In India, a recent report indicates that approximately 89% of companies faced cyber incidents within the past two years. Alarmingly, 20% of these breaches were attributed to the utilization of shadow IT, as per findings from a study.

This surge in cyber threats is significantly linked to the adoption of shadow IT by employees, a trend catalyzed by the shift towards remote work setups, states a study conducted by Kaspersky, a cybersecurity firm.

Globally, over the last two years, 11% of companies experienced cyber incidents due to the unauthorized use of shadow IT by their workforce.

Shadow IT refers to the section of a company’s IT structure that operates outside the oversight of IT and Information Security departments. This includes applications, devices, and public cloud services used without compliance to information security protocols.

Alexey Vovk, Head of Information Security at Kaspersky, highlighted that employees using unapproved IT resources often assume that reputable providers guarantee safety. However, these third-party providers outline a 'shared responsibility model' in their terms, indicating that users must conduct regular software updates and take accountability for related incidents, including corporate data breaches.

Effectively managing shadow IT remains a critical need for businesses. Mishandling or operating outside IT protocols can lead to severe repercussions. The Kaspersky study noted that the IT industry bore the brunt, accounting for 16% of cyber incidents resulting from unauthorized shadow IT use between 2022 and 2023.

Additionally, critical infrastructure, transport, and logistics sectors were affected, with 13% of reported attacks attributed to this issue, as per the report's findings.