By Thyaga Vasudevan - Executive Vice President, Product
February 3, 2025 6 Minute Read
DeepSeek, a Chinese artificial intelligence startup founded in 2023, has experienced a meteoric rise in popularity over the past week. Not only did it surpass ChatGPT to become the highest-rated free app on the U.S. App Store, but the AI assistant also had a profound market impact, as major technology stocks experienced significant declines. Nvidia, a leading AI chip manufacturer, saw its shares plummet by nearly 17%, resulting in a loss of approximately $589 billion in market value—the largest single-day loss in Wall Street history.
The innovation around DeepSeek represents an increased democratization of AI, which is good for humanity at large. The AI company’s innovation has led to the offering of an open-source AI model that rivals existing platforms in performance while being more cost-effective and energy-efficient. The app’s user-friendly interface and transparent “thinking out loud” feature have further enhanced its appeal, allowing users to follow the AI’s reasoning process.
The advent of yet another AI chatbot with its own LLM model also poses an important question to companies, especially large enterprises, as they increase their AI investment. How should enterprises evaluate a new AI chatbot for their consumption? What factors go into deciding the benefits and downsides to employees’ consumption of the AI application and corporate adoption? Recent reports and real-world incidents show that certain LLMs—especially open-source variants lacking robust security frameworks—pose significant threats to data security, regulatory compliance, and brand reputation.
In this blog, we explore:
Open-source LLMs like DeepSeek have sparked both excitement and concern. Unlike enterprise-vetted AI solutions, open-source LLMs often lack the robust security controls needed to safeguard sensitive business data as shown in a recent report from Enkrypt AI:
Despite these issues, DeepSeek soared to the top of the Apple App Store, surpassing even ChatGPT by hitting 2.6 million downloads in just 24 hours (on 28th Jan 2025). This explosive adoption highlights a fundamental tension: AI is advancing at breakneck speed, but security oversight often lags behind, leaving enterprises exposed to potential data leaks, compliance violations, and reputational damage.
As we highlighted in our Skyhigh AI Security Blog, businesses must recognize the inherent risks AI introduces, including:
As enterprises evaluate new AI apps or chatbots they should consider if they have the tools to apply the necessary controls to protect their corporate assets. They should ensure that their security stack is positioned not just to apply the controls on AI applications, but also to evaluate and respond to malicious activity and threats that arise from these applications.
Security Services Edge (SSE) solutions such as Skyhigh Security are a key component of enterprise AI security. These tools are already integrated with the enterprise security stack as companies have secured on-prem and cloud traffic. Security teams have already defined governance and data protection policies and these can be easily extended to AI applications. And finally, by covering web, shadow apps, sanctioned apps, and private apps by their flexible deployment modes, SSE solutions can cover the spectrum of AI footprint within the enterprise and provide comprehensive security.
Here are the top controls enterprises are looking to apply on AI apps:
The rapid evolution of AI demands a new security paradigm—one that ensures innovation doesn’t come at the cost of data security. Enterprises looking to leverage LLMs must do so with caution, adopting AI security frameworks that protect against emerging threats.
At Skyhigh Security, we are committed to helping businesses securely embrace AI while safeguarding their most critical assets. To learn more about how to protect your organization from risky AI usage, explore our latest insights in the Skyhigh AI Security Blog.
Thyaga Vasudevan is a high-energy software professional currently serving as the Executive Vice President, Product at Skyhigh Security, where he leads Product Management, Design, Product Marketing and GTM Strategies. With a wealth of experience, he has successfully contributed to building products in both SAAS-based Enterprise Software (Oracle, Hightail – formerly YouSendIt, WebEx, Vitalect) and Consumer Internet (Yahoo! Messenger – Voice and Video). He is dedicated to the process of identifying underlying end-user problems and use cases and takes pride in leading the specification and development of high-tech products and services to address these challenges, including helping organizations navigate the delicate balance between risks and opportunities. Thyaga loves to educate and mentor and has had the privilege to speak at esteemed events such as RSA, Trellix Xpand, MPOWER, AWS Re:invent, Microsoft Ignite, BoxWorks, and Blackhat. He thrives at the intersection of technology and problem-solving, aiming to drive innovation that not only addresses current challenges but also anticipates future needs.
Sarang Warudkar and Hari Prasad Mariswamy March 13, 2025
Sarang Warudkar March 4, 2025
Rodman Ramezanian February 24, 2025
Hari Prasad Mariswamy February 20, 2025
America Garcia February 18, 2025