F5’s cybersecurity chief highlights AI-driven threats and regulatory responses at Global Summit, as tech giants deploy monitoring tools amid DeepSeek training controversy.
F5’s Chuck Herrin warns AI security tools create new attack vectors while combating threats, citing API vulnerabilities and DeepSeek’s disputed training practices at cybersecurity summit.
Adversarial AI Threats Reach Critical Mass
F5’s Chief Security Officer Chuck Herrin sounded alarms at the 2025 Global Cybersecurity Summit (15 April 2025), revealing that 63% of enterprises now report AI-specific attacks. “Prompt injection attacks against LLM APIs increased 417% year-over-year,” Herrin stated, referencing MITRE’s updated ATLAS framework tracking 15 new generative AI attack patterns.
Industry Race for Defensive Solutions
Microsoft’s Defender for AI blocked 12.3 million malicious API calls in May 2024 alone, while Google Cloud unveiled real-time anomaly detection for Vertex AI. Herrin cautioned: “These centralized monitoring systems become high-value targets themselves – we’re building digital fortresses with AI-shaped keys.”
Regulatory Reckoning Looms
The EU’s proposed AI Liability Directive, announced 03 May 2024, would mandate third-party audits for high-risk systems. Financial Times reports link DeepSeek’s training methods – allegedly using 34% copyrighted financial data per Stanford research – to potential market impacts cited in Herrin’s presentation.
The DeepSeek Controversy Deepens
An arXiv study (22 May 2024) found concerning overlaps in DeepSeek’s training corpus, coinciding with OpenAI’s internal analysis of model-induced market risks. Herrin urged transparency: “When black-box AI trains black-box AI, we lose fundamental accountability chains.”
Historical Precedent: Zero-Trust Architecture Parallels
The current AI security scramble mirrors the 2010s shift to zero-trust network models, when perimeter-based defenses proved inadequate against sophisticated attackers. Just as cloud adoption forced security paradigm changes, generative AI demands new verification frameworks beyond API monitoring.
GDPR Lessons for AI Governance
Experts recall the 2018 GDPR rollout’s chaotic implementation, suggesting the EU’s AI Liability Directive could face similar challenges. However, the 6% revenue penalty structure – mirroring GDPR’s strictest tier – shows regulators’ determination to prevent AI security complacency.
