Cyber risks like data breaches, attacks and outages are a top concern for 31% of global business leaders in 2026, with 33% singling out AI specifically, according to Beazley's
But AI can also protect against the threat it poses; 35% of those surveyed are now turning to AI investments to build resilience against emerging cyber threats, and 33% of businesses are increasing their cybersecurity spending.
While cyber risk is a major concern across all global markets, Beazley reports that the majority of businesses overestimate their resilience and ability to recuperate after an attack. Across risks in cyber, disruption, tech obsolescence and Intellectual Property (IP), unpreparedness levels drastically decreased from 2024 to 2025, but rose slightly in 2026, which indicates perceived stronger resilience.
"What stands out in this year's Risk & Resilience survey findings is a growing misalignment between cyber and tech risk concerns and perceived…resilience to these risks," said Alessandro Lezzi, group head of cyber risks at Beazley. "While cyber risk is widely recognized as the No. 1 threat facing businesses globally, 83% of execs in the U.S. believe they could fully recover financially from a cyber attack, demonstrating many organizations are overestimating their preparedness to withstand the full impact of an attack across all corners of their operations."
According to the report, AI investments are a double-edged sword; while 80% of respondents say that AI will boost their bottom line, AI tech also introduces new cyber, IP, reputational, regulatory and operational risks that require careful management. Data risk is no longer a standalone issue either; digital interconnectivity of supply chains increases the risk of a systemic disruption with operational, regulatory and reputational impact.
"That gap matters because cyber risk is becoming more systemic — the high profile incidences in 2025 only prove this. As businesses become more interconnected and adopt technologies such as AI, disruption can spread faster across organizations and supply chains making incidents harder to contain," said Lezzi. "It's encouraging to see, however, that over a third of U.S. businesses plan to invest in stronger cyber security, including access to specialist expertise to help them better understand their exposure, strengthen incident response and plan for realistic disruption scenarios across the organization."
