At Davos this year, the conversation about artificial intelligence and cybersecurity finally moved out of the server room and into the boardroom. The shift was clear at the AXIS Capital breakfast and panel on AI and Cyber Risk, hosted by Vince Tizzio, President and CEO of AXIS, with Dan Costa, Chief Content Officer and Editor-in-Chief of Worth Media. What followed was less a technical briefing and more a leadership discussion, grounded in the reality that AI is accelerating opportunity and expanding exposure.
The roundtable brought together a diverse mix of operators and decision-makers from across the global economy. The conversation included senior leaders from companies such as FedEx, Aon, UBS, 1-800-FLOWERS.COM, KPMG, Stripe, Guggenheim Partners, and Geneva Association, along with founders, investors, and risk specialists. The range of perspectives reinforced a central point: AI-driven cyber risk is no longer a sector-specific issue. It cuts across industries, geographies, and operating models, forcing leaders in every domain to rethink resilience as a shared strategic challenge.
From the outset, Tizzio framed AI not as a distant risk, but as an active force reshaping how businesses operate today. “AI is propelling us toward a new risk landscape,” he said. “Threat actors are leveraging AI to make attacks more sophisticated, faster, and harder to detect.” At the same time, he noted, companies are deploying the same technologies to strengthen defenses and improve decision-making.
That duality, AI as both shield and weapon, was central to the discussion. According to new research released by AXIS at Davos, 94% of respondents believe AI will be the most significant driver of change in cybersecurity this year, while 64% are now using AI tools, up sharply from the year before. The implication is clear: adoption is accelerating, but so is complexity.
For leadership teams, Tizzio argued, that creates a new mandate. “Boards and CEOs need to think about resilience as a strategic priority, not just a technical one,” he said. In this view, cyber risk is no longer something to delegate. It is inseparable from growth strategy, operational continuity, and enterprise value.
One of the most revealing findings from the AXIS research was not about technology, but perspective. CEOs and CISOs, Tizzio explained, often view the same tools differently. “CEOs tend to view AI as a driver of productivity and competitive advantage, whereas CISOs tend to see AI as a source of increased exposure,” he said. The gap is less about disagreement than vantage point: growth on one side, risk mitigation on the other.
That alignment becomes even more critical as organizations rethink how they allocate resources. Headlines often focus on AI-driven headcount reduction, but the reality, according to the data, is more nuanced. “Seventy-five percent of CEOs and CISOs say they are likely to reduce cybersecurity headcount because of greater productivity resulting from investment in AI cybersecurity tools,” Tizzio said. At the same time, 82% plan to increase their cybersecurity budgets over the next year.
The story is not cost-cutting; it is rebalancing. Leaders see AI enabling them to do more with less, while reinvesting savings into stronger defenses for a more complex threat environment.
Cyber insurance emerged as a critical part of that resilience strategy. “CISOs consider cyber insurance an important part of their broader cybersecurity toolkit,” Tizzio said, noting that insurance sits alongside controls, training, and tested incident response plans. Adoption varies by region—94% of U.S. respondents carry cyber insurance, compared with 68 percent in the U.K.—but the direction of travel is consistent.
As risks evolve, insurance itself is changing.
“Those insurance policies will be highly customized,” Tizzio said. “Think of this as a custom suit versus an off-the-rack solution.”
Underwriting standards are rising, he added, and insurers increasingly expect robust cyber hygiene before assuming risk. At AXIS, that has meant taking a more proactive role in education and preparedness through dedicated risk advisory capabilities.
The research also surfaced a notable transatlantic divide. U.S. leaders expressed far greater confidence in their preparedness for AI-related cyber threats than their U.K. counterparts. Tizzio attributed that gap to differences in regulation, innovation ecosystems, and cultural attitudes toward risk. “U.S. companies are generally more optimistic and risk-tolerant toward technological advancements,” he said, while the U.K. has placed greater emphasis on governance and oversight.
As the discussion moved to the roundtable, one theme repeatedly emerged: speed. AI is compressing timelines, multiplying attack surfaces, and raising the stakes for decision-makers.
“The research illustrates the increasing speed and complexity of risk,” Tizzio said in closing, “and the rising need for a well-rounded resilience strategy.”
Taken together, the message from the AXIS session was clear. AI is not simply adding another category of cyber threat. It is compressing timelines, blurring boundaries between risk domains, and raising the stakes for leadership teams. In this environment, resilience is no longer a technical aspiration. It is a strategic discipline that demands coordination, judgment, and sustained attention at the highest levels of the organization.
What struck him most in Davos, however, was not a single technology trend but the growing interconnectedness of risk. “There’s an interconnectedness between risk—the risk landscape,” he said. “If you think about climate, if you think about social policy, if you think about the company’s ability to protect themselves from cyber events, and then ultimately, the increasing liability on directors and officers—that’s been reinforced for me while here in Davos.”
