Sign up to save your podcasts
Or
Share Special Breaking AI News - there's too much AI news, can we please stop - ESW #392
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Special Breaking AI News - there's too much AI news, can we please stop - ESW #392
This week, we've added an extra news segment just on AI. Not because we wanted to, but because the news cycle has bludgeoned us into it. My mom is asking about Chinese AI, my neighbor wants to know why his stocks tanked, my clients want to know how to prevent their employees from using DeepSeek, it's a mess.
First, a DeepSeek primer, so we can make sure all Enterprise Security Weekly listeners know what they need to know. Then we get into some other AI news stories.
DeepSeek PrimerI think the most interesting aspect of the DeepSeek announcements is the business/market impact, which isn't really security-related, but could have some impact on security teams. By introducing models that are cheaper to train, sell access to, and less demanding to run on systems, DeepSeek has opened up more market opportunities. That means we'll see generative AI used in markets and ways that didn't make sense before, because it was too expensive.
Another aspect that's really confusing is what DeepSeek is or does. For the most part, when someone says "DeepSeek", they could be referring to:
- the company
- the open source models released by the company
- the SaaS service (https://chat.deepseek.com)
- the mobile app (which is effectively just a front end for #3)
- the API (which is what the mobile app and SaaS service are built on top of)
From a security perspective, there's little to no operational risk around downloading and using the models, though they're likely to get banned, so companies could get in trouble for using them. As for the app, API, or SaaS service, assume everything you type into them is getting collected by China (so, significantly less safe, probably no US companies should do this).
But because these services are crazy cheap right now, I wouldn't be surprised if some suppliers and third parties will start using DeepSeek - if your third party service provider is using DeepSeek behind the scenes with your data, you still have problem #2, so best to ensure they're not doing this through updated contract language and call to confirm that they're not currently doing it (can take a while to get a new contract in place).
Show Notes: https://securityweekly.com/esw-392
View all episodes
By Security Weekly
4.7
3535 ratings
This week, we've added an extra news segment just on AI. Not because we wanted to, but because the news cycle has bludgeoned us into it. My mom is asking about Chinese AI, my neighbor wants to know why his stocks tanked, my clients want to know how to prevent their employees from using DeepSeek, it's a mess.
First, a DeepSeek primer, so we can make sure all Enterprise Security Weekly listeners know what they need to know. Then we get into some other AI news stories.
DeepSeek PrimerI think the most interesting aspect of the DeepSeek announcements is the business/market impact, which isn't really security-related, but could have some impact on security teams. By introducing models that are cheaper to train, sell access to, and less demanding to run on systems, DeepSeek has opened up more market opportunities. That means we'll see generative AI used in markets and ways that didn't make sense before, because it was too expensive.
Another aspect that's really confusing is what DeepSeek is or does. For the most part, when someone says "DeepSeek", they could be referring to:
- the company
- the open source models released by the company
- the SaaS service (https://chat.deepseek.com)
- the mobile app (which is effectively just a front end for #3)
- the API (which is what the mobile app and SaaS service are built on top of)
From a security perspective, there's little to no operational risk around downloading and using the models, though they're likely to get banned, so companies could get in trouble for using them. As for the app, API, or SaaS service, assume everything you type into them is getting collected by China (so, significantly less safe, probably no US companies should do this).
But because these services are crazy cheap right now, I wouldn't be surprised if some suppliers and third parties will start using DeepSeek - if your third party service provider is using DeepSeek behind the scenes with your data, you still have problem #2, so best to ensure they're not doing this through updated contract language and call to confirm that they're not currently doing it (can take a while to get a new contract in place).
Show Notes: https://securityweekly.com/esw-392
More shows like Security Weekly Podcast Network (Video)
View all
Security Now (Audio)
1,960 Listeners
MacBreak Weekly (Audio)
2,014 Listeners
Risky Business
363 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
634 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
370 Listeners
CyberWire Daily
1,010 Listeners
Smashing Security
313 Listeners
Click Here
388 Listeners
Darknet Diaries
7,833 Listeners
Techmeme Ride Home
945 Listeners
Cybersecurity Today
142 Listeners
CISO Series Podcast
182 Listeners
Practical AI
195 Listeners
Cyber Security Headlines
120 Listeners
Risky Bulletin
33 Listeners