Despite widespread acknowledgment of artificial intelligence as a major risk, a significant proportion of UK businesses remain unprepared to combat its associated threats. Nearly 30% of organisations surveyed by CyXcel, a global cybersecurity consultancy, now count artificial intelligence among their top three concerns. Yet, 29% of respondents have only just begun to establish their first risk management strategy, and 31% report having no artificial intelligence governance policy in place at all.
This lack of preparedness exposes businesses to a host of dangers including data breaches, regulatory penalties, reputational damage, and severe operational disruptions. The rapidly evolving nature of artificial intelligence threats compounds the issue. CyXcel’s research found that almost one in five UK and US companies are ill-equipped to handle cyberattacks targeting artificial intelligence and machine learning models, such as data poisoning. Similarly, 16% acknowledge they are unprepared for deepfake or cloning security incidents, indicating a troubling disconnect between recognised risks and proactive protection.
In response to these challenges, CyXcel has introduced its Digital Risk Management (DRM) platform. The new tool aims to support organisations of all sizes and sectors in identifying and managing emerging digital risks, offering guidance on developing effective policies and governance frameworks. Megha Kumar, CyXcel’s chief product officer and geopolitical risk lead, noted the urgency: organisations are eager to leverage artificial intelligence yet lack clear strategies for mitigating threats. The DRM platform intends to fill this gap, especially for companies with limited in-house technical capabilities.
Edward Lewis, CyXcel’s CEO, highlighted the increasingly complex regulatory landscape, particularly for multinational firms. With measures like the EU’s Cyber Resilience Act mandating features such as automated security updates and mandatory incident reporting, and new UK laws expected soon, regulatory compliance is rising in significance. Keeping up with the proliferation of standards and government requirements will be critical as artificial intelligence risks become more prominent across business sectors.
