security vendors. \u201cMost traditional management tools lack comprehensive visibility into AI apps,\u201d Vineet Arora, CTO of WinWire, explained to VentureBeat, pinpointing exactly why shadow AI flourishes as legacy security architectures are blind to it.<\/p>\n\n\n\n The vendor ecosystem has crystallized into four distinct battlegrounds, each with its weapons and weaknesses.<\/p>\n\n\n\n Enterprise browsers lead the charge.<\/strong> Foremost among them is Island, which recently raised a $250 million funding round, a vote of confidence from the investor community. While Island bets on pre-encryption visibility, Google Chrome Enterprise attacks shadow AI differently, weaponizing its market dominance and Google\u2019s security stack. Chrome Enterprise Premium delivers data loss prevention (DLP) controls that block data flows to ChatGPT and other AI tools, prevent cross-profile contamination and enforce real-time content scanning. The platform exposes shadow AI usage patterns while blocking both accidental pastes and deliberate exfiltration. Strategic partnerships with Zscaler and Cisco Secure Access amplify Chrome\u2019s reach to create an ecosystem where zero-trust principles extend directly to AI interactions.<\/p>\n\n\n\n SASE\/SSE platforms deliver enterprise-scale defense. <\/strong>Netskope and Zscaler bring scale to shadow AI defense through their cloud-native security access service edge (SASE) architectures. Both platforms process billions of transactions daily across global infrastructures, with Netskope specifically advertising its ability to monitor AI application usage across enterprises. Their key limitation: When 73.8% of workplace ChatGPT usage occurs through personal accounts, SSL\/TLS encryption prevents platforms from inspecting content, forcing them to rely on traffic patterns and metadata, leading to visibility gaps where shadow AI operates undetected.<\/strong><\/p>\n\n\n\n Traditional DLP vendors struggle to adapt<\/strong>. Legacy vendors Forcepoint and Microsoft Purview have a strong legacy to trade on when it comes to battling shadow AI. Forcepoint claims 1,700-plus classifiers while Purview leverages AI to triage tasks. But here\u2019s the problem: They\u2019re retrofitting 20th-century architectures for 21st-century threats. These platforms excel at compliance checkboxes and policy templates but fail to keep up with AI\u2019s quicker pace. <\/p>\n\n\n\n As Daren Goeson, Ivanti\u2019s SVP of product management for UEM told VentureBeat: \u201cAI-powered endpoint security tools can analyze vast amounts of data to detect anomalies and predict potential threats faster and more accurately than any human analyst.\u201d Traditional DLP operates at audit speed. Shadow AI moves at machine speed.<\/p>\n\n\n\n Specialized solutions fill critical gaps<\/strong>. Innovation thrives in the niches that legacy vendors ignore. One example is Ivanti Neurons, which delivers comprehensive device discovery through its UEM platform, exposing shadow AI hiding in endpoints that traditional tools miss. Mike Riemer, Ivanti\u2019s Field CISO, sees the bigger picture: \u201cSecurity professionals will effectively leverage the capabilities of gen AI to analyze vast amounts of data collected from diverse systems.\u201d Nightfall, for its part, targets developer teams with transformer models, claiming 2x detection accuracy for API based AI tools.<\/p>\n\n\n\n Comparing Shadow AI Defense Solutions<\/strong><\/p>\n\n\n\n VentureBeat analysis<\/em><\/p>\n\n\n\n What\u2019s driving the market to move so fast? VentureBeat\u2019s analysis found 74,500-plus shadow AI apps actively deployed across major consulting firms alone, and that\u2019s growing 5% monthly. By mid-2026, that number could hit 160,000. Each represents a potential data breach, compliance violation, or competitive intelligence leak.<\/p>\n\n\n\n Arora\u2019s prescription cuts through vendor hype: \u201cOrganizations must define strategies with robust security while enabling employees to use AI technologies effectively. Total bans often drive AI use underground, which only magnifies the risks.\u201d<\/p>\n Daily insights on business use cases with VB Daily<\/strong><\/p>\n If you want to impress your boss, VB Daily has you covered. We give you the inside scoop on what companies are doing with generative AI, from regulatory shifts to practical deployments, so you can share insights for maximum ROI.<\/p>\n \n\t\t\t\t\tThanks for subscribing. Check out more VB newsletters here.\n\t\t\t\t<\/p>\n An error occured.<\/p>\n<\/p><\/div>\n
\n<\/div>Welcome to the shadow AI arms race <\/h2>\n\n\n\n
Vendor<\/td> Type<\/td> Key Strengths<\/td> Limitations<\/td> Best For<\/td><\/tr><\/thead> Check Point Harmony<\/td> Browser extension<\/td> Leverages existing infrastructure<\/td> Limited to extension<\/td> Check Point customers<\/td><\/tr> Forcepoint<\/td> Traditional DLP<\/td> 1,700+ classifiers, regulatory compliance<\/td> Legacy architecture<\/td> Highly regulated industries<\/td><\/tr> Google Chrome Enterprise<\/td> Enterprise browser<\/td> Market dominance, native integration<\/td> Less specialized controls<\/td> Google Workspace organizations<\/td><\/tr> Island<\/td> Enterprise browser<\/td> Pre-encryption visibility, zero latency, Rapid deployment<\/td> Higher cost per user<\/td> Enterprises with sensitive data<\/td><\/tr> Ivanti Neurons<\/td> UEM Platform<\/td> Comprehensive device discovery<\/td> Not browser-specific<\/td> Asset management focus<\/td><\/tr> Microsoft Purview<\/td> DLP Platform<\/td> Native Microsoft integration, AI-powered triage<\/td> Microsoft-centric<\/td> Microsoft 365 enterprises<\/td><\/tr> Netskope<\/td> SASE\/SSE Platform<\/td> Comprehensive coverage, 370+ AI app monitoring<\/td> Post-encryption complexity<\/td> Large distributed enterprises<\/td><\/tr> Nightfall<\/td> AI-Native DLP<\/td> 2x detection accuracy, Transformer models<\/td> API-only approach<\/td> Developer-centric teams<\/td><\/tr> Talon Cyber Security<\/td> Enterprise Browser<\/td> Browser + extension options<\/td> Newer to market<\/td> Security-conscious SMBs<\/td><\/tr> Zscaler<\/td> SASE\/SSE Platform<\/td> 536B daily transactions, true zero-trust<\/td> Cloud-only approach<\/td> Cloud-first organizations<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
![\"\"\/](\"https:\/\/venturebeat.com\/wp-content\/themes\/vb-news\/brand\/img\/vb-daily-phone.png\")
\n\t\t\t\t<\/div>\n<\/p><\/div>\n<\/div>\t\t\t<\/div>\r\n