TL;DR: Enterprises cannot secure generative AI with browser-only visibility or keyword-based DLP because shadow AI now sits in desktop apps, IDEs, and fragmented toolchains, according to WitnessAI. The real governance shift is from blocking usage to understanding intent, routing risk appropriately, and building controls that scale across global enterprise environments.
NHIMG editorial — based on content published by WitnessAI: enterprise AI security considerations for large organisations
By the numbers:
- 28% of secrets incidents now originate outside code repositories in Slack, Jira, and Confluence, and are 13% more likely to be categorised as critical than code-based leaks.
- 64% of valid secrets leaked in 2022 are still valid and exploitable today, proving that detection alone is not enough without automated revocation.
Questions worth separating out
Q: How should security teams govern shadow AI across desktop apps and IDEs?
A: They should treat shadow AI as an enterprise visibility problem, not a browser problem.
Q: Why do keyword-based DLP controls fail for generative AI use?
A: Keyword-based DLP fails because it can only inspect content patterns, not user intent or business context.
Q: How can organisations reduce AI security fragmentation without losing control?
A: They should unify visibility, protection, and audit into one control model rather than stitching together separate tools for browser activity, model security, and API access.
Practitioner guidance
- Inventory all AI entry points Map browser, desktop, IDE, terminal, and embedded application paths so AI usage is visible wherever employees actually work.
- Replace keyword-only DLP with intent-aware policy Classify prompts by purpose and data sensitivity, then route high-risk interactions into stricter approval, logging, or private-model paths.
- Align AI governance with jurisdiction and tenancy boundaries Require single-tenant isolation, customer-controlled encryption, and regional processing for deployments that handle regulated or sensitive data.
What's in the full article
WitnessAI's full article covers the operational detail this post intentionally leaves for the source:
- A practical breakdown of AI security controls for browser, desktop, and IDE usage patterns.
- Specific examples of routing logic for high-risk versus low-risk prompts and outputs.
- Architecture requirements for multi-region, single-tenant, and BYOK deployments.
- The vendor's recommended approach to reducing alert fatigue while preserving policy enforcement.
👉 Read WitnessAI's analysis of enterprise AI security controls and shadow AI risk →
Shadow AI and intent-aware controls: what IAM teams need now?
Explore further
Shadow AI is now an identity governance problem, not just a content filtering problem. Once employees can reach generative AI from browsers, native desktop tools, and IDEs, the organisation is no longer controlling a single application boundary. It is governing a distributed set of identity-mediated interactions where user context, data access, and model usage overlap. The implication is that AI oversight has to be designed as part of the identity plane, not bolted on after data leakage is already occurring.
A few things that frame the scale:
- 24,008 unique secrets were exposed in MCP configuration files in 2025 alone, the protocol's first year of widespread adoption, according to The State of Secrets Sprawl 2026.
- AI-related credential leaks surged 81.5% year-over-year in 2025, with the surrounding AI infrastructure leaking 5x faster than core LLM providers.
A question worth separating out:
Q: Who is accountable when AI security failures expose regulated data?
A: Accountability sits with the organisation that owns the AI governance model, usually shared across security, privacy, data protection, and identity teams. If controls cannot prove where data flowed, who accessed it, and under what policy, accountability will fall back to the business owner and the control owner together.
👉 Read our full editorial: Enterprise AI security needs visibility, intent, and dynamic controls