Most (88 percent) IT decision makers in UK and German organisations believe that shadow IT makes them more vulnerable to cyber-attacks.


In new research from Tenable Network Security more than half of respondents (UK 55 percent; German 57 percent) said that shadow IT has been introduced into their organisations' environments. Almost two thirds (65 percent) of German respondents affected by shadow IT said the use of unknown or shadow assets and applications has led to a cyber-attack in the last year, as opposed to 45 percent in the UK.


UK and German respondents identified engineering (30 percent), design/R&D (27 percent) and finance (25 percent) as the three most egregious offenders when it comes to departments deploying shadow IT.


Half (50 percent) of German and 38 percent of UK respondents expect the use of shadow IT to grow in the next year.


“The fact that many respondents are feeling the pain of shadow IT isn't a surprise to the industry, but the numbers were much higher than we expected,” said Gavin Millard, EMEA technical director at Tenable Network Security. “The foundation of security is having insight into what's in use on the network and it's important that security and operations embrace the needs of the business or they will continue to remain vulnerable to cyber-threats.”