Balancing Risk & Reward: A Perfect Dance to the Tune of Changing Times

For 13 years, Protiviti and NC State University’s ERM Initiative have researched the top risks business leaders face globally. This year, the study highlights opportunities as well as risks, encouraging organizations to respond proactively to emerging trends, market shifts and evolving customer expectations. Firms that focus on unlocking opportunity are more likely to innovate, adapt and grow.

Our 14th annual report shares insights from 1,540 board members and C-suite executives worldwide. These findings should encourage effective C-suite and boardroom discussions as leaders seek to create strategic value in these challenging times.

Summary of overall global results

Despite recent uncertainty and global shifts, business leaders are prepared to innovate, form strategic partnerships and plan for long-term growth. The greatest risk now is maintaining the status quo and failing to act.

There is strong optimism for revenue growth, with the ecosystem a strategic priority

Over the next two to three years, nearly seven in 10 board members and executives agree that, considering current conditions, there are significant opportunities to increase revenues. More than six in 10 leaders indicated their organizations plan to expand their strategic alliances and partnerships over the same period. Profitable growth is the name of the game.

AI is both a transformative growth driver and a complex challenge

Nearly one in three leaders are prioritizing its integration, yet AI is considered a top global risk. Rising concerns about IT infrastructure and talent readiness hinder effective deployment, while cybersecurity risks related to AI remain prominent.

Cybersecurity is the top global risk and investment priority

Not only are cyber threats ranked as the top global near-term risk, but third-party risks (which are linked to cyber concerns) rank second. The concern of business leaders regarding the growing sophistication of the cyber threat landscape is reflected in the prioritization of cybersecurity in risk assessments, strategic decisions and significant investment allocations. The coming emergence of quantum computing poses formidable threats to cybersecurity and data protection standards.

Talent challenges are evolving but not disappearing

Talent risks continue to be top of mind among board members and C-suite leaders globally, with issues surrounding workforce upskilling and the availability of skilled labor remaining significant, particularly given the expected impact of AI on job roles and workforce transformation. The rapid adoption of AI is reshaping job roles and the necessary skillsets, creating urgent needs for upskilling and reskilling. That risk has increased significantly year-over-year as executives must navigate the complexities of cultural change, employee morale and a softening labor market amid these technological advancements.

Concerns about the economy and trade-related challenges and their impact on global markets are top 10 near-term risk concerns

Trade-related challenges broke into the top 10 list this year, while uncertainties linked to interest rates and inflation continue to create reasons for pause among respondents. 

Customer experience, cyber and AI are top long-term strategic focus areas

Organizations are prioritizing customer and competition dynamics, security and privacy and AI deployments in their long-term strategies, indicating a shift toward integrated decision-making that encompasses both immediate and future opportunities and risks. 

Governance

The $2 Billion ‘Free-Rider’ Problem: Why AI Scraping is Now a Boardroom Crisis

by Areejit Banerjee

January 6, 2026

If you're building data products today, you may subsidizing your competitor's offerings

Read moreDetails

Pursuing strategic growth opportunities

Growth enables businesses to adapt, remain competitive and respond to changes in markets, technologies and customer needs. Despite the uncertainties in the marketplace, our survey results show that business leaders maintain an optimistic outlook on growth prospects. Furthermore, as accelerators of growth, innovation and transformation initiatives are driving these opportunity pursuits.

Addressing and investing in areas like cybersecurity, AI, data management and third-party oversight reflect a proactive mindset focused on building resilience and unlocking value, and are essential to navigate the current risk landscape. According to our survey, business process improvements, likely driven by technology transformation, and infrastructure modernization are two critical investment priorities for organizations in regard to their near-term strategic and operational risk concerns. This reflects a proactive response to a changing marketplace. As former CEO Jack Welch once said, “If the rate of change on the outside exceeds the rate of change on the inside, the end is near.”

Managing AI’s transformative impact 

AI is seen by many business leaders as critical to unlocking efficiency, personalization, innovations and the ability to scale — all drivers of new revenue streams and expansion. But AI also introduces challenges — data privacy, algorithmic bias, regulatory compliance and workforce disruption among them. Leaders are trying to balance speed of adoption with risk management and accountability.

As evidenced in our survey results, AI implementation now ranks sixth among global near-term concerns for board members and executives. The top five AI-related risks noted by our survey pertain to exposure of the underlying data to cyber attack; integrating AI with the existing technologies, business processes and workforce; equipping the workforce to realize AI’s value proposition; failing to deploy AI at a competitive pace; and lack of governance and accountability for AI deployments. The message is clear: As leaders are under pressure to innovate quickly, they must also ensure AI’s responsible, secure, compliant and ethical use. AI implementation is a balancing act.

Understanding near-term risk concerns 

Our respondents rated the risk environment their organizations will be facing with respect to achieving their performance goals over the next two to three years as slightly higher this year than last year. An examination of the top 10 risk results looking out the next two to three years offers insights as to why the risk environment is slightly elevated. Collectively, these near-term risks represent headwinds to opportunity-seeking initiatives, as six of them were rated higher year-over-year than last year.  

Five of these near-term risks are operational in nature, signaling executive focus on internal resilience and executional reliability. These risks — cyber threats, third-party dependencies, legacy IT infrastructure, emerging IT and AI implementation challenges, and skill acquisition and retention — are deeply interconnected and reflect the pressure organizations face to deliver consistent performance in a digitally disrupted environment.

Three of the top 10 near-term risks reflect macroeconomic concerns — economic conditions, labor availability and global trade policy shifts — that can disrupt strategic momentum. While these risks are somewhat outside the organization’s control, their impact on cost structures, supply chains and market access is profound.

Though fewer in number, strategic risks — emerging technologies requiring workforce transformation and regulatory fragmentation — carry high-impact potential. These risks challenge the organization’s ability to pivot, innovate and comply in a fast-changing world.

Anticipating long-term risks 

We asked participants to identify and rank the top three risk themes that they believe their organizations are likely to consider most when evaluating their strategies and making investments over the next 10 years. We formulated 12 broad themes encompassing the 28 specific risk areas we examined over the near term and certain other considerations to simplify the survey participants’ long-term risk assessment.

According to the survey, the main long-term concerns for organizations are customers and competition, security and privacy and AI deployments, reflecting a clear emphasis on maintaining competitive relevance and stakeholder trust in a rapidly evolving digital landscape. These three themes were followed by long-term concerns with respect to markets and economies and talent challenges, suggesting that executives recognize that successful AI integration depends not only on technical infrastructure but also on having the right talent to guide and govern these tools and assimilate them into the business.

Identifying strategic investment priorities 

We asked our survey participants to rank the top three strategic priorities in which their organizations are likely to invest the most related to certain of the aforementioned strategic and operational risk issues over the next two to three years. Their top five investment priorities were cybersecurity, business process improvements, infrastructure modernization, data privacy and the customer experience.

These investment priorities integrate value creation with risk management, with a focus on cybersecurity, third-party reliance, legacy IT issues and data privacy. Modernizing infrastructure and improving business processes not only address risks but also support growth. Investing in these areas sharpens long-term value by encouraging a holistic understanding of the organization’s objectives, opportunities, markets, ecosystem and risks. As strategy-setting is an evergreen process, organizations should identify emerging opportunities and risks continuously, align resource allocation accordingly and sustain flexible strategies that facilitate adapting to inevitable change.

Final takeaways

This year’s survey of 1,540 global leaders indicates optimism for growth despite economic, workforce and technological obstacles. The report highlights the importance of balancing strategic growth with resilience by integrating agility, foresight and collaboration. We hope that this research will catalyze strategic conversations in the C-suite and boardroom and support leaders in building organizations that thrive amid uncertainty and inevitable change.