Report examines the prevalence of two common insecure practices.

February 28, 2022

2 Min Read


Tampa Bay, FL (February 28, 2022)– KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced a new report from KnowBe4 Research, “Shadow IT Is Real”, which revealed that shadow IT is a real risk for organizations with half of employees using unauthorized file services to complete work.

This research report examines the prevalence of two common insecure practices using survey responses from over 435,000 participants across global regions and industries. The first analysis covers the use of unauthorized cloud services to store information and communicate in the workplace. The second analysis reviews the prevalence of downloading content through unauthorized file sharing networks using work computers. Highlights from the findings include:

  • Asia and Oceania are regions with worryingly high rates of both practices, while Africa is consistently the best performing.

  • Finance- and technology-based industries are comparatively better than many other industries, while construction-, manufacturing-, educational- and government-based organizations are the poorest performing.

“The findings from this research are very concerning because employees are exhibiting insecure behaviors that are putting their organizations at significant risk,” said Kai Roer, chief research officer, KnowBe4. “The concept of shadow IT has a direct impact on the level of security culture exhibited at an organization. To combat shadow IT, organizations should focus on strengthening their security culture and increasing employees’ level of security awareness. It is especially important for employees to understand and take responsibility for how their insecure behaviors can ultimately affect the organization’s reputation and bottom line.”  

To download the new KnowBe4 Research Report, “Shadow IT Is Real”, visit

About KnowBe4 KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 47,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights