At Zero Trust World #ZTW26 in Orlando, we speak with Ryan Bowman, VP of Operations at ThreatLocker, about the growing risks of Shadow IT and how organisations can regain control over their environments.
Shadow IT refers to applications, platforms or services being used by employees without the knowledge or approval of the IT team. While it might start with a simple productivity tool or SaaS platform, the real concern is that sensitive company data can end up being uploaded or processed outside the organisation’s security controls — creating a major entry point for cyber breaches.
Bowman explains that the challenge has expanded beyond traditional software installs. Today, many employees are using cloud services or external platforms that IT teams may not even know exist within their environment. Without visibility or control, vulnerabilities in those platforms can expose organisations to significant risk.
One emerging concern is the rapid rise of AI tools in the workplace. With a large percentage of employees now using AI regularly, organisations may be unknowingly sending vast amounts of internal data into third-party AI systems. That data may then be used within the platform’s learning models, potentially exposing sensitive information beyond the organisation.
The conversation also highlights the importance of extending security beyond endpoints and into cloud services — ensuring that users are accessing approved platforms, from trusted devices, and within controlled security environments.
A key theme from Zero Trust World 2026 is education. Bowman emphasises that while most organisations know they are under attack, understanding how attacks actually happen — often through simple oversights like Shadow IT — is critical to improving security.
The goal is not just protection, but resilience: making organisations a far more difficult target for attackers in an increasingly complex digital landscape.
