Expert Speak
Shadow IT – Is It Really a Problem?
Personally, I love shadow IT—most employees do. But is it a problem? Let’s explore.
Wondering what shadow IT is? Shadow IT refers to the use of software and hardware tools or services by employees without the knowledge of the organization’s IT department.
The use of shadow IT tools has been a topic of discussion for years, with each company having its stance. Using these tools is often more about personal preference than anything else, and the same applies to how companies handle them. Most people lean toward shadow IT because official IT software tools often do not offer features that cater to individual preferences.
Some commonly used tools that fall under shadow IT include project management tools like Trello and Notion, messenger apps like WhatsApp, and file transfer apps like WeTransfer and Dropbox. The common factor? They’re all easy to access and use. However, with the rise of GenAI, everyone’s new shadow IT tool is ChatGPT.
The problems
I’m sure you already know the main issues that make companies dislike shadow IT tools: privacy and security.
Let’s look at ChatGPT. The use of ChatGPT isn’t regulated in most organizations, and many companies are still at a crossroads regarding GenAI tools. There’s a risk of employees unintentionally sharing sensitive information, leading to data leaks. This could include intellectual property, like code used to build applications, or personal information such as phone number, email address, house address, and more.
Whatever the sensitive information may be, it’s not safe to share it with tools like ChatGPT. Threat actors are constantly trying to breach systems, especially widely used tools like ChatGPT, where there’s much to gain. There’s still an obvious vulnerability here despite companies providing best practices to employees.
Another problem with shadow IT tools is that they restrict collaboration. If one team member uses a cool, new project management app to track progress and others use a different tool, it’s difficult to stay on the same page. For example, design and development teams often work together on the same project, such as designing web pages.
If the design team uses one project management tool and the development team another, how can they collaborate and work in sync to meet deadlines? It creates unnecessary friction. This is why organizations provide the same, approved project management tools for everyone. While using different tools might boost individual productivity, it can cause productivity issues within the project as a whole.
From a financial standpoint, companies pay for business tools that their employees use. If employees start using free online tools instead, the money spent on approved tools for a user who uses a shadow IT tool instead becomes a loss for the company.
Additionally, when organizations approve software solutions, those tools are vetted by a team of professionals and comply with the laws and regulations that the company must follow. However, we can’t be sure those tools are compliant when employees download apps on an ad-hoc basis, and employees usually don’t check for these things when they download or use shadow IT apps.
The good
Shadow IT tools are awesome. We all agree on that. The tools organizations give us, or approve, are often outdated. They’ve been around in the tech landscape for years (for good reasons, of course), but as technology advances, we don’t want to be tied to old tools that lack new features, which could make our work easier.
Restricting access to apps doesn’t feel great. We all work differently and have unique preferences. Using shadow IT tools that we like makes us feel more productive, and empowered, and allows for individuality in the workplace. When we use tools we love, we tend to be more efficient compared to when we’re stuck using approved, traditional tools that may lack the features we need.
The verdict
Shadow IT comes with many advantages, and dismissing it solely because of the risks isn’t wise. If we think about it, all tools carry some degree of risk. It’s up to us to be educated and understand how to use them securely and efficiently while benefiting the team and the company we work for. Shadow IT tools might benefit you individually, but what’s more important is to look at the bigger picture and ensure that your teamwork doesn’t get affected because of this.
Speaking of the financial loss that a company incurs while giving out tools that an employee may not need, what can be done instead is that organizations can avoid giving all the tools that an employee might need. Even if it’s a tool that employees may need regularly, us a request-based system so that employees reach out to get a paid tool by the company only if they need it and want to use it. This eliminates the unnecessary cost incurred by the company when an employee is provided with paid tools by default but chooses to use a shadow IT tool instead.
At first glance, shadow IT might seem like a problem, but with employee education and empowerment, it doesn’t have to be. Restricting shadow IT tools is easy, but educating employees is key.
ManageEngine is a company that believes in employee-driven innovation and encourages its employees to be aware of secure cybersecurity practices while allowing room for individuality. To learn more about ManageEngine and its offerings that allow you to have a secure and efficient IT infrastructure, click here.
Written by Alain Penel, VP of Middle East, CIS & Turkey at Fortinet (more…)
Positive Technologies has released a study on the dark web market, analysing prices for illegal cybersecurity services and products, as well as the costs incurred by cybercriminals to carry out attacks. The most expensive type of malware is ransomware, with a median cost of $7,500. Zero-day exploits are particularly valuable, often being sold for millions of dollars. However, the net profit from a successful cyberattack can be five times the cost of organizing it.
Experts estimate that performing a popular phishing attack involving ransomware costs novice cybercriminals at least $20,000. First, hackers rent dedicated servers, subscribe to VPN services, and acquire other tools to build a secure and anonymous IT infrastructure to manage the attack. Attackers also need to acquire the source code of malicious software or subscribe to ready-to-use malware, as well as tools for infiltrating the victim’s system and evading detection by security measures. Moreover, cybercriminals can consult with seasoned experts, purchase access to targeted infrastructures and company data, and escalate privileges within a compromised system. Products and tools are readily available for purchase on the dark web, catering to beginners. The darknet also offers leaked malware along with detailed instructions, making it easier for novice cybercriminals to carry out attacks.
Malware is one of the primary tools in a hacker’s arsenal, with 53% of malware-related ads focused on sales. In 19% of all posts, infostealers designed to steal data are offered. Crypters and code obfuscation tools, used to help attackers hide malware from security tools, are featured in 17% of cases. Additionally, loaders are mentioned in 16% of ads. The median cost of these types of malware stands at $400, $70, and $500, respectively. The most expensive malware is ransomware: its median cost is $7,500, with some offers reaching up to $320,000. Ransomware is primarily distributed through affiliate programs, known as Ransomware-as-a-Service (RaaS), where participants in an attack typically receive 70–90% of the ransom. To become a partner, a criminal must make a contribution of 0.05 Bitcoin (approximately $5,000) and have a solid reputation on the dark web.
Another popular attack tool is exploits: 69% of exploit-related ads focus on sales, with zero-day vulnerability posts accounting for 32% of them. In 31% of cases, the cost of exploits exceeds $20,000 and can reach several million dollars. Access to corporate networks is relatively inexpensive, with 72% of such ads focused on sales, and 62% of them priced at under a thousand dollars. Among cybercriminal services, hacks are the most popular option, accounting for 49% of reports. For example, the price for compromising a personal email account starts at $100, while the cost for a corporate account begins at $200.
Dmitry Streltsov, Threat Analyst at Positive Technologies, says, “On dark web marketplaces, prices are typically determined in one of two ways: either sellers set a fixed price, or auctions are held. Auctions are often used for exclusive items, such as zero-day exploits. The platforms facilitating these deals also generate revenue, often through their own escrow services, which hold the buyer’s funds temporarily until the product or service is confirmed as delivered. On many platforms, these escrow services are managed by either administrators or trusted users with strong reputations. In return, they earn at least 4% of the transaction amount, with the forums setting the rates.”
Considering the cost of tools and services on the dark web, along with the median ransom amount, cybercriminals can achieve a net profit of $100,000–$130,000 from a successful attack—five times the cost of their preparation. For a company, such an incident can result not only in ransom costs but also in massive financial losses due to disrupted business processes. For example, in 2024, due to a ransomware attack, servers of CDK Global were down for two weeks. The company paid cybercriminals $25 million, while the financial losses of dealers due to system downtime exceeded $600 million.
Written by Oded Vanunu, Chief Technologist & Head of Product Vulnerability Research at Check Point (more…)
GISEC Global 2025: Phishing, Data Breaches, Ransomware, and Supply Chain Attacks Causing Challenges
GISEC Global 2025: A Place Where Innovation, Partnerships, and Leadership Come Together
Cequence Intros Security Layer to Protect Agentic AI Interactions
Commvault Enhances Cyber Recovery Offerings with CrowdStrike Incident Response
Bugcrowd Launches Crowdsourced Red Team as a Service
Gartner Forecasts Spending on Information Security in MENA to Grow 14% in 2025
CyberKnight to Showcase Zero Trust Security 2.0 at Gartner SRM and GISEC Global 2025
OPSWAT Opens Office in Saudi Arabia
SearchInform Expands Cybersecurity Awareness Programs Across the UAE
Gen AI is Redefining Cybersecurity’s Future
UAE Workforce in 2025: Cybercrime, Stress, and Burnout Take the Spotlight
Video: Toshiba Presents Latest Hard Drives and QNAP NAS System Live Demo at INTERSEC 2025
Video: Toshiba Showcases its Latest Hard Disk Drives Through Live Demos at Intersec 2025
Video: Interview with Meriam ElOuazzani of SentinelOne
Video: Interview with Fred Crehan of Confluent at GITEX Global 2024
-
Artificial Intelligence1 week agoGenerative AI is Transforming Cybersecurity Across Detection, Defense, and Governance
-
Events1 week agoOPSWAT Joins GISEC 2025 as Middle East Confronts AI-Driven Cyber Threats
-
Cyber Security1 week agoProofpoint Unveils Unified Solution for Workspace Cost, Cyber Risk Reduction
-
Cyber Security1 week agoKuwait Renews Cyber First Initiative to Strengthen Digital Defenses for Vision 2035
-
Artificial Intelligence7 days agoFortinet Expands FortiAI Across its Security Fabric Platform
-
Cyber Security1 week agoAmiViz to Show Off the “Future of Cybersecurity” at GISEC 2025
-
Artificial Intelligence1 week agoHow AI is Reinventing Cybersecurity for the Automotive Industry
-
News7 days agoFuse Partners with Check Point Software