Back to Blog
News

What a new global AI safety report means for enterprise

adminDatabase Expert
February 24, 2026
4 min read
#Trust and transparency#Artificial Intelligence#Security
What a new global AI safety report means for enterprise
What a new global AI safety report means for enterprise - Image 2
What a new global AI safety report means for enterprise - Image 3

The most pressing risks from artificial intelligence may come not from the models themselves, but from the complex systems companies build around them, according to the2026 International AI Safety Report. IBM researchers and those who contributed to the report say that conclusion should reshape how enterprises approachAI governance.The report, chaired by Turing Award winner Yoshua Bengio and produced by more than 100 experts from over 30 countries with backing from the OECD, the EU and the United Nations, marks a shift in how the global research community evaluates AI risk. Last year’s edition concentrated on model behavior, includinghallucinations,biasandbenchmark failures. This year’s zeroes in on what happens after deployment, such as when AI systems trigger business processes, access sensitive data, make autonomous decisions and interact with other systems in ways their operators may not fully understand.Kush Varshney, an IBM researcher who served as a reviewer on the report, said one finding in particular should get the attention of enterprises. The report describes what it calls “jagged” capability growth—a pattern in which AI systems make sudden leaps in some domains while remaining unreliable or brittle in others.“The report talks a lot about ‘jagged’ capability growth,” Varshney toldIBM Thinkin an interview. “I think this highlights why enterprises should consider the paradigm ofgenerative computing, where individual AI calls are grounded through modular verification. Taking that approach can make the overall system reliable and consistent.”The jaggedness he describes is well documented. LeadingAI systems can now solveInternational Mathematical Olympiad problems andreliably completecoding tasks that would have taken a human programmer hours in the past. Yet those same systemsstumbleat counting objects in an image, reasoning about physical space and recovering from basic errors during longer workflows.

Francesca Rossi, IBM Global Leader for Responsible AI and AI Governance, said the shift from model-level to system-level thinking stands out to her as the report’s most significant development.“AI safety is no longer mainly a model issue, but rather a system and deployment issue,” Rossi toldIBM Thinkin an interview. “AI systems aren’t just generating text now. They are influencing decisions, triggering processes, accessing data and interacting with other systems. That means safety must draw from disciplines like cybersecurity, risk management and safety engineering, not just model evaluation.”The scale of adoption underscores the stakes. According to the report, AI is one of the fastest-adopted consumer technologies in history.Agentic AIsystems, which can plan, pursue goals and interact with external tools autonomously, pose heightened risks because they act without waiting for human approval at each stage.Rossi said failures now tend to happen between components rather than inside any single model. “Governance has to extend beyond the model lifecycle into system design and management,” she said. “A nominal‘human-in-the-loop’ approachis not enough. If humans are overloaded or lack the right information, oversight becomes symbolic.”Compounding the problem, pre-deployment safety testing itself has become less reliable, according to the report. Varshney said the field needs to respond. “We need to shift from static evaluation and alignment to dynamic steerability,” he said. “We should also focus less on universal definitions of harmfulness and more on context-specific, scoped notions of harm that respect sovereignty and the diverse needs of users around the world.”

AI is lowering the barrier to sophisticated hacking. AI systems can discover software vulnerabilities and write malicious code. Criminal groups and state-associated attackers are actively using general-purpose AI in their operations, according to the report.Dawn Song, a Professor of Computer Science at UC Berkeley who contributed to the report, sees 2025 as a turning point. “Year 2025 marked a step change in frontier AI capabilities in cybersecurity,” Song toldIBM Thinkin an interview.Through research efforts including CyberGym and BountyBench, Song’s team  at Berkeley has demonstrated that AI can find zero-day vulnerabilities in large-scale, widely distributed open-source software. The researchers launched theFrontier AI Cybersecurity Observatoryfor continuous monitoring and recently publisheda paperthat promotes using AI for automatic theorem proving and verifiable code generation with provable guarantees. “Looking ahead, we foresee both expanding defensive potential and rising AI-powered threats, making robust, responsible security research more critical than ever,” she said.

Comments (0)