Your AI Strategy Is Already Happening Without You
While the official AI strategy sits in a slide deck, the real one is executing in every developer's terminal. Three million AI agents operate within corporations. Only half are monitored. The CTO's job isn't to create a strategy — it's to surface the one that already exists.
The first time I ran a tooling audit on a client’s engineering team, I expected to find Copilot and maybe a ChatGPT subscription. I found seventeen different AI tools in active use across a team of twelve. Code generation, test scaffolding, documentation drafts, SQL query generation, competitive analysis, internal wiki summarisation. Two of them had production database credentials. None of them were on the approved vendor list. Nobody had asked for permission because nobody thought they needed to.
That wasn’t a security failure. It was a strategy — just not one anyone had designed.
The shadow strategy
While the official AI strategy sits in a slide deck awaiting the next board meeting, the actual AI strategy is executing every day — in every developer using Claude Code in their terminal, every product manager drafting specs in ChatGPT, every designer generating assets in Midjourney, every analyst running data through GLM. And increasingly in non-engineering functions — marketing, ops, finance — where there’s no code review culture and no instinct to ask whether a tool should be vetted before it’s used.
The scale is larger than most CTOs expect. Gravitee’s 2026 State of AI Agent Security report estimates over three million AI agents now operate within corporations. Only 47% are actively monitored or secured. That’s roughly 1.5 million agents running without oversight — accessing sensitive data, making decisions, connecting to critical systems with no audit trail.
The governance gap is much worse than the adoption gap. According to Kiteworks’ 2026 Data Security report, 63% of organisations cannot enforce purpose limitations on what their agents are authorised to do. 60% cannot terminate a misbehaving agent. Only a quarter have full visibility into all AI agents running in their environment.
This is the new shadow IT — except shadow IT was someone installing Dropbox on a work laptop. Shadow AI is an unmonitored agent with access to your customer database, your codebase, and your internal communications, operating at machine speed with no human oversight.
The inversion of trust
I wrote about graduated autonomy — the principle that AI systems should earn trust incrementally. Tight oversight at the start. Loosen as reliability is demonstrated. Never reach zero.
Shadow AI inverts this model entirely. These agents didn’t earn trust. They started with full autonomy and zero oversight — because nobody knew they existed. There’s no trust to graduate. There’s no oversight to loosen. There’s just an engineer who needed a faster way to generate boilerplate and pointed an AI at the codebase. A product manager who needed a competitive analysis by Friday and uploaded confidential documents to a chat interface. A data analyst who automated a reporting pipeline with an AI agent that queries production databases directly.
Each of these is a rational decision by an individual — and an ungoverned trust decision by the organisation. Every AI tool a team member adopts without approval is a trust relationship the company entered into without knowing. The data that was uploaded. The API keys that were shared. The context that may have been incorporated into a model’s training pipeline. These aren’t hypothetical risks. They’re the operational reality of organisations where AI adoption outpaced governance by two years.
Governing without creating the problem you’re solving
The word “governance” makes engineers reach for the exit — and for good reason. If your governance model creates the same friction that drove the shadow adoption in the first place, it will fail for the same reason. A three-week procurement cycle for an AI tool that takes three minutes to install will produce exactly one outcome: engineers who install the tool and don’t tell anyone.
The governance that works looks like what we built for one project after the tooling audit: a pre-approved registry of AI tools with SSO provisioning — no tickets, no approval workflow, just a catalogue of vetted options that were easier to use than the shadow alternatives. Tools outside the registry weren’t banned. They triggered a lightweight review: what data does it access? Where does the data go? Can we enforce our retention policy? Three questions, answered in a Slack thread, resolved in an hour. Not a committee. Not a policy document. A conversation.
The harder part isn’t the tooling. It’s the inventory. You cannot govern what you haven’t mapped — and most technology leaders don’t know the full scope of what’s running. Start with the question nobody wants to answer: not which AI tools are approved, but which ones are actually being used. The gap between those two lists is your shadow AI footprint. In my experience, the gap is always larger than anyone expects.
Every developer on your team has an AI strategy. Every PM, every designer, every analyst. The question isn’t whether to create one — it’s whether you know what the current one is, who’s executing it, and what it has access to. The organisations that manage AI successfully won’t be the ones with the best official strategy. They’ll be the ones that found the shadow strategy first. And made it better.