In today’s cloud-native enterprise environments, the proliferation of shadow IT represents a latent yet critical cyber security vulnerability. This issue – and how smarter governance can strengthen cyber security – will be discussed at the ITWeb GRC Summit 2025 on 30 October at the Forum in Bryanston.
Ethel Luvhimba, service delivery manager at Attacq, will explain how organisations can move from reacting to problems to adopting proactive, policy-based governance that supports business goals.
Luvhimba says shadow IT is often introduced to improve efficiency but brings significant security, compliance and visibility risks. “Employees resort to unapproved tools when official systems cannot meet their needs. This creates a gap between the demand for innovation and strict security measures, allowing shadow IT to grow.”
Attendees will learn how to use AI-powered monitoring for better visibility, apply risk-based access controls, and build a security-first mindset across the workforce while maintaining agility and innovation.
Luvhimba’s presentation will cover:
- Why shadow IT happens: the innovation–security gap
- Governance, not gatekeeping: a smarter approach
- Real-world impact
- The way forward: resilience through governance
She believes effective governance – rather than completely blocking tools – enables safe usage through visibility, risk-based policies and cooperation between IT and business units. The goal is to manage risk without limiting agility.
“Unmanaged shadow IT has led to data leaks and compliance issues, causing real damage across industries. Learning from these situations highlights the urgent need for active oversight. Building resilience means using a governance framework that includes AI-driven insights, continuous monitoring and a culture of shared responsibility. It’s not about control; it’s about enabling secure innovation,” says Luvhimba.
Click here for more information and to register.
Share