Despite recognising AI as a major threat, with 30% of UK organisations surveyed naming it among their top three risks, many remain significantly unprepared to manage AI risks.
Despite this, new research from CyXcel highlights a concerning gap: nearly a third of UK businesses surveyed have only just implemented their first AI risk strategy (29%), and 31% don’t have any AI governance policy in place.
This critical gap exposes organisations to substantial risks, including data breaches, regulatory fines, reputational harm and critical operational disruptions, especially as AI threats continue to grow and rapidly evolve.
CyXcel’s research shows that 18% of UK and US companies surveyed are still not prepared for AI data poisoning, a type of cyberattack that targets the training datasets of AI and machine learning models, as well as for a deepfake or cloning security incident (16%).
Managing AI risks across critical sectors
Responding decisively to these mounting threats and geopolitical challenges, CyXcel has launched its Digital Risk Management (DRM) platform, which provides businesses with insight into evolving AI risks across all major sectors, regardless of business size or jurisdiction.
The DRM platform helps organisations identify risk and implement the right policies and governance to mitigate them. Unlike conventional offerings, it uniquely brings together cyber, legal, technical and strategic expertise that has been developed over decades working with companies across numerous sectors, and follows best practices.
Megha Kumar, Chief Product Officer and Head of Geopolitical Risk at CyXcel commented: “Organisations want to use AI but are worried about risks, especially as many do not have a policy and governance process in place.
“The DRM platform provides clients across all sectors, especially those that have limited technological resources in-house, with a robust tool to proactively manage digital risk and harness AI confidently and safely.”
The DRM monitors threats to digital operations and provides deep insights and actionable strategies across seven categories: AI, Cyber, Geopolitics, Supply Chain, Technology (OT/IT), Regulation, and Corporate Responsibility, – all via an online dashboard, aiding users to understand, minimise, transfer and manage digital risk.
Aligning digital resilience with business operations
Digital risk management platforms offer businesses insights from both legal and technical experts, enabling individual risk owners to gain targeted visibility into risk intensity, key trends, and emerging threats.
Furthermore, they provide guidance on how risk owners can manage AI risks and align their investment in digital operations with their business objectives.
For example, they can help organisations develop AI governance policies and evaluate AI systems for security, privacy, and technical vulnerabilities.
Edward Lewis, CEO of CyXcel, said: “The cybersecurity regulatory landscape is rapidly evolving and becoming more complex, especially for multinational organisations.
“Governments worldwide are enhancing protections for critical infrastructure and sensitive data through legislation, such as the EU’s Cyber Resilience Act, which mandates security measures, including automatic updates and incident reporting.
“Similarly, new laws are likely to be introduced in the UK next year, which will include mandatory ransomware reporting and stronger regulatory powers. With new standards and controls continually emerging, staying current is essential.”
