Shadow AI at work: NordVPN’s CTO on the risk

It’s been more than three years since ChatGPT launched, and since then, organizations and employees have been falling over themselves in the attempt to become as AI-ready as the next.

But with the AI enthusiasm has come teething issues. Two-thirds of office professionals have used AI tools at work that they believed company policy didn’t allow, according to an April 2026 PagerDuty survey of 1,250 non-IT employees across Australia, Japan, the UK and the US. All these employees work at companies with $500 or more in annual revenue — so this isn’t just a small business problem, in any sense of the word.

To understand what this means for security teams, TechInformed spoke with the chief technology officer of NordVPN, Marijus Briedis, about why employees reach for unauthorized tools, the data risks created by shadow AI and how organizations can adopt AI safely.

How do you use AI in your day-to-day work?

My use of AI has evolved a lot. Initially, it was just chatting with models when the first versions of ChatGPT appeared. Now I’m a big fan of agentic coding tools like Claude Code and use them every day. I have a home lab where AI agents are running almost continuously, helping me build proofs of concept and MVPs.

I also use AI for research. If I want to learn about a topic, I’ll pull hundreds of PDFs, feed them into a tool, and ask it to research, summarize and brainstorm ideas.

The third major use is learning. I ask the AI to [not only give me a summary but also] quiz me and challenge my understanding.

Do you think the average employee understands the risks of using AI?

It depends on the company.

We invest heavily in awareness programs around phishing, social engineering and scams, so employees understand the risks. But I don’t think every organization does that.

The challenge is that AI has become a new interface for interacting with information, and it arrived incredibly quickly. I remember sitting on a bus shortly after one of the major ChatGPT releases and noticing that everyone around me was using it. That was the moment I realized this wasn’t going away.

The problem is that when a technology is adopted fast, people tend to think about security later.

Do you think the rush to adoption comes down to a general pressure to pick up on AI?

It’s twofold.

First, individuals need to stay curious and experiment with new technologies. If you completely ignore AI today, you risk falling behind.

Second, organizations are currently in a hype cycle. Over the next year or so, many will start measuring the actual return on investment and realize it’s not all sunshine and rainbows.

For example, AI can increase code output by maybe eight times or even 16 times. But producing code isn’t the same as delivering value. You still have to test it, deploy it, sell it and support it.

AI speeds up one part of the process but not necessarily the whole business.

What are the biggest risks people face when using AI?

On the personal side, it’s about cyber hygiene.

People are using AI for everything now: psychology, relationship advice, medical questions, fitness plans.

Many people don’t realize that what they input may be stored or used to improve future models. Once you’ve shared something, you can’t necessarily take it back.

For organizations, we’re seeing the rise of guardrails — systems that detect when users are about to share sensitive information such as source code, customer data or financial information.

But we’re still in the early stages. I don’t think we’ve yet seen the definitive approach to data loss prevention for AI.

Are people becoming too trusting of AI?

One issue is that people don’t really understand how large language models work. At their core, they’re statistical systems predicting the most likely next words based on patterns they’ve learned.

That means they can be incredibly convincing while still being wrong.

I’ve seen this myself with coding models. Some versions are fantastic, then a new release comes out and suddenly the quality drops. A few months later it’s good again.

People shouldn’t assume AI is always correct. They need to verify what it tells them.

The other issue is that AI adapts to you. The more context you give it, the more personalized its responses become. That’s useful, but it can also reinforce your existing beliefs or assumptions.

Can you explain the risks of entering personal or company information into an LLM?

The biggest risk is that people don’t think about where that information goes.

If companies are too restrictive, employees often find workarounds and start using personal AI accounts instead. That’s where concepts like “shadow AI” come from.

An organization can control company devices and approved software, but if someone copies sensitive information into a personal AI tool, that’s much harder to manage.

Ultimately, this comes back to awareness. People need to understand that if they put information into a public AI service, they may lose control over it.

If an organization runs its own local model, that’s a different story. But most people today are using commercial providers and that’s where the exposure sits.

What advice would you give to organizations that want to adopt AI safely?

First, put the right tools and guardrails in place. Think about identity, behavior monitoring and controlling how AI tools are accessed across the organization.

The second part is about education. People need to understand how these tools work, why they’re using them and what the risks are.

How do you take your coffee?

Usually it’s either a flat white or an Americano. There’s a really nice café near where I live called Elska — I think it means “love” in Icelandic. It’s run by one of the World Barista Championship winners, so I often go there in the morning for coffee.