Fortinet: Managing Shadow AI Risks in Enterprise Security Operations

Name: Fortinet: Managing Shadow AI Risks in Enterprise Security Operations
Uploaded: 2026-06-30T11:12:15-04:00
Duration: 1 min 17 s
Description: Increasingly complex networks ultimately give attackers more blind spots to hide their efforts. Join our recent #SecOps Summit as Michelle Abraham (Industry Analyst) and #Fortinet's Chris Borales, as they discuss how #AI-powered tools are used by secu...

Fortinet

06/30/2026

0 (0%)

Report Like Favorite

TL;DR

Generative AI represents a new attack surface that security operations teams must actively monitor and govern within their organizations.
Shadow AI usage—employees using unauthorized AI tools—poses significant risks of intellectual property and personal data exposure.
Effective mitigation requires both blocking generic AI tools and providing sanctioned enterprise alternatives that meet employee productivity needs.

Summary

This SecOps Summit segment addresses the emerging security challenge of generative AI as a new attack surface requiring organizational monitoring and governance. The discussion highlights the phenomenon of shadow AI, where employees bypass sanctioned enterprise tools to use unauthorized generative AI applications, potentially exposing sensitive data including personal information and intellectual property. The speakers emphasize that security operations teams must implement visibility controls to detect when corporate data is being uploaded to generic AI tools, while simultaneously providing employees with approved alternatives that meet their productivity needs. The key insight is that blocking alone is insufficient—organizations must understand that employees are seeking efficiency gains and should steer them toward enterprise-sanctioned AI solutions that balance usability with data protection requirements. This represents a shift in SOC responsibilities from traditional threat monitoring to include governance of emerging AI-related data exposure risks.

Chapters

0:00 - Gen-AI as Attack Surface
0:14 - Shadow AI Data Risks
0:49 - Steering to Sanctioned Tools

Key Quotes

0:00 "I would consider Gen-AI to be another attack surface that an organization needs to make sure that they're monitoring and understanding and getting visibility into."
0:34 "It's certainly something an organization wouldn't want their intellectual property or personal data to be uploaded into a generative AI tool."

FAQ

What is shadow AI and why is it a security concern?

Shadow AI refers to employees using unauthorized or unsanctioned generative AI tools instead of enterprise-approved solutions. This creates security risks because employees may inadvertently upload sensitive data, personal information, or intellectual property to external AI platforms that the organization cannot monitor or control.

Categories:

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

06/30/2026

01:00 PM

06/30/2026

Master Active Directory Certificate Services and Maintain Your Edge

https://www.truthinit.com/index.php/channel/2018/master-active-directory-certificate-services-and-maintain-your-edge/
07/01/2026

04:00 AM

07/01/2026

Integrating Security in AI: Automated Red Teaming Strategies for Private Models

https://www.truthinit.com/index.php/channel/1969/integrating-security-in-ai-automated-red-teaming-strategies-for-private-models/
07/01/2026

04:00 AM

07/01/2026

Schutz von KI in Anwendungen, Agenten und APIs.

https://www.truthinit.com/index.php/channel/2008/schutz-von-ki-in-anwendungen-agenten-und-apis/
07/01/2026

01:00 PM

07/01/2026

How to Prevent Your AI from Outsmarting You

https://www.truthinit.com/index.php/channel/2021/how-to-prevent-your-ai-from-outsmarting-you/
07/02/2026

10:00 AM

07/02/2026

Insights on Resilience from Hybrid Threats in a Dark Cloud Environment

https://www.truthinit.com/index.php/channel/2011/insights-on-resilience-from-hybrid-threats-in-a-dark-cloud-environment/
07/08/2026

02:00 PM

07/08/2026

Understanding the Essential Role of Context in AI Data

https://www.truthinit.com/index.php/channel/2037/understanding-the-essential-role-of-context-in-ai-data/
07/09/2026

01:00 PM

07/09/2026

The HUMAN Experience: Empowering Agentic Trust in Practice

https://www.truthinit.com/index.php/channel/2026/the-human-experience-empowering-agentic-trust-in-practice/
07/14/2026

01:00 PM

07/14/2026

Crafting a Championship-Worthy Security Team for Maximum Defense Effectiveness

https://www.truthinit.com/index.php/channel/2025/crafting-a-championship-worthy-security-team-for-maximum-defense-effectiveness/
07/21/2026

04:00 AM

07/21/2026

Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
07/21/2026

01:00 PM

07/21/2026

HUMAN Dialogue: Insights from Attackers During the FIFA World Cup

https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-during-the-fifa-world-cup/
07/22/2026

06:30 AM

07/22/2026

Insights and Strategies for Mastering the DPDP Framework

https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-for-mastering-the-dpdp-framework/
07/28/2026

01:00 PM

07/28/2026

Illumio + Netskope: Zero Trust in the Age of AI Autonomy

https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
07/29/2026

04:00 AM

07/29/2026

Real-Time Strategies for Safeguarding Against Prompt Injections

https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
08/19/2026

12:00 PM

08/19/2026

Master Agent-Ready Skills in 30 Days with Cyera Agent Security

https://www.truthinit.com/index.php/channel/2036/master-agent-ready-skills-in-30-days-with-cyera-agent-security/
09/30/2026

04:00 AM

09/30/2026

AI Command Center: Optimizing Visibility and Control in Your Operations

https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/