If you want to understand why regulatory guardrails can supercharge, not stifle, technological innovation, don’t look to theory. Look to cybersecurity. The field is, by definition, mission-critical: cybersecurity keeps our technical infrastructure resilient, protects financial institutions, and allows both individuals and businesses to leverage the internet safely. Cybersecurity methods must evolve quickly, or our critical infrastructure could be at risk.

Welcome to the gray zone of innovation.

Shadow AI is what happens when employees use generative AI tools (ChatGPT, Claude, Copilot, Gemini, and others) without telling IT or leadership. Sometimes it's to save time, automate grunt work, or just move faster. But like its older cousin shadow IT, shadow AI comes with serious risks.

And it’s not just happening in the margins. It’s everywhere. According to recent surveys, more than 70% of knowledge workers say they use GenAI at work but fewer than 20% say their company has approved it.

If you’re a leader, that means your org likely has more AI use than you think and a lot less control than you need.

Information integrity deserves fierce advocacy from governments, the intellectual ingenuity of civil society, and the creative muscle of industry. It should be the next "by design" movement, writes our CEO, Camille Stewart Gloster, in a Tech Policy Press article.