Artificial Intelligence and Cybersecurity Balancing Risks and Rewards 2025

Foreword Adoption of artificial intelligence (AI) is accelerating across the economy as organizations seek to harness its potential rewards. To support this, the AI Governance Alliance, launched by the World Economic Forum in June 2023, was established to provide guidance on the responsible design, development and deployment of AI systems. Historically, insufficient attention has been given to the potential cybersecurity risks of AI adoption and use. This report highlights the steps that need to be taken to ensure that cybersecurity is fully embedded within the AI adoption life cycle. Amid a business landscape that is increasingly focused on responsible innovation, this report offers a clear executive perspective on managing AI-related cyber risks. It empowers leaders to invest and innovate in AI with confidence, and exploit emerging opportunities for growth. To unlock full potential, it is essential to develop a comprehensive understanding of these cyber risks and related mitigation measures. Throughout the report, we explore a central question: How can organizations reap the benefits of AI adoption while mitigating the associated cybersecurity risks?This report provides a set of actions and guiding questions for business leaders, helping them to ensure that AI initiatives align with overall business goals and stay within the scope of organizations’ risk tolerance. It additionally offers a step-by-step approach to guide senior risk owners across businesses on the effective management of AI cyber risks. This approach includes: assessing the potential vulnerabilities and risks that AI adoption might create for an organization, evaluating the potential negative impacts to the business, identifying the controls required and balancing the residual risk against anticipated benefits. Though focused on AI, the approach can be adapted for secure adoption of other emerging technologies. This report draws on insights from a World Economic Forum initiative, developed in collaboration with the Global Cyber Security Capacity Centre (GCSCC) at the University of Oxford. Through collaborative workshops and interviews with cybersecurity and AI leaders from business, government, academia and civil society, participants explored key drivers of AI-related cyber risks and identified specific capability gaps that need to be addressed to secure AI adoption effectively.Sadie Creese Professor of Cybersecurity; Director and Technical Board Chair, Global Cyber Security Capacity Centre, University of OxfordJeremy Jurgens Managing Director, World Economic Forum Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards January 2025 Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards 4