**Cyber Risks Top CEOs' Worries Amid Weak Short-Term Growth Outlook**
As the world grapples with macroeconomic volatility and geopolitical conflict, a growing concern among top executives is cyber risk. According to PwC's 29th Global CEO Survey, nearly one-third of CEOs (31%) believe their company is highly or extremely exposed to significant financial losses from cyber threats in the year ahead.
This marks a significant increase from previous years, with 24% in 2024 and 21% in 2015. The survey, which gathered responses from 4454 chief executives across 95 countries and territories, reveals that CEOs are increasingly worried about the potential impact of cyber-attacks on their businesses.
The UK is among the countries where CEOs expressed higher levels of concern. While 34% of German CEOs said their company is highly or extremely exposed to cyber risks in the year ahead, only 16% of UK CEOs shared this concern. However, despite lower self-reported exposure, the UK has experienced regular high-profile cyber-attacks, such as those affecting Jaguar Land Rover and Marks & Spencer in 2015.
According to PwC, cyber risk now ranks alongside macroeconomic volatility as one of the top threats identified by CEOs. A staggering eight in ten (84%) said they plan to improve enterprise-wide cybersecurity practices in response to geopolitical risks, highlighting the interconnected nature of the threats they face.
The survey also highlighted concerns surrounding stakeholder trust. PwC noted that it has never been easier to lose trust, with CEOs facing pressure from unpredictable geopolitics, cyber-attacks, and AI's impact on the workforce. The firm found that:
- 38% of respondents received questions about data use and privacy
- 37% cited concerns surrounding AI safety or responsible AI
"Although it's impossible to fully inoculate a company against losses of stakeholder trust, many CEOs could do more to anticipate and proactively address potential areas of vulnerability," PwC said.
The firm emphasized that companies can build and preserve stakeholder trust through deliberate investments in data, processes, and controls. Responsible AI programs, for example, can both build trust and create value by reducing the rate of adverse AI-related incidents and helping companies recover faster if such an event occurs.