As artificial intelligence (AI) emerges as a top concern for UK businesses, many remain alarmingly unprepared to manage the risks it presents, new research reveals.
CyXcel, a global cybersecurity consultancy, has today launched its Digital Risk Management (DRM) platform — a unique tool combining legal, cyber, technical and strategic expertise to help organisations enhance digital resilience and tackle evolving threats.
Recent CyXcel research shows that while 30% of UK organisations list AI among their top three risks, 29% have only just introduced their first AI risk strategy, and 31% lack any AI governance policy.
This leaves many vulnerable to dangers such as data breaches, regulatory fines, reputational damage and operational disruptions.
The study also highlights that 18% of UK and US companies are unprepared for AI data poisoning attacks, which manipulate training data sets for AI and machine learning models, and 16% are ill-equipped to handle deepfake or cloning incidents.
In response, CyXcel’s DRM platform offers comprehensive insight into AI risks and wider digital threats across seven critical categories: AI, Cyber, Geopolitics, Supply Chain, Technology (OT/IT), Regulation, and Corporate Responsibility.
The platform is accessible to businesses of all sizes and sectors worldwide, providing a dashboard that helps risk owners understand, mitigate and manage digital risks while aligning investments with business objectives.
Megha Kumar, Chief Product Officer and Head of Geopolitical Risk at CyXcel, said: “Organisations want to use AI but are worried about risks – especially as many do not have a policy and governance process in place.
"The CyXcel DRM provides clients across all sectors, especially those that have limited technological resources in house, with a robust tool to proactively manage digital risk and harness AI confidently and safely.”
Unlike traditional risk management tools that separate compliance and risk, CyXcel’s DRM integrates these aspects to reduce the burden on organisations.
It also offers tailored remediation services, bridging the gap between executive, legal and technical teams. This includes support for developing AI governance policies and assessing AI systems for security and privacy vulnerabilities.
Edward Lewis, CEO of CyXcel, added: “The cybersecurity regulatory landscape is rapidly evolving and becoming more complex, especially for multinational organisations.
"Governments worldwide are enhancing protections for critical infrastructure and sensitive data through legislation like the EU’s Cyber Resilience Act. New UK laws expected next year will introduce mandatory ransomware reporting and stronger regulatory powers.
"With new standards continually emerging, staying current is essential. CyXcel’s Digital Risk Management solutions are vital to helping organisations navigate and comply with these changes.”
The DRM platform is particularly aimed at sectors mandated to comply with the EU’s NIS2 or DORA regulations, and those designated as Critical National Infrastructure (CNI) in the UK, EU or US.
It supports organisations in safeguarding data, maintaining customer trust, and protecting executives from personal liability.