In the past few weeks we have seen a supposed rush to new systems coming out of China. First there was the imminent ban of TikTok that lead many to install RedNote (Xiaohongshu) as an alternative. This shift happened over the course of a few days — then the TikTok ban was averted and we stopped talking about RedNote. More recently, Chinese artificial intelligence company DeepSeek released their R1 large language model (LLM) which appears to be as effective as models from the largest AI companies at a fraction of the cost. Once again a flurry of social media hype lead many people to download R1 and start experimenting.

The frightening part of this trend isn’t that the products are from a foreign country with radically different legal and political environments, but that individuals and companies are installing and using these products without any consideration or involvement from IT or cybersecurity teams. Your IT team needs time to understand how the technology works so it can be efficiently supported and relied upon for the long term. Your cybersecurity team needs time to understand how the technology will be used and how it could be compromised so risks are understood and appropriately mitigated. Your business teams believes the new technology provides necessary competitive advantages and must be adopted faster than the competition to recognize the value.

These priorities have always been in tension, and there has always been a tolerable amount of “shadow IT” in organizations where low risk experimentation is tolerated. With the advent of cloud computing, users’ growing comfort with technology and vendors’ incessant and inflated marketing what was once marginal shadow IT is now front and center business strategy. Users want the value from their systems without the headaches of management so we created IT departments. Now the business expects speed to value from their new systems, and IT processes are struggling to keep up.

https://www.infosecurity-magazine.com/news/deepseek-global-privacy-debate