COMMENTARY: Security teams have been playing whack-a-mole with employee behavior for decades. Block the USB drive. Block the web domain. Block the clipboard. But here we are—more shadow IT than ever and a workforce that's gotten very good at working around security blockades.And yet—security teams are about to repeat the same mistake with AI security.Here’s the most common question security leaders are asking right now as it relates to their employees’ AI use: "Can the tool block employees from pasting sensitive data into AI chatbots?" It's a reasonable question on the surface, but it’s the wrong question.[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]
Most teams probably already have all the tools they need to block AI. Teams can update their firewall rules. Layer on more DLP controls. Restrict app installs or clipboard functionality across managed devices.These aren't new capabilities. They’ve existed for decades. And if they were going to solve the shadow IT problem, they would have by now.Yet with all of security gateways and blocking enforcement controls at their disposal, IT security and governance teams are drowning in more shadow IT than ever: shadow SaaS, and now shadow AI. It’s not a technology failure. These tools do exactly what they're designed to do. We’re just relying too much on these controls.These controls were built to prevent employees from taking risky actions, not to address the underlying behavior or judgment. As a result, they often have the unintended effect of just redirecting that behavior.An employee who can't share data with an AI tool doesn’t just abandon the task at hand. They switch to a personal AI tool, a personal device, or a personal network—somewhere the company’s policies don't reach, visibility doesn't extend, and corporate guardrails don't apply. All in all, this doesn’t protect our data. It just pushes the risk somewhere we can't see it.As employees extend their capabilities through agentic AI the “human element” of security becomes a hybrid “workforce element” of security that scales in a way that enforcement controls simply can't keep up with.So what does a better approach look like?It starts by accepting that the goal isn't more control—it's better security outcomes. We want our workforce, human and non-human alike, making good decisions with our data and systems. The way to get there isn't to make all bad decisions impossible. It's to make good decisions easier by offering the right security context at the right moment.Before we resort to blocking controls, there are so many opportunities to intervene in ways that address security behaviors. A well-timed message that surfaces our AI acceptable use policy when someone signs up for an AI tool. A clear, contextual reminder about what data classifications apply to the document they're sharing. A lightweight friction point that prompts a policy-guided decision without grinding productivity to a halt. These aren't soft controls—they're our first line of defense, applied at the point where decisions actually happen, where behavior actually gets shaped.The Verizon Data Breach Investigations Report points to the human element as the leading factor in security incidents, year after year for more than a decade. That's not going to get easier as humans become AI-augmented. In a future where even machine-made decisions are no longer deterministic, we can't control our way out of a behavior problem. We have to address the behavior directly.Play out the two scenarios. One employee pastes a sensitive piece of PII into an AI chatbot. It's a problem, and it shouldn't happen. But compare that to an entire workforce that has quietly routed around our blockades—connecting external agents, sharing credentials, moving sensitive data through channels we don't know exist. The first represents a drop in the bucket, second causes the floodgates to open.If our security program gets optimized to catch the drop, we're going to miss the floodgates entirely.This isn't an argument for removing traditional security enforcement controls and hoping for the best. It's an argument for building AI-ready security programs that meet our workforce where they actually are—programs that scale with agentic AI, that prioritize influence over restriction, and that treat context and education as real controls rather than nice to haves.The enterprises that get this right will have workforces that make better decisions with AI, faster and with more autonomy. The ones that don't will have more sophisticated shadow AI than ever, and less visibility into it than they've ever had.The choice isn't between allow vs. block, or security vs. productivity. It's between security that works for modern work and security that can’t keep up with new realities.Danielle Russell, vice president of product management, Nudge SecuritySC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Most teams probably already have all the tools they need to block AI. Teams can update their firewall rules. Layer on more DLP controls. Restrict app installs or clipboard functionality across managed devices.These aren't new capabilities. They’ve existed for decades. And if they were going to solve the shadow IT problem, they would have by now.Yet with all of security gateways and blocking enforcement controls at their disposal, IT security and governance teams are drowning in more shadow IT than ever: shadow SaaS, and now shadow AI. It’s not a technology failure. These tools do exactly what they're designed to do. We’re just relying too much on these controls.These controls were built to prevent employees from taking risky actions, not to address the underlying behavior or judgment. As a result, they often have the unintended effect of just redirecting that behavior.An employee who can't share data with an AI tool doesn’t just abandon the task at hand. They switch to a personal AI tool, a personal device, or a personal network—somewhere the company’s policies don't reach, visibility doesn't extend, and corporate guardrails don't apply. All in all, this doesn’t protect our data. It just pushes the risk somewhere we can't see it.As employees extend their capabilities through agentic AI the “human element” of security becomes a hybrid “workforce element” of security that scales in a way that enforcement controls simply can't keep up with.So what does a better approach look like?It starts by accepting that the goal isn't more control—it's better security outcomes. We want our workforce, human and non-human alike, making good decisions with our data and systems. The way to get there isn't to make all bad decisions impossible. It's to make good decisions easier by offering the right security context at the right moment.Before we resort to blocking controls, there are so many opportunities to intervene in ways that address security behaviors. A well-timed message that surfaces our AI acceptable use policy when someone signs up for an AI tool. A clear, contextual reminder about what data classifications apply to the document they're sharing. A lightweight friction point that prompts a policy-guided decision without grinding productivity to a halt. These aren't soft controls—they're our first line of defense, applied at the point where decisions actually happen, where behavior actually gets shaped.The Verizon Data Breach Investigations Report points to the human element as the leading factor in security incidents, year after year for more than a decade. That's not going to get easier as humans become AI-augmented. In a future where even machine-made decisions are no longer deterministic, we can't control our way out of a behavior problem. We have to address the behavior directly.Play out the two scenarios. One employee pastes a sensitive piece of PII into an AI chatbot. It's a problem, and it shouldn't happen. But compare that to an entire workforce that has quietly routed around our blockades—connecting external agents, sharing credentials, moving sensitive data through channels we don't know exist. The first represents a drop in the bucket, second causes the floodgates to open.If our security program gets optimized to catch the drop, we're going to miss the floodgates entirely.This isn't an argument for removing traditional security enforcement controls and hoping for the best. It's an argument for building AI-ready security programs that meet our workforce where they actually are—programs that scale with agentic AI, that prioritize influence over restriction, and that treat context and education as real controls rather than nice to haves.The enterprises that get this right will have workforces that make better decisions with AI, faster and with more autonomy. The ones that don't will have more sophisticated shadow AI than ever, and less visibility into it than they've ever had.The choice isn't between allow vs. block, or security vs. productivity. It's between security that works for modern work and security that can’t keep up with new realities.Danielle Russell, vice president of product management, Nudge SecuritySC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
