New research from Netskope Threat Labs has found that organisations within the manufacturing industry are deploying approved AI tools among their workforce in an effort to reduce unauthorised and unmanaged AI usage–known as shadow AI–, a common vector of data leaks. The gap between managed and unmanaged AI usage within manufacturing organisations is quickly closing, demonstrating significant progress within the sector in securing and de-risking AI.
Generative AI adoption is high and stable across the manufacturing sector, with 94% of organisations detecting the use of genAI applications among their workforce. The use of personal, unmanaged genAI tools in the workplace dropped from 83% in December 2024 to 51% in September 2025, while the use of organisation-approved genAI applications has risen from 15% to 42%, reflecting a sector-wide shift toward governed AI usage.
Unmanaged usage of AI is a problem as it reduces the ability for security teams to monitor for accidental data leaks, which occur regularly through both personal and corporate application usage. Attempts by workers to share regulated data (41%), intellectual property (32%), and passwords and keys (19%) make up the majority of data policy violations manufacturing organisations are mitigating across both cloud and AI applications. Source code represents 28% of all genAI-related data exposure incidents, often through developers using genAI for coding tasks without proper controls. Such exposures threaten not only compliance but also competitiveness, given the sensitivity of industrial IP and operational data.
Additionally, 29% of organisations in the manufacturing industry are detecting usage of at least one of the three major genAI platforms designed to develop and deploy private AI systems on private IT infrastructure, signalling increasingly sophisticated AI usage among workers in the sector. Azure OpenAI is the most used, followed by Amazon Bedrock and then Google Vertex AI.
Commenting, Gianpietro Cutolo, Cloud Threat Researcher at Netskope Threat Labs, said:
“We’re seeing organisations in the manufacturing industry take real steps to bring AI under the purview of governance controls and implement structured oversight. The gap between managed AI use and unmanaged shadow AI is narrowing, suggesting that efforts to officially adopt these technologies—with appropriate security and governance—are paying off.
“As the industry moves toward platforms with appropriate safeguards, manufacturers can make innovation and security advance hand-in-hand. But as AI becomes more deeply embedded in operations and production, maintaining this balance will be a challenge.”
The use of personal cloud applications at work is also blurring the line between personal and professional data handling. Personal Google Drive, LinkedIn and OneDrive accounts are the personal cloud applications most used at work by professionals in the manufacturing industry, and is another vector of sensitive corporate data leaks, with manufacturers regularly detecting attempts to leak regulated data or intellectual property via personal applications.
Finally, the report delivers insights on the presence of malware on trusted corporate cloud systems, with 18%, 14% and 11% of manufacturing organisations detecting malware downloads by employees from Microsoft OneDrive, GitHub, and Google Drive respectively each month.
For more information, visit www.netskope.com.
