Shadow SaaS & Shadow AI Evangelist

Kristofer
Maki

Shadow SaaS & Shadow AI Evangelist | Hunting the Apps Your Org Doesn't Know It's Running | Public Speaker | Proud Cyber Nerd

Every unapproved SaaS tool and AI assistant your employees adopt is a risk hiding in plain sight. I find them, classify them, and help organizations build governance programs that actually work — without killing the productivity that drives the business.

See Me Speak Learn More

Experience

15+

Years in Cybersecurity

About Me

I hunt shadow tech for a living.

You can't govern what you can't see — so go see it, then make the safe path the easy path.

Cybersecurity is ultimately a business risk discipline — and the risks you can't see are the ones that will hurt you most. My focus is Shadow SaaS and Shadow AI: the unapproved tools, rogue cloud apps, and unsanctioned AI assistants your employees are already using — with or without your knowledge.

I've built Shadow SaaS and Shadow AI governance programs from the ground up in a heavily regulated financial services environment, and I speak publicly about what it takes to turn visibility into governance. The core truth I keep coming back to: bans don't eliminate behavior — they eliminate visibility.

Beyond shadow tech, I operate at the intersection of strategy, governance, and execution — maturing security programs, operationalizing risk management, and creating structures that leadership can understand, trust, and rely on.

🔍

Shadow SaaS Discovery

Finding every tool your org doesn't know it's running.

🤖

Shadow AI Governance

Classifying and governing the AI tools already in your environment.

🏛️

CASB Strategy

Cloud Access Security Broker product ownership and deployment.

🎤

Public Speaker

Conference talks on Shadow SaaS, AI governance, and security operations.

⚖️

Compliance & Audit

Readiness in heavily regulated financial services environments.

📈

Program Maturity

Building scalable security operations from scratch.

Speaking Engagements

On the stage.

Conference talks, panels, and keynotes on Shadow SaaS, Shadow AI governance, and building security programs that actually work.

Central Ohio ISSA

You Can't Secure What You Can't See: Building a Shadow SaaS Program That Works

Drawing on hands-on experience building a Shadow SaaS governance program from the ground up — covering the full lifecycle from discovery to culture change.

June 9, 2026 · 12:00 PM ET Room 402-3 · Pheoris West C

Latest Thinking

From the blog.

Practical takes on Shadow SaaS, Shadow AI governance, and building security programs that support the business.

🔍

Shadow SaaS

Don’t Let Perfect Be The Enemy of Good!

Most Shadow SaaS programs never get built because someone’s waiting for the perfect policy, the perfect tool, the…

June 14, 2026

All Posts →

Experience

15+ years building security programs that scale.

From network administration to VP-level security leadership — specializing in Shadow SaaS governance, CASB product ownership, and operationalizing security in regulated environments.

View Full Resume

► Necessary Cookies Always Active

Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.

► Functional Cookies Remark

Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.

► Analytical Cookies Remark

Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.

► Advertisement Cookies Remark

Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.

KristoferMaki