Ask any 100-employee company's CEO how many AI tools their team uses. The answer is almost always two or three.
Run an AI tool discovery — browser telemetry plus a short anonymous survey — and the answer is reliably between 14 and 22.
That gap is not a small thing. It is the central operational reality of SMB AI governance in 2026. Most leaders are trying to govern a problem they have not yet measured. And most cyber insurance carriers, audit teams, and enterprise procurement reviewers have figured this out — which is why "how many AI tools do you use, and which are sanctioned" is now a question with regulatory weight, not a curiosity.
This post walks through what actually shows up in those discoveries, why most leaders are surprised, and what the real number means for the conversations underwriters and auditors are starting to have with SMBs in 2026.
Where the 14-to-22 number comes from
Two sources converge on roughly the same range:
The first is direct experience running the discovery deliverable at the front of every AI Risk Sprint engagement. Across SMB clients in the 50 to 200-employee range, the count never lands at two or three. It lands between 14 and 22, with outliers (in either direction) usually explained by either (a) genuinely strict endpoint policies that block extensions and consumer AI domains at the firewall, in which case the number is lower, or (b) particularly tech-forward teams where the count edges past 30.
The second is IBM's 2025 shadow AI research, which surfaced a closely related stat: more than 20% of breaches involving AI now originate from unsanctioned tool use, and the median company has 8 to 14 unsanctioned AI services per 100 employees. Layer the sanctioned tools on top — Microsoft 365 Copilot, Salesforce Einstein, the procured vendor AI features — and you land in the 14 to 22 range.
The number is also growing fast. Browser telemetry from late 2024 was averaging around 9 to 12. The bump in 2025–26 came from two compounding factors: AI tool adoption accelerating across departments (sales and marketing reached saturation; customer success caught up; engineering doubled down) and vendors silently enabling AI features in already-procured tools (Zoom, Notion, Slack, Salesforce, HubSpot, Microsoft, and dozens more).
What actually shows up
When the discovery report lands on a CEO's desk, the tools usually cluster into seven categories. The exact mix shifts by company type — engineering-heavy companies skew toward category 6, sales/marketing-heavy companies toward 2, and so on — but the categories themselves are remarkably stable.
1. Consumer LLM accounts (the unsurprising ones)
ChatGPT (free or Plus tier), Claude, Gemini, Perplexity. These are the tools leaders usually know about. They are also the tools where the highest-risk data exposures concentrate, because they are typically accessed via personal accounts on personal subscriptions, with no Business Associate Agreement, no Data Processing Agreement, and no audit trail.
Across SMB discoveries, the typical count is two to four consumer LLM accounts in active use. Two-thirds of them are accessed by senior individual contributors (not the C-suite), often for "research" or "drafting" tasks that touch customer or financial data.
2. AI-enabled productivity tools
Microsoft 365 Copilot (if licensed), Notion AI, Grammarly Business, Otter.ai. These are usually procured, but the AI features are inconsistently governed. The most common issue: the firm pays for the enterprise tier of one product (Copilot E5) for some employees but not others, while everyone is using AI features anyway through their personal accounts on the cheaper version.
The count here is usually three to five tools, with overlapping use cases creating confusion about which tool is "official" for a given workflow.
3. Vendor AI features in tools you already pay for
This is the category most leaders miss entirely. Salesforce Einstein. HubSpot AI. Zoom AI Companion. Slack AI. Atlassian Intelligence. Calendly AI. Microsoft Outlook AI summarization. Each of these has been silently activated by the vendor at some point between 2023 and 2025, often without an updated Data Processing Agreement.
A discovery typically surfaces four to seven of these. Most leaders are running the third-party version of "wait, that does what now?" by the time the list is complete.
4. AI-powered browser extensions
This is the highest-risk category per tool, lowest-visibility category overall. Chrome and Edge extensions that submit page content, drafted text, or selected snippets to external AI APIs. Common examples: Bardeen, Glasp, AnyText, various "summarize this page" tools that have proliferated in extension stores.
The typical count is two to four. Each represents an entirely uncontracted data flow to an unknown vendor on an unknown legal basis.
5. AI-enabled meeting and transcription tools
Otter.ai (consumer or business tier), Read.ai, Fathom, Fireflies.ai, Gong (if procured for sales), Granola, Tactiq. Some of these are sanctioned and BAA-covered; many are not.
The typical count is two to four, with a common pattern: one tool is officially sanctioned, three more are running on individual employees' personal accounts because they prefer the UI of the alternative.
6. Engineering and developer AI
GitHub Copilot, Cursor, Codeium, Tabnine, Continue.dev. These are usually well-governed in engineering-heavy companies, but they intersect with code that may contain customer data, credentials, or proprietary algorithms. Discovery surfaces them as part of the inventory but typically doesn't flag them as high-risk unless there's a specific use pattern (e.g., engineers using personal-tier Cursor on customer data).
The typical count is one to three tools.
7. Vertical-specific AI
Industry-specific AI features that often hide in workflows leaders consider "core operations." In legal: AI features in Westlaw, Lexis, Casetext. In healthcare: AI scribes (Suki, Nuance Dragon Medical, Abridge, DAX Copilot), AI imaging tools. In finance: AI features in Bloomberg, FactSet, Salesforce Financial Services Cloud. In manufacturing: AI features in CAD, simulation, and ERP tools.
The typical count is one to three depending on the vertical's tooling maturity.
Why the gap is so wide
There are four reasons leaders consistently underestimate by an order of magnitude.
First, AI adoption is bottom-up, not top-down. Most AI tools enter the company because an individual contributor found one that solved their immediate problem. That tool never crossed a procurement review because it was free, or accessed via a personal subscription, or installed as a browser extension that didn't require any IT involvement.
Second, the AI features that did go through procurement have a hidden second life. When a vendor adds AI features to an already-procured tool, the company is not notified in a way that triggers governance review. The features just appear. Three months later they are in heavy use across the team, with the leader assuming "we procured this tool, we have a contract, we are covered" — without realizing that the AI features the team is now using were not part of the original procurement.
Third, "AI tool" is a category that the average leader maps to "chatbot like ChatGPT." When the question is "how many AI tools do you use," the leader is mentally answering "how many chatbots." The transcription AI, the meeting summarizer, the email AI, the CRM AI, the development AI, and the document AI are all flying under that mental category.
Fourth, telemetry is rare. Most SMBs do not have browser-level visibility into outbound traffic, DLP scanning for AI domains, or MDM tools that track installed extensions. Without that telemetry, the AI tool inventory has to be reconstructed from memory plus a survey. Memory is incomplete; surveys understate use, especially when employees suspect that admitting to AI use might cost them tool access.
What the 14-to-22 number means for governance
Three implications, all immediate.
Implication 1: Carrier and auditor questions are answerable, but only with telemetry. When the cyber insurance carrier's 2026 AI Rider questionnaire asks "list all AI tools currently in use, sanctioned or not," there is no way to answer accurately from memory. The accurate answer requires a discovery exercise that takes specific work — usually a one-time investment of 5 to 10 hours of internal time plus telemetry from an external partner.
Implication 2: The policy you write affects all 14 to 22, not the 2 to 3 you knew about. An AI Acceptable Use Policy that addresses ChatGPT and Microsoft Copilot does nothing for the 18 other tools in use that nobody documented. The policy framework has to be tool-agnostic — defined by data classification and use case, not by vendor name — because no one can write 22 separate vendor-specific policies and keep them current.
Implication 3: Vendor procurement review needs a new gate. New AI tools enter the company faster than procurement can review them, and existing tools add AI features faster than the team can re-review contracts. The 2026 procurement workflow needs an "AI introduction" gate that triggers a 15-minute review whenever a new tool, or an existing tool's new AI feature, lands in the inventory.
What we recommend
We always start an engagement with the discovery. It is the cheapest, fastest deliverable in the Sprint and it sets the foundation for everything else. Until the actual number is on the table, the governance work is theoretical.
If you would like to see the real number for your organization, the free AI Risk Assessment walks through a 12-question scoping survey and produces an initial reading. For organizations with more than 50 employees or specific regulatory pressure (cyber renewal, audit, customer DD), the full AI Risk Sprint produces the documented inventory, risk classification, and remediation roadmap in two weeks for $5,500 — the deliverable the carrier and the auditor will eventually ask to see.
The discovery number on your team is almost certainly higher than the number you would guess right now. The question is whether you find out from your own team in the next 30 days, or from your carrier's renewal questionnaire when you are 45 days from deadline.
