Lower-Cost AI Model Could Cut Agent Costs But Raise Enterprise Risks
In the rapidly evolving landscape of artificial intelligence and machine learning, significant changes are on the horizon that could have profound implications for enterprises. Microsoft is exploring the integration of the Chinese-developed DeepSeek AI model into its Office suite, including the popular Copilot AI feature within Microsoft 365. This shift aims to address the escalating operational costs associated with U.S.-made models, potentially offering a cost-effective alternative for businesses. However, this decision is not without considerable geopolitical and security challenges.
According to reports by Axios, Microsoft is currently assessing various AI models, including alternatives such as Anthropic’s Opus 4.8, Sonnet 4.6, and OpenAI’s GPT-5.5, which currently serve as the backbone for the Copilot Cowork feature. The company’s spokesperson emphasized that while DeepSeek is among the potential options being considered, no final decision has yet been made regarding the new models to be integrated into their offerings.
Copilot Cowork enables users to delegate multifaceted tasks to AI agents, which can handle complex sequences, keeping track of previous interactions and reasoning. The intricacies involved in operating such agents can lead to high costs, as every token processed adds to the overall expenditure—especially when powerful models like those from OpenAI and Anthropic are involved. Copilot Cowork users can choose between a pay-as-you-go structure or a pre-paid plan, both of which hinge upon the costs affiliated with the models’ APIs.
For context, Claude Opus 4.8 carries a charge of $5 per million input tokens and $25 per million output tokens, whereas DeepSeek presents a more economical solution, pricing at just $0.28 per million output tokens. While this seemingly significant cost reduction could attract many organizations, the model’s origins might introduce challenges. The West has a longstanding skepticism toward technologies originating from China, raising pertinent questions about the security and reliability of such systems.
Acknowledging these challenges, Microsoft indicated that any DeepSeek model it decides to incorporate will be tailored with comprehensive safeguards and will be hosted within its Azure cloud framework to address data-residency issues. Additionally, Microsoft is concurrently developing its own AI model, dubbed Cowork 1, which aims to provide an even cheaper alternative for integration within Copilot Cowork.
DeepSeek and its counterparts from China have come under scrutiny, particularly following an investigation initiated by the House Select Committee on China regarding the adoption of these AI systems by American businesses. Recent findings from Booz Allen Hamilton’s reports pointed to vulnerabilities in code produced by Chinese large language models (LLMs) when tasked by U.S. government personas. These models reportedly faced challenges in delivering unbiased responses, with DeepSeek v4-Pro ranking lowest in evaluations related to vulnerabilities and bias.
Organizations looking to mitigate the risks associated with deploying DeepSeek v4 in Copilot Cowork may consider implementing their own safety precautions. However, this strategy could lead to additional costs which would undermine the original financial benefits of opting for a cheaper AI option like DeepSeek.
Yves-Gabriel Leboeuf, the co-founder and CEO of Deck, noted that the pursuit of cost efficiency may lead to higher expenses if enterprises require extensive retries, validation, or oversight just to ensure the desired output. He suggested a more architectural approach to risk management, advising that organizations should refrain from allowing AI platforms direct access to sensitive systems. Instead, a mediation layer could offer a controlled environment in which the AI could operate without compromising security.
Leboeuf also raised concerns about the auditability of Chinese-origin models, questioning the transparency surrounding their training data and learning processes. According to him, the lack of visibility into how these models are trained is problematic, irrespective of geopolitical tensions. Conversely, he argued that while U.S.-made models are not automatically trustworthy, they are subject to a legal framework that allows for potential recourse.
Academic perspectives, such as those of Jason Corso, a computer science expert at the University of Michigan and co-founder of Voxel51, emphasize that even domestically developed models require rigorous validation to mitigate risks. Corso asserted that the geographical origin of AI models, while important, should not overshadow the necessity for robust internal controls and expertise in bias measurement, crucial for ensuring the reliability of third-party AI systems.
In summary, while Microsoft’s consideration of the DeepSeek AI model presents an opportunity for cost reduction in enterprise operations, it introduces a series of security and ethical dilemmas that organizations must carefully navigate. Balancing cost efficiency with the imperative of risk mitigation will be essential for businesses as they integrate AI technologies into their workflows.