Four in five (81%) UK CISOs are urging immediate regulation of DeepSeek — a China-based AI chatbot that has sparked global security concerns due to its data handling practices and vulnerability to misuse. This call to action is based on findings from the UK Resilience Risk Index Report by Absolute Security, highlighting the necessity for UK Government intervention to avert a potential national cyber crisis.
A growing number of organisations are responding to these risks. Around a third (30 per cent) of CISOs have ceased using AI tools within their companies while 34% have introduced full bans on AI as a result of cybersecurity concerns. The findings, gathered from 250 UK CISOs by independent research agency Censuswide, reflect a significant shift in how enterprise leaders are navigating the challenges of the AI-driven cyber landscape.
DeepSeek, known for its innovative AI capabilities, has become a significant concern, primarily due to its potential to leak sensitive data and be hijacked by cybercriminals. This backdrop has led businesses and governments alike to reassess their cyber strategies.
The escalating complexity of cyber threats is visible in recent incidents like the Harrods breach. For many CISOs, the introduction of AI-driven threats further complicates an already challenging scenario, prompting a re-evaluation of existing cyber defences.
A noteworthy 60 per cent of UK CISOs predict an increase in cyber-attacks attributed to DeepSeek, while another 60 per cent find that this technology is entangling privacy and governance frameworks, thereby complicating their roles.
A significant 42 per cent of security leaders now perceive AI as more of a threat than an ally to cybersecurity. However, it's not just the threats that concern them; the current readiness gap is equally alarming. Nearly half (46 per cent) admit their teams aren't equipped to manage AI-driven threats like those posed by DeepSeek, revealing a need for regulatory support.
Andy Ward, SVP International of Absolute Security, noted the urgency, stating that without a national regulatory framework, the UK risks widespread disruption. "We need immediate action, policy, and oversight to ensure AI remains a force for progress, not a catalyst for crisis," he emphasised.
However, despite the risks, investment in AI talent remains robust. Eighty-four per cent of organisations are prioritising new hires in AI for 2025, with 80 per cent committed to C-suite level training in AI. The future course involves a skilful workforce, transparency in AI deployment, and government-led oversight.
While retreating from AI is not on the cards, CISOs are calling for immediate, clear rules and strong governmental oversight to tackle DeepSeek and its counterparts efficiently.
