Reflecting on past lessons and considering future threats and opportunities, one thing is clear: cybersecurity is more than just a defensive imperative. It is a shared, strategic responsibility that must be embedded across governance, risk, technology and culture – and is critical to the resilience and success of every organisation in today’s digital age.” 

Shannon Sedgwick, Partner, Technology & Consulting

Evolution of AI and cyber risks

Organisations are becoming increasingly ready to adopt AI — and rapidly so. In our 2025 survey, 70% of respondents said they are at least somewhat confident in their organisation’s preparedness to adopt Generative AI (GenAI) platforms. This marks a significant shift from 2018, when fewer than 15% reported any active use of AI solutions.

However, alongside this growing confidence is a sharp awareness of risk. 84% of respondents cite privacy risks, particularly data compromise, as their top concern when it comes to AI adoption.

As GenAI moves from experimentation to enterprise integration, the security, privacy, and governance implications are becoming increasingly complex — and increasingly urgent.

“Organisations must continuously evolve and adapt their security strategy to an increasingly complex environment – especially in the face of AI and its benefits and risks.

This means continuously investing in the fundamentals: timely patching, comprehensive asset and data visibility, rehearsed incident response, supply chain assurance, robust access controls, user awareness training, and reliable backup procedures.

Cyber considerations must be embedded into strategic planning and boardroom dialogue, not just compliance checklists.”

Paul Kallenbach, Partner, Technology, Digital & Data