EMEA (Europe, the Middle East and Africa) businesses believe they are unprepared for artificial intelligence (AI)-powered cyber threats, a recent Aon poll revealed, highlighting the opportunity to strengthen AI-era cyber resilience.
Polling during Aon’s 2025 Cyber Webinar gathered insights from 75 organisations from across EMEA regarding the adaptation to the rapid rise of AI.
The findings show a significant and increasing disparity: the pace at which AI is being adopted is outpacing the development and maturity of the risk management frameworks required for its effective governance.
The results highlighted that “while organisations are rapidly adopting generative and automated AI tools to drive efficiency, their risk management and governance functions are still playing catch-up with increased exposure to expanded technology,” leaving them vulnerable to sophisticated cyber criminals.
According to the poll, only 27.1% of respondents said their organisations are “prepared” for emerging AI-linked digital exposures, while 65.4% felt “somewhat prepared” and 7.4% said they are “not prepared” at all.
A low 18.5% of organisations said they have updated their risk assessments to include AI-related exposures, while 28.3% had not undertaken any recent risk quantification. A further 51.8% had measured general cyber exposure but without an explicit focus on AI.
Just 32.1% of businesses expressed confidence in their ability to manage AI-related cyber threats, while 50.6% reported being only “somewhat confident,” and 4.8% said they are “not confident”.
The report notes that many businesses “are not yet incorporating AI-specific exposures into their broader cyber-risk and enterprise-risk assessments, which directly contributes to low confidence levels in responding to AI-related incidents.”
Brent Rieth, global cyber leader for Aon, stated: “Our poll indicated that although organisations across EMEA recognise the importance of AI and cybersecurity, many remain in the early stages of readiness when tackling its implications – and this gap could become hazardous to businesses.
“They need to strengthen AI-specific threat modelling, integrate emerging exposures into formal risk discussions and upskill teams to enhance detection and response. Their risk strategies need to continue to evolve as technology accelerates.”
David Molony, head of cyber solutions EMEA for Aon, said: “We know that AI is transforming operations and unlocking new efficiencies, but it’s also advancing the sophistication of cyber criminals.
“Businesses must act quickly to embed AI technology-specific controls and modelling or risk leaving critical technology assets vulnerable and exposed. Organisations that proactively strengthen AI risk management capabilities will be better positioned to protect their people, operations and reputation.”
