The corporate world is bracing for a new era of technological threats, with artificial intelligence and cybersecurity now dominating risk management priorities across industries. A revealing new survey from Airmic, the UK risk management association, highlights just how dramatically these concerns have reshaped the risk landscape in recent months.
The findings, released during Airmic’s annual conference in Manchester, show that technology risks – particularly those related to AI and cyber threats – have jumped to the top of risk registers for the first time, surpassing traditional business worries like economic volatility and supply chain disruptions.
Having covered technology’s impact on financial markets for nearly two decades, I’ve rarely seen such a rapid shift in risk perception among executives. What makes this particularly noteworthy is how quickly AI has transformed from being viewed primarily as an opportunity to being recognized as a significant threat vector.
“The emergence of generative AI has created a whole new dimension of risk that organizations are still learning to navigate,” notes Julia Graham, CEO of Airmic. Her assessment resonates with what many chief risk officers have shared with me in recent interviews – they’re struggling to develop governance frameworks fast enough to keep pace with AI advancement.
The survey, which gathered insights from over 300 risk management professionals, reveals that 67% of respondents now rank cyber risks among their top three concerns, up from 51% just a year ago. This dramatic increase reflects the evolving sophistication of threat actors and the expanding attack surface created by digital transformation initiatives.
What’s particularly striking about the data is how these technological concerns have leapfrogged economic uncertainties, which dominated risk registers throughout the pandemic and subsequent inflation crisis. According to the Financial Times’ analysis of corporate risk disclosures, mentions of AI-related risks in SEC filings have increased by nearly 300% since 2021.
The Federal Reserve’s most recent Financial Stability Report echoes these concerns, noting that “rapid adoption of artificial intelligence technologies in financial services may introduce new vulnerabilities to the system, particularly through increased interconnectedness and complexity.”
This perspective aligns with what I’ve observed while covering quarterly earnings calls across the technology sector. Nearly every major firm now dedicates significant time to discussing their AI governance frameworks – a topic that barely registered in analyst questions just 18 months ago.
Digging deeper into the Airmic data reveals an interesting paradox: while organizations are increasingly concerned about AI risks, many lack concrete strategies to address them. The survey found that only 38% of respondents believe their organizations have adequate controls in place to manage AI-related risks effectively.
“There’s a knowledge gap that needs urgent addressing,” explains Mark Camillo, head of cyber at AIG Europe. “Many organizations are deploying AI solutions without fully understanding the associated risks or how to mitigate them.”
This assessment squares with research from the International Association of Privacy Professionals, which found that fewer than half of organizations using AI have conducted comprehensive risk assessments on their implementations.
Beyond the headline findings, the Airmic survey reveals other notable trends reshaping the risk landscape. Climate change risks have continued their steady climb up priority lists, now ranking fourth overall. Meanwhile, geopolitical tensions remain a significant concern, particularly related to supply chain resilience and data sovereignty issues.
What makes the current risk environment particularly challenging is the interconnected nature of these threats. A sophisticated cyber attack, potentially leveraging AI capabilities, could simultaneously trigger business interruption, reputational damage, regulatory scrutiny, and financial losses.
Having witnessed several major cyber incidents while covering the financial beat, I’ve seen firsthand how unprepared organizations can be devastated by such cascading impacts. The 2017 NotPetya attack on Maersk, which caused over $300 million in damages, offers a sobering case study in how quickly technological risks can materialize into financial calamity.
The survey also highlights significant shifts in how organizations are structuring their risk management functions. Nearly 60% report having expanded their risk teams over the past year, with particular emphasis on technological expertise. This represents a notable departure from the post-2008 focus on financial risk management capabilities.
“We’re seeing the emergence of specialized roles like AI Ethics Officers and algorithmic risk managers,” notes Claire Combes, Chair of Airmic. “These positions simply didn’t exist five years ago.”
For investors and market analysts, these evolving risk priorities offer valuable insights into potential vulnerabilities across sectors. Companies demonstrating sophisticated approaches to managing technological risks may enjoy premium valuations, while those lagging could face increasing scrutiny from both regulators and shareholders.
As someone who’s tracked market responses to risk events over many years, I’ve observed that investors are becoming increasingly sophisticated in their assessment of non-financial risks. The days when cybersecurity incidents were dismissed as temporary setbacks are long gone; today, they can permanently reshape market perceptions.
Looking ahead, the risk landscape will likely continue evolving at an accelerated pace. The convergence of quantum computing, 5G networks, and increasingly sophisticated AI systems will create both new opportunities and novel risks that today’s frameworks may struggle to address.
For business leaders, the message is clear: technological risks, particularly those related to AI and cybersecurity, now demand boardroom attention and strategic investment. The organizations that thrive will be those that balance innovation with robust risk management – a challenging but essential equilibrium in today’s rapidly changing business environment.
