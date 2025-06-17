nearly a fifth (18%) of UK and US companies surveyed are still not prepared for AI data poisoning

ORIGIN COMMS LTD



CyXcel’s new Digital Risk Management platform uniquely combines legal, cyber, technical, and strategic expertise to manage risks and enhance digital resilience

London, UK – 0500 hours BST, 17 June 2025 – Despite recognising Artificial Intelligence (AI) as a major threat, with nearly a third of UK organisations surveyed (30%) naming it among their top three risks, many remain significantly unprepared to manage AI risk.

Recent research from CyXcel, a global cyber security consultancy, highlights a concerning gap: nearly a third of UK businesses surveyed have only just implemented their first AI risk strategy (29%) - and 31% don’t have any AI governance policy in place.

This critical gap exposes organisations to substantial risks including data breaches, regulatory fines, reputational harm and critical operational disruptions, especially as AI threats continue to grow and rapidly evolve. CyXcel’s research shows that nearly a fifth (18%) of UK and US companies surveyed are still not prepared for AI data poisoning, a type of cyberattack that targets the training datasets of AI and machine learning (ML) models, or for a deepfake or cloning security incident (16%).

Responding decisively to these mounting threats and geopolitical challenges, CyXcel has launched its Digital Risk Management (DRM) Platform, which provides businesses with insight into evolving AI risks across all major sectors, regardless of business size or jurisdiction. The DRM helps organisations identify risk and implement the right policies and governance to mitigate them. Unlike conventional offerings, CyXcel’s DRM uniquely brings together cyber, legal, technical and strategic expertise that has been developed over decades working with companies across numerous sectors, and follows best practices.

Megha Kumar, Chief Product Officer and Head of Geopolitical Risk at CyXcel comments, “Organisations want to use AI but are worried about risks – especially as many do not have a policy and governance process in place. The CyXcel DRM provides clients across all sectors, especially those that have limited technological resources in house, with a robust tool to proactively manage digital risk and harness AI confidently and safely.”

CyXcel’s DRM monitors threats to digital operations and provides deep insights and actionable strategies across seven categories – AI, Cyber, Geopolitics, Supply Chain, Technology (OT/IT), Regulation, and Corporate Responsibility, – all via an online dashboard, aiding users to understand, minimise, transfer and manage digital risk. The DRM also supports businesses in deciding what digital solutions to adopt and how they can achieve and retain peak digital resilience.

The DRM Platform provides businesses with insight from both legal and technical experts allowing individual risk owners to get targeted visibility into risk intensity, key trends and emerging threats. Further, it gives advice as to how risk owners can manage those risks and align their investment in digital operations with their business goals.

Additionally, the DRM provides access to bespoke remediation services and advice bridging the gap between the executive, legal and technical teams. For example, CyXcel can help organisations develop AI governance policies as well as evaluate AI systems for security, privacy and technical vulnerabilities.

Traditional approaches treat risk management and compliance as separate tracks. CyXcel's DRM brings them together, reducing the burden of compliance across all digital risks. And if a regulatory investigation or enforcement action were to arise, companies can rely on CyXcel’s full-spectrum dispute resolution and litigation service – supporting organisations seamlessly from the boardroom to the courtroom if needed.

Especially for organisations that are mandated by strict regulations, the DRM can help clients ensure customer trust on data protection, safeguard executives against personal liability and protect against action by regulators. In particular, the DRM focuses on the 26 sectors that are obligated to comply with the EU’s NIS2 or DORA and are categorised as Critical National Infrastructure (CNI) in the US, UK or EU.

Edward Lewis, CEO, added, “The cybersecurity regulatory landscape is rapidly evolving and becoming more complex, especially for multinational organisations. Governments worldwide are enhancing protections for critical infrastructure and sensitive data through legislation like the EU’s Cyber Resilience Act, which mandates security measures such as automatic updates and incident reporting. Similarly, new laws are likely to arrive in the UK next year which introduce mandatory ransomware reporting and stronger regulatory powers. With new standards and controls continually emerging, staying current is essential. CyXcel’s Digital Risk Management solutions are vital to helping organisations navigate and comply with these changes.”

The DRM is available from 19 June 2025. To find out more, visit https://www.cyxcel.com/drm/.

-ENDS-

About CyXcel

CyXcel enables companies to achieve digital resilience through our comprehensive suite of proactive and reactive services, all backed by a NCSC, ISO and CREST-accredited provider. We enable our clients to understand their digital risks, design and achieve peak resilience, and retain that state even as their external environment changes – especially during a cyber incident. From strategic decision-making in the boardroom to dispute resolution in the courtroom, CyXcel is your only call.

Research Methodology

The research was conducted by Censuswide, among a sample of 400 cybersecurity workers, who have a good understanding of their company’s risk management process (aged 18+) across the UK and US. (200 respondents respectively). The data was collected between 28.05.2025 and 02.06.2025. Censuswide abides by and employs members of the Market Research Society and follows the MRS code of conduct and ESOMAR principles. Censuswide is also a member of the British Polling Council.

For more information, contact Paula Averley, Origin Comms, T. +44 (0)7766 257776 or e. paula@origincomms.com