New research from Netskope Threat Labs found that authorized AI usage within the manufacturing industry is now within 10 percentage points of the usage levels for unauthorized, unmanaged shadow AI. This appears to demonstrate significant progress within the sector of efforts to secure and de-risk AI.
“We’re seeing organizations in the manufacturing industry take real steps to bring AI under the purview of governance controls and implement structured oversight. The gap between managed AI use and unmanaged shadow AI is narrowing, suggesting that efforts to officially adopt these technologies—with appropriate security and governance—are paying off,” says Gianpietro Cutolo, cloud threat researcher at Netskope Threat Labs. “As the industry moves toward platforms with enterprise-appropriate safeguards, terms and conditions, manufacturers are proving that innovation and security can advance hand in hand. The next challenge will be maintaining the balance as AI becomes more deeply embedded in operations and production.”
Key takeaways:
· 94% of organizations now use genAI applications. Use of personal, unmanaged genAI tools dropped from 83% in December 2024 to 51% in September 2025, while organization-approved usage has risen from 15% to 42%, reflecting a sector-wide shift toward governed AI usage.
· The report also finds that 29% of organizations in the manufacturing industry now use at least one of the three major genAI platforms for private AI systems.
· Where data policy violations do occur—both across personal and corporate AI and cloud application usage— attempts to share regulated data (41%), intellectual property (32%), and passwords or API keys (19%) make up the majority of incidents. The report warns that such exposures threaten not only compliance but also competitive advantage, given the sensitivity of industrial IP and operational data.
- 67% of organizations now connect to api.openai.com for internal tools and task automation, highlighting the growing integration of genAI APIs beyond the browser.
- Source code represents 28% of all AI-related data exposure incidents, often through developers using genAI for coding tasks without proper controls.
