Artificial Intelligence and Cybersecurity Balancing Risks and Rewards 2025

Images: Getty Images Disclaimer This document is published by the World Economic Forum as a contribution to a project, insight area or interaction. The findings, interpretations and conclusions expressed herein are a result of a collaborative process facilitated and endorsed by the World Economic Forum but whose results do not necessarily represent the views of the World Economic Forum, nor the entirety of its Members, Partners or other stakeholders. © 2024 World Economic Forum. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, including photocopying and recording, or by any information storage and retrieval system.Contents Reading guide 3 Foreword 4 Executive summary 5 Introduction: The scope 6 1 The context of AI adoption – from experimentation to full business integration 8 2 Emerging cybersecurity practice for AI 10 2.1 Shift left 11 2.2 Shift left and expand right 11 2.3 Shift left, expand right and repeat 11 2.4 Taking an enterprise view 11 3 Actions for senior leadership 12 4 Steps towards effective management of AI cyber risk 14 4.1 Understanding how the organization’s context influences the AI cyber risk 14 4.2 Understanding the rewards 15 4.3 Identifying the potential risks and vulnerabilities 15 4.4 Assessing potential negative impacts to the business 17 4.5 Identifying options for risk mitigation 19 4.6 Balancing residual risk against the potential rewards 21 4.7 Repeat throughout the AI life cycle 21 Conclusion 22 Contributors 23 Endnotes 27 Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards 2