Sign up to save your podcasts
Or
Share Special Breaking AI News - there's too much AI news, can we please stop - ESW #392
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Special Breaking AI News - there's too much AI news, can we please stop - ESW #392
This week, we've added an extra news segment just on AI. Not because we wanted to, but because the news cycle has bludgeoned us into it. My mom is asking about Chinese AI, my neighbor wants to know why his stocks tanked, my clients want to know how to prevent their employees from using DeepSeek, it's a mess.
First, a DeepSeek primer, so we can make sure all Enterprise Security Weekly listeners know what they need to know. Then we get into some other AI news stories.
DeepSeek PrimerI think the most interesting aspect of the DeepSeek announcements is the business/market impact, which isn't really security-related, but could have some impact on security teams. By introducing models that are cheaper to train, sell access to, and less demanding to run on systems, DeepSeek has opened up more market opportunities. That means we'll see generative AI used in markets and ways that didn't make sense before, because it was too expensive.
Another aspect that's really confusing is what DeepSeek is or does. For the most part, when someone says "DeepSeek", they could be referring to:
- the company
- the open source models released by the company
- the SaaS service (https://chat.deepseek.com)
- the mobile app (which is effectively just a front end for #3)
- the API (which is what the mobile app and SaaS service are built on top of)
From a security perspective, there's little to no operational risk around downloading and using the models, though they're likely to get banned, so companies could get in trouble for using them. As for the app, API, or SaaS service, assume everything you type into them is getting collected by China (so, significantly less safe, probably no US companies should do this).
But because these services are crazy cheap right now, I wouldn't be surprised if some suppliers and third parties will start using DeepSeek - if your third party service provider is using DeepSeek behind the scenes with your data, you still have problem #2, so best to ensure they're not doing this through updated contract language and call to confirm that they're not currently doing it (can take a while to get a new contract in place).
Show Notes: https://securityweekly.com/esw-392
View all episodes
By Security Weekly Productions
4.7
33 ratings
This week, we've added an extra news segment just on AI. Not because we wanted to, but because the news cycle has bludgeoned us into it. My mom is asking about Chinese AI, my neighbor wants to know why his stocks tanked, my clients want to know how to prevent their employees from using DeepSeek, it's a mess.
First, a DeepSeek primer, so we can make sure all Enterprise Security Weekly listeners know what they need to know. Then we get into some other AI news stories.
DeepSeek PrimerI think the most interesting aspect of the DeepSeek announcements is the business/market impact, which isn't really security-related, but could have some impact on security teams. By introducing models that are cheaper to train, sell access to, and less demanding to run on systems, DeepSeek has opened up more market opportunities. That means we'll see generative AI used in markets and ways that didn't make sense before, because it was too expensive.
Another aspect that's really confusing is what DeepSeek is or does. For the most part, when someone says "DeepSeek", they could be referring to:
- the company
- the open source models released by the company
- the SaaS service (https://chat.deepseek.com)
- the mobile app (which is effectively just a front end for #3)
- the API (which is what the mobile app and SaaS service are built on top of)
From a security perspective, there's little to no operational risk around downloading and using the models, though they're likely to get banned, so companies could get in trouble for using them. As for the app, API, or SaaS service, assume everything you type into them is getting collected by China (so, significantly less safe, probably no US companies should do this).
But because these services are crazy cheap right now, I wouldn't be surprised if some suppliers and third parties will start using DeepSeek - if your third party service provider is using DeepSeek behind the scenes with your data, you still have problem #2, so best to ensure they're not doing this through updated contract language and call to confirm that they're not currently doing it (can take a while to get a new contract in place).
Show Notes: https://securityweekly.com/esw-392
More shows like Enterprise Security Weekly (Video)
View all
Security Weekly Podcast Network (Video)
36 Listeners
Risky Business
360 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
Grumpy Old Geeks
6,026 Listeners
CyberWire Daily
1,013 Listeners
Security Weekly News (Video)
5 Listeners
Paul's Security Weekly (Audio)
14 Listeners
The Daily
111,174 Listeners
Darknet Diaries
7,843 Listeners
Cybersecurity Today
165 Listeners
CISO Series Podcast
187 Listeners
Defense in Depth
78 Listeners
Paul's Security Weekly (Video)
2 Listeners
Cloud Security Podcast
55 Listeners
Cyber Security Headlines
119 Listeners