CyXcel Study Reveals One-Third of UK Businesses Face AI-Related Risks

A study conducted by cybersecurity experts at CyXcel shows that 29% of UK companies have only just introduced their first strategy to manage AI risks, and a further 31% have not established any AI governance policies. This situation persists even though a third of businesses have identified AI as a potential cybersecurity threat. CyXcel warns that lacking AI risk preparedness exposes companies to data leaks, breaches, operational interruptions, and potential regulatory penalties.

The survey also highlights that 18% of organizations in the UK and US are not ready to handle AI data poisoning attacks, which specifically target training data for AI and machine learning models. Additionally, 16% lack policies to combat cloning and deepfake occurrences.

Megha Kumar, CyXcel's Chief Product Officer and Head of Geopolitical Risk, explained the dilemma faced by companies wanting to adopt AI technologies while being wary of the risks. Organizations aim to deploy AI yet remain concerned over its risks, particularly as many do not have a structured policy and governance framework in place.

She explained that CyXcel's Digital Risk Management (DRM) platform offers a solution to escalating threats. Our DRM provides clients across various sectors, particularly those with limited in-house tech capabilities, a powerful tool to manage digital risks and utilize AI securely and safely.

The CyXcel DRM platform aims to give businesses insights into the increasing risks associated with AI. It integrates cyber, legal, technical, and strategic knowledge to help manage threats and enhance digital resilience. The platform is designed to aid in the establishment of governance and policies that could reduce potential risks.

This DRM platform provides strategies pertaining to AI, cybersecurity, supply chain, geopolitical issues, regulation, technology (OT/IT), and corporate responsibility. Solutions presented by the platform can be managed via a dashboard that allows users to handle digital risks.

The platform integrates legal and technical expertise, enabling users to observe trends, assess risk impacts, and identify emerging threats. It offers guidance on devising strategies to mitigate risks and weaknesses.

The DRM also includes a comprehensive dispute resolution and litigation service that minimizes the time necessary for organizations to comply with laws addressing various digital risks. CyXcel's DRM covers 26 industries legally obliged to adhere to regulations like the EU's NIS2 and DORA (Digital Operational Resilience Act), which are considered as Critical National Infrastructure (CNI) in key regions.

Edward Lewis, CEO of CyXcel, commented on the evolving complexities of cybersecurity regulation. Governments globally are bolstering protections for vital infrastructure and sensitive information through regulations like the EU's Cyber Resilience Act, which requires security measures including automatic updates and incident reporting. Similarly, new UK laws anticipated next year are expected to introduce mandated ransomware reporting and stronger regulatory powers.

Organizations worldwide face digital breaches and attacks, which CyXcel acknowledges also affects them. Strategically, legally, and commercially, CyXcel's DRM platform addresses the problems it's also susceptible to.

CyXcel's clients are often subject to strict cybersecurity regulations, breaches of which could result in fines and damage to reputation. Should CyXcel's own guidance fall short, the firm itself could be accountable for non-compliance and security breaches.

CyXcel emphasizes its shared confrontation with the same digital threats as its clients. The company's promotional materials underline that CyXcel's commitment to managing risk is not merely advisory. It's personal.

(Image Risk  MSK1d by anarchosyn is licensed under CC BY-SA 2.0)