Too many AIs, too little progress: the sprawl stalling business success

Picture an enterprise where each department, and sometimes each individual, introduces their own AI tool to solve specific problems. At first, these tools seem to accelerate productivity and progress: repetitive tasks are automated and insights come faster.

But as weeks go by, the IT environment evolves into a fragmented landscape of disconnected bots and platforms. Security teams face threats and data exfiltration risks from apps they never approved.

Finance teams try to keep up with growing SaaS bills. And the benefits of integrating business apps for data exchange are lost when third-party tools are added to the software portfolio without approval or oversight from IT.

Most enterprises are facing this reality today, where tools meant to drive progress instead introduce unnecessary inefficiencies and risks. It is a growing challenge known as AI sprawl: the unchecked adoption of AI and SaaS tools without unified oversight.

For today’s CIOs, SAM leaders and finance executives, it is a problem expanding almost as fast as AI itself.

The innovation imperative

When coordinated, AI is a clear competitive advantage. Companies using consolidated tech stacks can expect faster workflows and time-to-insight and reap measurable cost savings. AI can supercharge productivity, automate low-value processes, and ensure business units stay ahead of the curve.

These benefits make innovation imperative. But the real value of AI only shows when tools are connected and properly managed. A scattered approach quickly turns advantage into risk.

According to recent industry research, 68% of organizations have experienced AI-related data leakage incidents, but only 23% have implemented comprehensive AI security policies.

This gap has introduced a tension between the innovation imperative and security risks, with CIOs and software asset managers caught in the middle.

AI sprawl: The hidden threat

AI sprawl is not just a software portfolio, cost, or security issue. It reflects a broader challenge across the organization, where the unsanctioned use of new tools undermines efforts to use technology efficiently and achieve better business outcomes.

• Security vulnerabilities: 64% of organizations have already deployed generative AI applications with critical security flaws, and 31% only discovered them after an incident.
• Compliance risk: With the EU AI Act now in force, companies face fines of up to €35 million per violation, making AI compliance a serious financial concern. • Efficiency loss and rising costs: The average enterprise runs 125 SaaS applications. Many include built-in AI and some overlap in function. Some organizations now manage more than 100 AI tools simultaneously, creating complexity for SAM and IT teams, and inflating costs.
• Data breaches: The average cost of a data breach hit $4.9 million in 2024. AI-related breaches take 290 days on average to detect and contain — significantly longer than traditional incidents.

When every team brings in new tools without a shared policy or oversight, visibility fades, costs rise, and security gaps multiply.

Judicial-like oversight: Striking the balance

Too much regulation can slow down innovation. Too little creates blind spots that are just as damaging. What is needed is a balanced oversight model: flexible in practice but grounded in principles.

New frameworks should prioritize safety, transparency, fairness and accountability — values already central to emerging AI regulations at both national and international levels.

A risk-based, industry-aware approach ensures oversight is focused where it matters most: in highly regulated sectors, critical infrastructure and when handling personal data. Lower-risk experimentation can continue, as long as the right guardrails are in place.

To support this, SAM, SaaS and IT leaders should consider:

• Regulatory sandboxes and pilots: Test new AI tools in limited, controlled environments before deploying them broadly across the organization. This protects innovation while ensuring all tools are properly vetted.
• Collaborative governance: Oversight should be shared between compliance, security, IT, business leaders and finance. A cross-functional AI governance group can ensure each tool is justified, strategically relevant and not duplicating existing capabilities.
• Continuous monitoring and agile policy: With AI evolving rapidly, real-time usage tracking and frequent internal audits are essential. Policies must be able to adapt quickly when new risks or inefficiencies emerge.

Achieving the sweet spot: Practical steps for CIOs and SAM leaders

For those responsible for maintaining an effective, productive and secure software environment, there are practical steps to avoid the negative impacts of AI sprawl — and instead unlock coordinated value from the growing wave of new tools.

• Inventory and consolidate: Track AI and SaaS tools continuously. Identify redundant, overlapping or shadow applications, and reduce them to a core, secure and manageable set. Yes, there can be value in distributing workloads across different tools for cost efficiency, but also consider the hidden cost of ensuring each tool remains compliant with your governance policies.
• Establish cross-functional governance: CIOs, SAM managers, security leaders and end-users should meet regularly to assess AI needs, usage and return on investment. This prevents silent sprawl while enabling transparent experimentation and innovation.
• Commit to regular audits and clear policies: Make AI tool reviews part of the quarterly compliance cycle. Set onboarding rules with no exceptions, including minimum standards for security and data transparency.
• Focus on value and security over hype: AI has great potential, but every new tool must show measurable business impact, proper security controls and a clear role in the overall tech landscape. The goal is fewer tools that do more, not more tools that distract and fragment the technology stack.

Conclusion

Unchecked AI sprawl is a business risk, a drag on productivity and a strain on IT, finance and compliance resources.

But with the right approach; one built on principles, flexibility and cross-functional collaboration, organizations can turn the AI landgrab into a source of lasting progress.

Enterprises that tame sprawl today will be tomorrow’s leaders, delivering on the promise of AI while protecting trust, efficiency and growth.

We've featured the best small business software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro