Gartner studies have found that shadow IT is 30 to 40 percent of IT spending in large enterprises, and our research at Everest Group finds it comprises 50 percent or more. Either way, I believe these statistics are an understatement of the shadow IT ecosystem — spending on IT that doesn’t go through the sanctioned enterprise IT shared service function. It’s a big issue, and increasingly complicated. Historically, the increase in complexities, the need for greater security or the need to operate at enterprise-wide scale drove shadow IT out of departments and into the administration of the IT group. That’s no longer the case; thanks to SaaS and cloud products/services, shadow IT can now operate securely at scale. So how can a CIO address the risks and expense of shadow IT?