Artificial Intelligence and Cybersecurity Balancing Risks and Rewards 2025

Harm-propagation trees Attacks on AI systems can propagate further harms to businesses. They can also affect the wider ecosystem – for example, through impacts on downstream clients’ processes or on societal processes that affect citizens. Analysing how an initial impact event might lead to further harms can strengthen resilience planning, as a more intricate set of events can be forecasted and planned for. Harm-propagation trees are a tool for achieving this. They are a map of the negative consequences resulting from each event.18 The process of creating a harm tree starts with identifying an initial impact event, and recording any impacts that could potentially result from it. Any further impacts that might result from these new impacts are then recorded in an iterative process. Figure 5 shows an example of the harms a business might experience from an initial business interruption. The full scale of potential harms is broad, including the costs of incident response services such as legal and public relations (PR) services, forensics and breach counselling. It also includes other technical costs, such as for restoration and hosting during the period of compromise. Harm tree example. Initial impact: business interruption FIGURE 5 Cloud hosting for the period of compromiseNotification of regulator Incident response Digital restoration (e.g. recoding of website) Restoration from back upsDigital restoration (e.g. recoding of website)Cost for new infrastructurePrivacy/breach councellingForensicsSoftware consultantsCredit monitoring Lawyer services Notification IndemnityUpdate defenses PR servicesRegulatory fines Business interruption Source: Axon, L. et al. (2019). 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment. Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards 18