Austin, Texas, USA, February 4, 2025
Futurum Data Reflects the Cybersecurity Challenges Associated With Generative AI, as on Display in the DeepSeek Case
Futurum’s Cybersecurity Decision Maker IQ data reflects practical security and privacy concerns pertaining to the usage of generative artificial intelligence (AI) applications that have been further amplified by the January 2025 release of DeepSeek. The integration of emerging technologies such as generative AI was tied with AI-driven data protection platforms as respondents’ top spending priorities for AI investments that relate to cybersecurity in the next 12 months (41%). Closely following was appetite to invest in new AI-driven security and data platforms (39% and 36%, respectively).
It is no secret that generative AI is increasingly being evaluated by organizations of all sizes, industries, and regions for competitive advantages ranging from increased productivity, more personalized customer experiences, and enhanced innovation. At the same time, however, Futurum’s conversations with security practitioners and vendors alike, as well as our buy-side research, indicate that data privacy concerns are top of mind.
This is for a good reason. It is possible that malicious actors could obtain access to sensitive data that has been provided to the gen AI application, and there is the potential for insecure sharing of data with SaaS and IaaS providers that may be hosting the gen AI application.
While data security and privacy is an integral part of the conversation, other security concerns also cannot be ignored. For example, cyber attackers could gain access to, and ultimately poison or otherwise maliciously manipulate, the large language models (LLMs) facilitating gen AI capabilities. The potential for maliciously influenced model outputs (e.g., disinformation campaigns by state-sponsored actors) is real.
The meteoric emergence of DeepSeek in January 2025 both contextualizes and amplifies these issues. First, its ties to China, which is widely acknowledged as committing state-sponsored cyber-attacks, exacerbates data privacy and security concerns. DeepSeek has acknowledged that it is storing user data on servers located in China, and what is more, that it is capturing additional information such as IP addresses and keystrokes. This is of particular concern because it is possible that DeepSeek could be used to uncover sensitive information even if it is anonymized. Exacerbating these concerns is the fact that the datasets used to train DeepSeek are extremely vast.
Looking beyond the protection, security, and integrity of the data itself, Futurum notes that, like any LLM, DeepSeek could be a target for adversarial attacks. For example, it could fall subject to malicious prompts, it could be used by adversarial agencies to more efficiently create more effective malware, or it could be used to further perpetuate misinformation or biased information.
Futurum’s Cybersecurity Decision Maker IQ data clearly illustrates that, as organizations are investing in AI, they are prioritizing investments in data protection and new security platforms. This proactive approach is crucial, as the vulnerabilities associated with generative AI, from data exposure and model poisoning to malicious prompt manipulation, necessitate robust safeguards. DeepSeek serves as a stark reminder of the heightened stakes and the need for vigilance.
About Futurum Intelligence for Market Leaders
Futurum Intelligence’s Cybersecurity IQ service provides actionable insight from analysts, reports, and interactive visualization datasets, helping leaders drive their organizations through transformation and business growth. Additional information is available at https://app.futurumgroup.com/.
You can follow news and updates from Futurum on X and LinkedIn using #Futurum. Visit the Newsroom for more information and insights.
Other insights from The Futurum Group:
Cybersecurity 2025: AI-Powered Threats, Quantum Risks, and the Rise of Zero Trust
Cisco AI Defense: Checking the Reckless Charge Toward AI
Commvault Streamlines Active Directory Recovery
Author Information
With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.
Prior to joining The Futurum Group, Krista led the data protection practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.