Security Chiefs Urge Swift AI Regulation, Citing Risks of Tools Like DeepSeek

Concern is mounting within Security Operations Centers, particularly among Chief Information Security Officers (CISOs), with a sharp focus on AI giant DeepSeek from China.

While initially hailed as a breakthrough for business efficiency and innovation, artificial intelligence is now creating significant apprehension for those leading corporate defense.

A substantial majority—81%—of UK CISOs are calling for immediate government regulation of the Chinese AI chatbot. They warn that a lack of swift action could see the tool trigger a nationwide cybersecurity crisis.

This concern is not based on speculation but stems directly from the technology's opaque data practices and potential for malicious use, issues that are ringing alarm bells at the highest levels of enterprise security.

These insights come from a poll of 250 CISOs at major UK organizations, conducted for Absolute Security's UK Resilience Risk Index Report. The data indicates that the once-theoretical AI threat has become a tangible reality for security leaders, prompting decisive responses.

Reflecting a dramatic shift in strategy, over a third (34%) of these leaders have already enacted outright bans on AI tools due to security fears. A further 30% have halted specific AI deployments within their companies.

This pullback is not a rejection of technology but a pragmatic reaction to an escalating risk landscape. Businesses are already grappling with sophisticated threats, as shown by high-profile incidents like the recent breach at Harrods. CISOs are finding it difficult to keep up, and the prospect of advanced AI augmenting attackers' capabilities is a challenge many feel unprepared to meet.

A widening security gap for platforms like DeepSeek

The fundamental risk with platforms such as DeepSeek is their dual potential to leak sensitive corporate data and be co-opted by cybercriminals as an attack tool.

Sixty percent of CISOs anticipate a direct rise in cyberattacks fueled by DeepSeek's proliferation. An equal number report that the technology is already complicating their privacy and governance protocols, pushing an already demanding role to its limits.

This has led to a notable change in perception. Once considered a potential game-changer for defense, AI is increasingly viewed by security professionals as part of the threat. The survey shows 42% of CISOs now believe AI poses a greater risk than benefit to their security posture.

Andy Ward, SVP International at Absolute Security, commented: "Our research underscores the substantial dangers presented by emerging AI tools like DeepSeek, which are rapidly transforming the cyber threat environment.

"With mounting fears over their ability to supercharge attacks and endanger sensitive data, organizations must urgently enhance their cyber resilience and update security frameworks to counter these AI-powered threats.

"This is precisely why four out of five UK CISOs are demanding government regulation. They have seen firsthand how swiftly this technology evolves and how it can circumvent existing security measures."

Perhaps the most alarming finding is the confession of a lack of readiness. Nearly half (46%) of senior security leaders admit their teams are not prepared to handle the unique dangers of AI-driven attacks. They are watching as tools like DeepSeek develop faster than their defensive strategies can adapt, creating a critical vulnerability that many feel only government intervention can address.

"These are concrete, not hypothetical, risks," Ward added. "The fact that organizations are already imposing total bans on AI tools and overhauling security strategies in response to LLMs like DeepSeek shows how pressing this issue is.

"Without a national regulatory framework—one that establishes clear rules for deployment, governance, and monitoring—we risk severe disruption across all sectors of the UK economy."

Businesses invest to secure their AI future

Despite adopting a defensive stance, businesses are not abandoning AI entirely. The current approach is more a strategic recalibration than a full retreat.

Companies acknowledge AI's transformative potential and are investing heavily to integrate it safely. In fact, 84% of organizations are prioritizing the recruitment of AI specialists for 2025.

This commitment reaches the highest executive levels, with 80% of companies dedicated to AI training for their C-suite. The strategy is twofold: upskill existing staff to manage the technology and recruit specialized talent to navigate its intricacies.

The goal is to build a robust internal foundation of AI knowledge, serving as a crucial defense against the growing external threats.

The message from the UK's security leadership is unambiguous: the aim is not to stifle AI innovation but to ensure its safe advancement. Achieving this requires a stronger, more collaborative partnership with government.

The way forward involves setting clear rules, ensuring government oversight, developing a skilled AI workforce, and establishing a coherent national strategy to manage the security risks posed by DeepSeek and the powerful AI tools that will follow.

"The period for discussion has passed. We require immediate action, clear policy, and rigorous oversight to ensure AI drives progress, not precipitates a crisis," Ward concluded.

See also: Alan Turing Institute: Humanities are key to the future of AI

Interested in learning more about AI and big data from industry experts? Explore the AI & Big Data Expo happening in Amsterdam, California, and London. This comprehensive event runs alongside other leading conferences including Intelligent Automation Conference, BlockX, Digital Transformation Week, and Cyber Security & Cloud Expo.

Discover more upcoming enterprise technology events and webinars powered by TechForge here.