shadow AI

Shadow AI and Client-Side Widgets Create an Inventory Gap That Existing Controls Do Not Cover, Kiteworks Analysis Finds

Kiteworks published a research piece on May 30, 2025, framing the central AI governance challenge as an architecture and visibility problem rather than a policy problem. The analysis identifies shadow AI deployments, embedded client-side scripts, third-party AI widgets, and fragmented controls as the primary blind spots undermining enterprise AI oversight. It recommends continuous inventory, Content Security Policy and script allowlists, third-party AI monitoring programs, joint incident response planning, and treating AI widgets as data processors under applicable privacy frameworks.