Recent research by cybersecurity consultancy CyXcel highlights a concerning trend among UK businesses regarding artificial intelligence (AI) risk management. The study found that 29% of the surveyed organizations have only recently adopted their first AI risk strategies, while 31% lack any AI governance policies at all. This is particularly troubling given that one-third of businesses recognize AI as a potential cybersecurity threat.
The absence of adequate AI risk preparedness leaves these organizations vulnerable to data breaches, operational disruptions, and hefty regulatory fines. Furthermore, the study revealed that 18% of businesses in the UK and the US remain unprepared for AI data poisoning, a specific type of cyberattack that compromises the training data used in AI and machine learning models. Additionally, 16% of respondents reported having no policies to address cloning and deepfake incidents, indicating significant gaps in their defensive strategies.
Megha Kumar, Chief Product Officer and Head of Geopolitical Risk at CyXcel, emphasized the dilemma companies face when adopting AI technologies. Many organizations are eager to leverage AI’s benefits but are apprehensive about associated risks, especially in the absence of robust governance frameworks. To address these challenges, CyXcel has developed its Digital Risk Management (DRM) platform, which aims to help businesses proactively manage digital risks and embrace AI technologies safely.
The platform integrates insights from various domains, including cyber, legal, and technical realms, to enhance threat management and digital resilience. Additionally, the DRM platform provides comprehensive strategies across multiple sectors, guiding users in handling complex digital risks from AI to cybersecurity and regulatory compliance. With laws surrounding cybersecurity intensifying globally, CyXcel’s DRM platform also offers litigation services to streamline compliance with mandatory regulations, particularly for businesses in sectors considered critical national infrastructure.
CEO Edward Lewis noted the shifting landscape of cybersecurity, where governments worldwide are enacting measures to protect critical infrastructure from digital threats. He stressed that the responsibility of managing these risks is not only advisory for CyXcel but also deeply personal, given that the company shares the same vulnerabilities as its clients.