Cell-centric safety supplier Lookout has launched the findings of a survey report that exposes a systemic architectural failure — that conventional community perimeters are blind to cell shadow AI.
The “Fixing for the Cell AI Blind Spot: Govt Confidence Meets Technical Actuality” report, carried out with ZK Analysis, revealed that whereas virtually all safety executives specific supreme confidence of their AI governance, employees, when firms restrict which fashions can be utilized, will flip to AI of their cell units, creating the cell shadow AI. In actual fact, 52% of all generative AI utilization occurs on cell units, the survey discovered, and that may result in employees exposing supply code, mental property and even enterprise data to cyber attackers.
The technical actuality: Excessive spend, zero visibility
The report additionally discovered that organizations spend a mean of 19% of their safety budgets on AI compliance, but conventional safety frameworks aren’t designed to deal with mobile-native generative and agentic AI. Among the many findings within the report are:
- The Darkish Visitors Route: 59% of cell AI visitors is hidden from conventional network-discovery instruments, routing immediately between native apps and exterior clouds with out ever crossing a company gateway.
- The Agentic Blind Spot: 68% of enterprises have zero technical visibility into autonomous AI agent workflows that inherit consumer identification and single sign-on (SSO) tokens to govern company data out of sight.
- The Hidden SDK Provide Chain: 72% of organizations are structurally incapable of auditing embedded AI Software program Improvement Kits (SDKs) hidden inside benign-looking on a regular basis cell purposes.
Enterprises are burning practically a fifth of their safety budgets attempting to resolve a 2026 drawback with desktop-era ways,” mentioned Zeus Kerravala at ZK Analysis. “Counting on binary web-filtering utterly destroys worker productiveness and has compelled 84% of IT leaders to actively stall business-led AI initiatives. In the meantime, forcing all cell knowledge visitors to backhaul via heavy cloud sandboxes introduces crippling consumer latency and triggers huge cloud compute payments. You can’t safe knowledge fluidly by turning the consumer’s telephone right into a non-functional silo. True cell compliance should occur natively on the edge.”
Lookout AI Visibility & Governance
Within the report, Lookout recommends that enterprises transfer from perimeter-tied discovery fashions and deploy a devoted mobile-native structure. Its Lookout AI Visibility & Governance addresses these cell blinds spots via three pillars, the corporate wrote:
- Complete AI Utility Discovery: Immediately unmasks each AI-enabled system, background course of, and embedded SDK touching company knowledge materials to neutralize the 72% provide chain visibility hole.
- Agentic Conduct Mapping: Tracks autonomous agent actions and single sign-on permission extensions in real-time to proactively block unsanctioned workflows earlier than knowledge exfiltration happens.
- Inline Cell Edge Knowledge Guardrails: Enforces real-time, content-aware knowledge loss prevention (DLP) immediately on the bodily system, stopping delicate company properties and PII from reaching unsanctioned AI fashions earlier than it could possibly ever depart the system perimeter.
“Acceptable-use insurance policies and passive company mandates are ineffective with out lively, technical enforcement on the edge,” mentioned Firas Azmeh, president of Cell Endpoint Safety at Lookout. “AI governance has escalated to a board-level precedence, with 97% of leaders agreeing it’s mission-critical. Lookout systematically converts these invisible cell liabilities into absolutely managed enterprise property, giving organizations the arrogance to embrace the AI revolution securely.”
