Blogs

Security for innovation: Mimecast Incydr’s defense against DeepSeek and other Gen AI data risks

Stephen Wellman Executive Editor, WIS & ERP Today
Mimecast Incydr defends ERPs against Gen AI data risks

Key Takeaways

The rapid adoption of generative AI tools like DeepSeek presents substantial productivity benefits but also critical security risks, particularly regarding the protection of intellectual property and sensitive data.

Mimecast’s Incydr platform now includes features to detect and mitigate risks associated with DeepSeek, providing organizations with comprehensive visibility, risk prioritization, and employee microtraining to enhance data security.

Organizations must proactively address the security challenges posed by unsanctioned AI tools to safeguard valuable data, enable safe innovation, and mitigate compliance risks associated with sensitive information handling.

The rapid adoption of generative AI (GenAI) tools has not only unlocked unprecedented productivity gains but has also introduced critical vulnerabilities for organizations safeguarding intellectual property (IP) and sensitive data. As CIOs, CISOs, and ERP end users grapple with balancing innovation and security, the emergence of DeepSeek—a cost-efficient, high-performance GenAI tool from China—demands urgent attention. Mimecast’s latest enhancement to its Incydr platform, designed to detect and mitigate risks tied to DeepSeek, offers a blueprint for securing the GenAI era. 

The DeepSeek Disruption: Why It Matters 

DeepSeek has quickly risen to prominence by offering capabilities rivaling established tools like ChatGPT at a fraction of the operational cost. Its affordability and accessibility, evidenced by top rankings on platforms like Apple’s App Store, make it appealing to employees seeking productivity boosts. However, its unsanctioned use poses significant risks. A 2024 Data Exposure Report reveals that 86% of security leaders fear employees are inadvertently leaking sensitive data—such as product roadmaps or financial details—through GenAI prompts. For instance, an employee refining a product launch email via DeepSeek could expose confidential IP to third-party servers, potentially accessible to competitors. 

For CISOs, DeepSeek’s rapid adoption underscores the need for proactive measures. Unlike sanctioned tools with enterprise-grade data controls, DeepSeek’s protocols for data retention and usage remain opaque, heightening compliance and breach risks. ERP systems, which house mission-critical data, are particularly vulnerable if users upload or paste sensitive information into unsanctioned AI platforms. 

Explore related questions

what is this?

Mimecast Incydr: Precision Protection for GenAI Risks 

Mimecast Incydr’s new DeepSeek detection capability addresses these challenges head-on, integrating with its existing GenAI security framework to deliver: 

  1. Comprehensive visibility and control: Incydr extends its coverage to DeepSeek, joining safeguards for ChatGPT, Google Gemini, and others. By monitoring data flows across web and desktop applications, it identifies high-risk interactions, such as file uploads or copy/paste actions into DeepSeek’s interface. Granular controls enable organizations to block such activities preemptively, reducing exposure without stifling productivity. 
  2. Risk prioritization with PRISM: Incydr’s PRISM system analyzes context—such as data sensitivity, user roles, and file types—to score and prioritize incidents. This allows security teams to focus on critical threats, like an R&D engineer sharing proprietary code via DeepSeek, while minimizing noise from low-risk interactions. 
  3. Microtraining for human-centric security: Recognizing that human error drives most leaks, Incydr deploys real-time nudges to educate employees. For example, if a user attempts to paste ERP-generated financial data into DeepSeek, a microtraining prompt explains policy violations and redirects them to approved tools. This fosters a culture of awareness while correcting risky behaviors. 

In an era where innovation outpaces regulation, the time to act is now. The cost of inaction could be irreplaceable intellectual property—and competitive advantage—lost to the void of unsanctioned AI. 

Why this means for ERP Insiders 

Securing against risks from Gen AI offers strategic advantage. As AI tools like DeepSeek redefine workflows, security leaders must adopt solutions that align with both technological evolution and risk management. Incydr’s capabilities represent a strategic advantage. By prioritizing tools like Incydr, organizations can harness AI’s potential while keeping their most valuable asset—their data—under lock and key. 

Foster innovation with a better security approach. Many senior business leaders still regard security strategies as impediments to building corporate cultures of innovation. This is clearly false. Leaders can enable safe GenAI adoption and foster cultures of innovation by steering users toward vetted tools and giving them the means to secure adoption and proper utilization.  

Mitigate compliance risks while empowering employees. Entering restricted data into GenAI apps risks regulatory penalties tied to cross-border data transfers. Mitigation will help CIOs, CISOs, and senior business leaders protect their ERP’s integrity while ensuring sensitive operational data remains within secure environments. 

YOU MIGHT ALSO LIKE
Netapp
BlogsCloud Platform and Technology
NetApp Sells Spot FinOps Platform to Flexera for $100 Million
Rootstock
Editor's ChoiceAnalytics and AI
Gen AI in manufacturing: Uncovering inefficiencies in processes
Stock image of AI | SAP
BlogsAnalytics and AI
Changing the perception of ERP in the make, move, and sell sectors

Key Topics Discussed

Follow us on LinkedIn for the latest updates