WEF report: Key insights for safe AI adoption in business

While Big Tech companies continue to refine and develop their AI models, many businesses worldwide are already using generative AI and other AI-based tools to optimize the workflow, mitigate risks, and project future results. However, even with the benefits it may offer, AI still poses risks such as AI hallucinations and data privacy concerns — let alone opportunities for AI-savvy cybercriminals. The latest report from the World Economics Forum (WEF), Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards, aims to provide guidance for business leaders in safely adopting AI technologies. Here are the key takeaways.

The focus of attention

The WEF report focuses on the risks and rewards businesses are likely to encounter with AI implementation. It identifies five characteristics that influence the cyber risks faced by organizations adopting AI. These include:

• Position in the AI supply chain and appetite for innovation. This characteristic defines the role and timing of AI integration in business processes. Early AI implementation can offer companies a head start compared to more conservative competitors, however, it may multiply risk, such as in the form of undiscovered vulnerabilities. In addition, major service providers, such as tech companies, may be inclined to adopt AI models and tools earlier to stay ahead of their competition.

• Level of AI autonomy. This characteristic defines the level of oversight over AI-based tools and models. For example, a fully autonomous AI system may not require human oversight but may pose more cyber risks than a human-operated system.

• Nature of business. This characteristic defines the sector of business in which the company operates. For example, financial companies, such as commercial banks, may be more susceptible to AI cyber threats than construction companies or other businesses.

• Geographical context. This characteristic defines the geographical location of business operations. With nation-state actors constantly working to disrupt the automated systems, steal data, and otherwise cause damage to enemy’s businesses and government institutions, AI-aided cyberattacks are inevitable.

• Threat context. This characteristic defines the types of threat actors and cyberthreats that companies may face. Understanding the threat context may require extensive knowledge of the company's attack surface and system vulnerabilities.

The good, the bad, and the risky

Based on the characteristics described above, the report illustrates the key benefits and vulnerabilities for AI adoption in business operations. These include pros such as:

• Enhanced enterprise productivity.

• New products and services.

• Redefined industries and societies (for example, an improved healthcare system that becomes more efficient and responsive to market changes, such as accelerated drug discovery).

While the pros are substantial, AI implementation in businesses can also cause risks such as:

• Software vulnerabilities.

• Vulnerabilities caused by humans’ lack of expertise with AI models and tools.

• Vulnerabilities in interfaces with other digital systems, (for example, weak links between software, hardware, and operating system).

• Expansion of the attack surface.

The key insights

The WEF report defines six key takeaways for business leaders to consider when adapting AI in the business operations. Proactively understanding and managing cyber risks is a top priority. Therefore, business owners should focus on:

• Cutting through the hype to understand the potential risks and rewards.

• Promoting AI security-by-design and by-default.

• Embedding AI cyber risks into cross-organizational risk management.

• Ensuring adequate investment in essential cybersecurity operations.

• Engaging with national and sector-specific strategies and standards.

• Defining and communicating key parameters within which decision-making on AI adoption and its associated cybersecurity can be conducted.

And it’s not just business leaders — senior risk officers and stakeholders also have the responsibility to ensure that robust cybersecurity management is one of the key priorities in a company's workflow. In addition, the report stresses the importance of safeguarding data, creating response plans, and otherwise ensuring continuity of business operations in case of a cybersecurity failure.

Finally, adequate investment and extensive collaboration between the AI and cybersecurity communities are vital for safer AI adoption in business. According to the report, collaboration can aid in developing and aligning AI security tools and standards, exchanging information about good practices, and establishing clear accountability mechanisms for securing the AI supply chain.

Questions to consider

The WEF report provides the key insights on ensuring safer AI adoption for businesses. However, it also raises important questions business leaders must answer before implementing AI-based technologies.

1. Has the company’s leadership established the risk tolerance limit for AI technologies? Do all risk owners understand it?

2. Are company’s decision makers aware of the AI risks and rewards when implementing the new technology into new products?

3. Does the company have an effective process in place to govern and keep track of the deployment of AI projects within the organization?

4. Do company’s leaders and cybersecurity experts have an understanding of the organization-specific vulnerabilities and cyber risks related to the use or adoption of AI technologies?

5. Do stakeholders know their role and level of involvement in assessing and mitigating the cyber risks from AI adoption?

6. Do business owners have assurance processes in place to ensure that AI deployments are consistent with the organization’s broader organizational policies and legal and regulatory obligations (for example relating to data protection or health and safety)?

The next step

The AI revolution seems to be here. While some businesses are looking into available AI tools and models, others have already implemented tools such as AI assistants, chatbots, and automated analytics systems. However, the impact and the risks of AI are still unclear, suggesting a careful approach to its implementation in business.

The WEF report stresses the importance of thorough research and preparation when dealing with AI. It acknowledges the growing competition and the apparent need for quick adoption of AI tools. However, according to the experts behind the report, it’s collective responsibility, collaboration, and focus on safe implementation that will likely define the true winners of the AI race. And while business leaders are free to follow their instincts, the 2025 WEF report may offer useful advice on how to plan the next course of action.

About the report

The Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards report was released by the WEF in January 2025 as part of its “Industries in the Intelligent Age” white paper series.

It was developed by the AI & Cyber initiative launched in April 2024 by the Centre for Cybersecurity in collaboration with the Global Cyber Security Capacity Centre (GCSCC) at the University of Oxford and the AI Governance Alliance (AIGA). The initiative convened a global multi-stakeholder community of senior executives across the cybersecurity and AI fields who provided insights throughout the development of the research.

Join the waitlist

Be one of the first businesses to hear from nexos.ai. Leave us your email address, and we’ll let you know the newest updates.

By submitting this form, you agree to our Privacy Statement.