TLDR: A recent report reveals that a significant majority of UK Chief Information Security Officers (CISOs) are demanding urgent government regulation of AI models, particularly citing concerns over Chinese AI giant DeepSeek. The fear is that unregulated AI tools could trigger a national cyber crisis, leading many organizations to already ban or halt AI deployments due to cybersecurity risks.
Anxiety is rapidly escalating among Chief Information Security Officers (CISOs) operating in security operation centers, with particular apprehension directed towards the Chinese artificial intelligence firm, DeepSeek. While AI was initially hailed as a transformative force for business efficiency and innovation, it is now casting considerable shadows for those on the front lines of corporate defense.
According to findings from Absolute Security’s UK Resilience Risk Index Report, based on a poll of 250 CISOs at large UK organizations, a striking four in five (81%) of UK CISOs believe that Chinese AI chatbots, such as DeepSeek, necessitate urgent government regulation. These security leaders express profound concern that without swift intervention, such tools could become the catalyst for a full-scale national cyber crisis. This sentiment is not merely speculative unease but a direct response to a technology whose data handling practices and potential for misuse are raising alarm bells at the highest echelons of enterprise security.
The report highlights a decisive shift in approach: what would have been almost unimaginable just a couple of years ago is now a reality. Over a third (34%) of these security leaders have already implemented outright bans on AI tools within their organizations due to mounting cybersecurity concerns. Furthermore, a similar proportion, 30%, have already ceased specific AI deployments. This retreat is characterized not as Luddism but as a pragmatic and necessary response to an escalating threat landscape. Businesses are already grappling with complex and hostile threats, exemplified by recent high-profile incidents like the Harrods breach, and CISOs are struggling to keep pace with the added layer of sophistication introduced by advanced AI tools.
Also Read:
- The Imperative for a Unified Global AI Governance Framework
- Nations Intensify Pursuit of AI Sovereignty Amidst Global Tech Race
DeepSeek, which claimed in January 2025 to have developed an AI model rivaling ChatGPT at a significantly lower cost, has faced increasing international scrutiny over its security policies and privacy practices. Its privacy policy indicates that it stores various forms of personal data, including AI program requests and uploaded files, on servers located in China. This has prompted several countries to take action: Australia banned DeepSeek from all government devices in early February, citing security risks. Germany, in June, requested Apple and Google to remove DeepSeek from their app stores due to data safety concerns. India’s finance ministry, also in early February, advised its employees to avoid using AI tools like DeepSeek for official purposes, citing risks to government document and data confidentiality. Taiwan similarly banned government use in February, raising concerns about both security and potential censorship. The Netherlands’ privacy watchdog initiated an investigation into DeepSeek’s data collection practices in late January, urging caution among Dutch users. The Trump administration is also reportedly considering penalties, including blocking DeepSeek from acquiring U.S. technology and restricting American access to its services.
