Cyber Risk Alert: Key Takeaways From AXIS’s CEO vs CISO AI Survey

by

Estimated reading time: 5 minutes

AI adoption races ahead as CEOs push the pedal, but CISOs pump the brakes, warning of cyber risk. The tension is familiar: CISOs continue to face uphill battles aligning boards with swift, emerging threats. AXIS Capital Holdings Limited released new research comparing how CEOs and CISOs in the U.S. and U.K. view AI. The study found a significant difference in their perspectives.

“The findings in this report underscore our new environment, where a technology that promises untold productivity gains is also creating unprecedented risk,” said Vince Tizzio, AXIS President and CEO.

Cyber Risk Drives A CEO-CISO Divide
AXIS Capital logo for Cyber Risk research and cyber liability insurance insights on AI-driven threats

AXIS surveyed 500 leaders in the U.S. and U.K. CEOs often see AI as a way to boost productivity, while CISOs are more concerned about security gaps and increased attacks.

Lori Bailey, Head of Global Cyber and Technology at AXIS, noted, “While it is now commonplace for CEOs to champion AI as a catalyst for innovation and efficiency, CISOs tend to see it as a new frontier of exposure and control.”

A clear optimism gap emerged regarding AI’s defensive impact: CISOs showed less confidence than CEOs. For stronger defenses, the gap was 29.7% to 19.5%. CEOs also reported greater trust in AI decision support: 67.1% expressed confidence in AI tools for security decisions, compared to 58.6% of CISOs.

Confidence in preparedness showed a similar trend. In the study, 60.2% of CEOs said their companies were ahead of others in preparing for AI threats, but only 50.6% of CISOs agreed.

Risk priorities were also different. CISOs saw shadow AI as the biggest risk, with 27.2% choosing it, and focused on unauthorized tools and untracked use. CEOs saw data leakage as the main AI threat at 28.7%, while only 17.2% of CISOs ranked it as the top risk.

See also  Axa XL Steps up to Cyber Insurance Challenge with New Cyber Insurance Endorsement
Watch Our Podcast – Cybersecurity Communication: Kimber Spradlin on Clear Messaging, Logs and Cyber Risk

AI Threats Accelerate Attacker Capability

The report described AI both as a force multiplier for cybercrime and as a source of new internal failure modes.

Respondents said AI-driven attacks are the top new threat, with 29.6% in the U.S. and 20.8% in the U.K. choosing this. The press release listed threats like deepfakes, social engineering, advanced ransomware, model manipulation, data leakage, and shadow AI.

These threats move fast and adapt quickly. They also raise detection difficulty for many teams.

A Transatlantic Trust Gap Shapes Readiness

U.S. leaders reported higher confidence than U.K. leaders. In the U.S., 85% said they felt prepared for AI threats. In the U.K., 44% said they felt prepared.

CEO trust in AI also differed by country. In the U.S., 88.4% of CEOs believed AI would improve security, while only 55% in the U.K. agreed. Personal trust was similar: 82% of U.S. CEOs trusted AI for cyber decisions, compared to 47% in the U.K.

Return-on-investment views also differed. In the U.S., 93.5% of CEOs and 87.5% of CISOs reported AI security ROI. In the U.K., 69.1% of CEOs and 74% of CISOs reported ROI.

Insurance adoption showed another divide. While 94% of U.S. respondents had cyber insurance, only 68.4% of U.K. respondents carried coverage, according to the survey.

Get The Cyber Insurance Upload Delivered
Subscribe to our newsletter!

Budgets Rise While Headcount Expectations Fall

The report highlighted a big change in funding. Nearly 82% of respondents planned to increase their cybersecurity budgets in the next year.

See also  Onda Teams Up with Panorays to Streamline Cyber Insurance Underwriting

The report also noted a staffing trend that may concern boards. According to the survey, 75.2% expected to reduce security staff, linking this to productivity gains from AI tools. This situation raises questions about balancing efficiency with resilience.

Key Takeaways
  • CEOs push AI adoption for speed and advantage, while CISOs slow down for Cyber Risk control and oversight.
  • AI-driven attacks rank as the top emerging cyber threat in both regions (29.6% U.S.; 20.8% U.K.).
  • U.S. leaders report higher AI-threat readiness than U.K. leaders (85% vs. 44%).
  • U.S. CEOs show stronger confidence that AI improves safeguards than U.K. CEOs (88.4% vs. 55%).
  • U.S. CEOs report higher personal trust in AI for cyber decisions than U.K. CEOs (82% vs. 47%).
  • CISOs show less optimism than CEOs that AI strengthens defenses, by 29.7% to 19.5%.
  • CEOs report greater confidence than CISOs in using AI tools for security decisions (67.1% vs. 58.6%).
  • Preparedness confidence also splits, with 60.2% of CEOs claiming stronger readiness than peers vs. 50.6% of CISOs.
  • CISOs rank shadow AI as the top AI risk (27.2%), while CEOs rank data leakage first (28.7%).
  • Security spending rises as 82% plan budget increases, yet 75.2% expect security headcount reductions due to AI productivity gains.
Methodology And Scope

AXIS used a 23-question online survey. It included leaders from the U.S. and the U.K. The U.S. sample included 138 CEOs and 112 CISOs. The U.K. sample included 123 CEOs and 127 CISOs. Respondents came from firms with at least 250 employees. An independent company fielded the study from October 22–29, 2025.

See also  Cyber Insurance Losses Mount, But Industry Poised for Growth – Gallagher Re 2025

Martin Hinton

Martin Hinton is the Executive Editor and Publisher of Cyber Insurance News and Information. With over three decades of journalism experience across six continents, his work encompasses investigative reporting, documentaries, and coverage of cultural, political, and business news. To learn more about his career, click on his name to visit his LinkedIn page.

Leave a Comment

×