Let me get this straight. You surveyed executives about whether they understood something, and 56% said yes.
Shocking. Next, you'll tell me 73% of men think they're above-average drivers.
EY asked C-suite executives to self-rate their AI expertise. The same executives who just discovered ChatGPT can write their emails now believe they're qualified to assess existential risk.
It gets better. Somehow, 55% of executives "understand the risks", without knowing what level of AI literacy they have. Sure they do get the risks. They also understood crypto. And the metaverse. And whatever McKinsey told them to understand last quarter.
If you participated in the EY survey and are reading this, please finish it so you can proudly tell me you are the outlier. That you are the leader who actually understands AI risks. And you aren’t one who is in the Dunning-Kruger Amplification Effect.
Some good news.
Your competitors are equally clueless. Finish this article, and you'll understand what 90% of them don't. Not because you're special. Because the bar is that low.
Even better news?
You don’t need to be tech-savvy (nor business-savvy) to read this. This is intended for anyone and everyone who interacts with AI.
MIT’s AI Risk Repository
Most AI policies die as PDFs. Not this one.
MIT’s risk repository map behaves like a radar. It changes when the world does. You don’t need to become a security guru to use it; you need a moving map for the moments that actually cost you, when you thought of trying a new AI tool, a vendor is on the phone, or a magical demo video from your CEO is bouncing around Slack.
Honestly… you and I both toss “AI risk” links into the Read-Later pit at some point.
I did that with MIT’s repository when it launched in August 2024.
Then I looked again and realized it isn’t a report at all, it’s alive. It kept growing through 2025 and now catalogs 1,612 concrete failure modes across 65 frameworks, with great thoughts put into this work, methodically built, and it is easy to use. The kind you can point to when someone says “that won’t happen to us” five minutes before it does.
Here’s why that matters in the next quarter, not in some sci-fi timeline. Most teams make AI calls off launch blogs and demo videos. That’s how you end up approving a feature that looks slick in the sandbox and bleeds in the wild. Rollback headaches, apology posts, heavy fines, and public shaming.
The repository flips that. Instead of arguing hypotheticals, you can check what already broke by researchers, how it showed up, and then it’s up to you to deal with the risk that exists.
The repository flips that. Instead of arguing hypotheticals, you can check what has already been observed in literature, how it showed up, and then it’s up to you to deal with the risk that exists.
Even if it isn’t complete, it is far more complete than what most executives or teams are using. It gives you a common language to classify and reason about the risks.
I spent the week in the guts of it, so you don’t have to. We’ll talk through it like adults who ship features, services, or even content and art, responsibly.
You’ll find:
who or what caused the harm,
whether it was intentional or accidental, and
when it shows up, before release or after deployment.
Also I’ll walk you through how to use this MIT’s live repository so you can pick the one domain that could sink you, shortlist five risks that would be seen and costly, and find the convincing story to get attention from your team/ board/ client.
Shall we?
2025 AI Failures
Forget the Terminator.
The AI failures hitting the headlines today are both tragically stupid and insidiously clever. AI systems are making dumb, biased mistakes on their own, and malicious actors are using those same systems to cause intentional harm. Here are two stories from this year that show why you need to learn using this AI Risk Repository.
AI Failure Case #1: Healthcare deterioration models that didn’t “see” it coming
Hospitals love prediction dashboards, but a 2025 study stress-tested common mortality-prediction models and found they missed 66% of severe, doctor-guided test cases that simulate real deterioration. Not hallucinations, just blind spots. The authors’ point is simple:
we find that statistical machine-learning models trained solely from patient data are grossly insufficient and have many dangerous blind spots.
That’s squarely in “AI’s limitations,” and exactly the kind of failure mode the MIT map keeps you honest about.
AI Failure Case #2: Anthropic report AI-scaled extortion (“vibe hacking”)
On the other side of the line: outright abuse. Anthropic’s Aug 27, 2025 threat report details a crew that used Claude Code to automate reconnaissance, steal creds, pick targets, and even set ransom numbers after analyzing victims’ financials. This isn’t “AI wrote a phishing email”; it’s end-to-end ops, including psychologically tuned extortion notes and asks topping $500k.
Or that North Korean operatives had been using Claude to secure and maintain remote jobs at US Fortune 500 companies as employment scams.
Exactly the kind of intentional misuse pattern the repository helps you, at least, by knowing the risks exist. And so much more…
All The Confusing AI Risk Frameworks Out There
If you’ve ever tried to get a straight answer on AI risk, you’ve probably walked away more confused than when you started.
The MIT researchers counted at least 65 different frameworks for managing AI risk.
This happens when every vendor wants their own definition. Every consultancy needs its proprietary framework. Every regulator creates their own taxonomy.
All these make accountability a dream.
Think aviation. When a plane crashes, we know exactly (when the black box is found) what went wrong. Not because planes are simple, but because the industry uses standardized language and the machine (in this case, the system is well understood and determined). A "controlled flight into terrain" means the same thing in Seattle and Singapore.
AI has no such standard. When your AI "hallucinates," what does that mean? When it shows "bias," which kind? When it has a "safety issue," safety for whom? Not to mention you can’t get AI to repeat its own mistake, so there’s no such thing as troubleshooting.
MIT's taxonomy isn't perfect. But it's shared.
And shared beats perfectly when you're trying to fix actual problems.
Truth #1: The problem is that when everyone is speaking a different language, no one can be held accountable. Imagine trying to build a house with 65 different sets of blueprints, each using its own measurements. One calls for “meters,” another for “feet,” and a third for a unit of measurement it just invented called “blorgs.” You’d never get past the foundation.
Truth #2: The risks everyone talks about aren't the ones that happen. Human-computer interaction (49%) and Misinformation (46%) were less frequently discussed. Meanwhile, these are the risks causing daily problems. Your AI is telling customers wrong information. Employees’ over-reliance on AI outputs. The mundane stuff that compounds into crises.
Truth #3: We're blind to multi-agent problems. Only 5% of frameworks even mention multi-agent risks. But what happens when your AI talks to your vendor's AI talks to your customer's AI? These cascade failures are already happening. Nobody's tracking them.
Truth #4: Timing is everything, and we're getting it backwards. Pre-deployment risks: 13% of problems. Post-deployment risks: 62% of problems. It's like installing smoke detectors in the factory while the house burns down.
Note.
The percentages in the repository reflect where research attention has gone, not the impact of those risks on your business. This is what other reporters failed to mention when they reviewed this repository.
You see a lot on certain topics because they are easier to study, not because they are the biggest threats. Focus on what matters to your context, not what is most published.
A Living AI Risk Sheet
The MIT researchers decided to cut through this by creating a dictionary for AI risk.
I used to manage multiple global products. For example, you have no idea just within the same department how many versions of the same software there could be. The worst time we had 20+ versions of Salesforce running in the same department.
Some of them were half completed, because the previous managers wanted to make a unified version of the software. So, to consolidate the existing policy or software by building a new one is typically the idea that many veterans will laugh at, but often endorsed by those lacking experience or know-how.
Thank God the MIT team didn’t just invent yet another framework.
Instead, they did the painstaking work of collecting and coding all 65 existing ones. They identified where the language overlapped, where it conflicted, and where the real-world harms were actually occurring.
The result is the AI Risk Repository, a public database of over 1,600 risks, all categorized using a simple, two-part taxonomy. The first part, the Causal Taxonomy, asks three simple questions about any given risk:
Entity: Who caused it? A human or the AI?
Intentionality: Was it on purpose? Intentional or unintentional?
Timing: When did it happen? Before the AI was deployed or after?
The second part, the Domain Taxonomy, categorizes the type of harm, sorting risks into seven straightforward domains like “Discrimination & Toxicity,” “Privacy & Security,” and “Misinformation.”
BUT!
No taxonomy is perfect; sorting and categorizing are two of the most difficult problems in library and computer science.
The authors are the first to tell you it’s not perfect.
This one is useful because it’s public, updated, and source-linked. You can filter it to your world.
It compares many frameworks so you see patterns, not marketing (not from a consultancy nor a pay-to-play vendor), and spot gaps where you’re exposed. It turns “AI risk” into named failure modes you can look for in products you use or buy.
That’s why it matters to you. So you’d get fewer nasty surprises when AI touches your money, health, work, or reputation.
AI Risks Are Everything You Did NOT Expect.
After the MIT team recorded all 1,612 risks, the data told a story that might be the opposite of what you believe.
The things most of us worry about are not the things that are actually (nor most frequently) going wrong.
The 62% Post-Deployment Problem
Only 13% of AI risks show up before deployment, ie, before your AI tool goes from internal testing to actual customer use. A staggering 62% happens after your system is live, interacting with real users.
Yet most AI oversight happens pre-deployment. Months of ethics reviews, data validation, and pre-launch testing. Then the system goes live, and we move on.
What happens in practice? Your chatbot starts giving dangerous medical advice after learning from user interactions. Your recommendation engine pushes extreme content because engagement metrics reward it. Your AI assistant develops biases it didn't have on day one, picking up patterns from real-world usage you never anticipated.
One possibility is that you're blind to 87% of what can go wrong if you're not actively monitoring post-deployment.
However! The data skew to post-deployment could also be partly because that is where researchers can test systems that are publicly available.
It also happens to be where real users meet the product.
The question is how many of those post-deployment failures you can prevent earlier with better pre-deployment work.
It's not the AI; 39% of Risks Come From Someone Sitting Next To You
You wouldn’t give a new driver the keys to a Formula 1 car and expect them to be safe just because they’re “in the loop.” They need training, they need guardrails, and they need a clear understanding of what the machine can and cannot do.
This challenges the popular "keep a human in the loop" solution.
It’s easy to assume the human operator is rational, attentive, and well-intentioned.
In reality, that human is overworked, undertrained, or just trying to finish their job. Most of us trust AI recommendations without checking. Or some of us deliberately misuse tools to cut corners.
Again, the F1 analogy, your employees require training, guardrails, and a clear understanding of the AI's capabilities and limitations.
When AI fails, blame falls on your organization, not the individual employee. If your team uses AI to generate misleading content or infringe copyrights, your company faces lawsuits and reputational damage, and as a leader, you’re to blame.
Having a human press "go" is NOT enough.
Most leaders underestimated the cost of introducing AI to their team.
A one-off 8-hour training is a placebo at best. You need something ongoing and evolving.
People keep talking about autonomy. But autonomy requires intent.
In the tables where intent is high, the driver is almost always human behavior rather than model behavior. That undercuts some of the ‘autonomous AI did it’ narrative.
On the model side, the big exposure is unintentional risk, where artifacts of training and side effects that surface later compound.
Intentional misuse with AI looks like every other bad-actor problem.
The difference is the unintended side effects.
Let’s compare AI to Excel or PowerPoint in their early days.
If a bad actor emailed you a booby-trapped spreadsheet or a fake PPT executable, the human supplied the intent and the office app was just the tool. Over time those tools were hardened: email gateways learned to strip dangerous attachments and macro execution was locked down.
Language models have not been through that cycle. We’re still in the experimental phase with a lot of open seams. But also, due to its non-deterministic nature, we can't really fix a behavior by just patching it with duct tape... and the pressure leaks somewhere else.
Will they eventually harden? Maybe—but the spillover here is social, not just technical.
A PowerPoint virus locked your drive; it didn’t calibrate your beliefs.
With language models, the side effects shape attention, opinion, and behavior at scale. That’s why the unintentional part of AI risk can be more worrying than the intentional part, even though the headlines focus on bad actors.
Forget the Terminator, 89% of Risks Are Boring.
The machine becomes conscious, red eyes light up, and you and your family run for your lives. Is this what pops into your head when you hear "AI risk"?
In fact, 89% of documented AI risks have nothing to do with superintelligence or robot uprisings.
In reality, you're dealing with data breaches, biased algorithms, misinformation, and job issues displacement.
These boring risks kill businesses. Your production AI is discriminating against customers, leaking data, and generating content that violates a dozen regulations. The mundane stuff that actually costs money.
I’m the fool who actually reads the studies before writing. I commit to my words. Can you commit to learning with me each week? 👇
How to Use the MIT Repository?
Over 1,600 risks, 65 frameworks, 7 domains, 24 subdomains… It’s a lot.
Just reading The MIT AI Risk Repository row by row is overwhelming. And exactly what you should not do.
You also don’t need to read the whole thing.
Treat it as a radar, a map, a dictionary.
Yes, there are people who read dictionaries page by page. If you are one of those, I won't stop you from reading every row of the AI risk just for fun. Again, this is not designed for it.
And like any good map, you only need to focus on the parts that are relevant to your journey.
Here’s a simple, three-step process:
Step 1: Find ONE Domain That Will Instantly Kill Your Business
Start with the seven high-level domains in the Domain Taxonomy:
Discrimination & Toxicity
Privacy & Security
Misinformation
Malicious Actors & Misuse
Human-Computer Interaction
Socioeconomic & Environmental
AI System Safety, Failures, & Limitations
Which one of these, if it went catastrophically wrong, would pose the biggest threat to your company? If you’re a bank, it might be “Privacy & Security.” If you’re a media company, it’s probably “Misinformation.” If you’re in HR tech, it’s almost likely “Discrimination & Toxicity.”
Your goal here is not to be comprehensive. So don’t overthink it. Pick one.
You need to be effective here. Start with the fire that’s closest to your house.
Step 2: Scan for Plausible, Visible, and Expensive Risks
Once you’ve picked your domain, filter it to show only the risks in that domain. Now, start scanning. Don’t focus on details yet, but look for risks that meet three criteria:
Is this something that could realistically happen at your company? Don’t worry about how likely it is, just whether it’s possible.
If this happened, would the outside world know about it? Failures that are visible are the ones that do the most damage to your brand and attract the most attention from regulators.
Expensive or embarrassing if they happen? What would the fallout be? Would it cost you a major client? Would it trigger a lawsuit? Would it land you on the front page of the New York Times?
Pull out 5-10 risks that meet these criteria. This is your shortlist.
Step 3: Tell a Story
For each risk on your shortlist, write a one-paragraph story. Who's involved? What fails? What happens next?
Just making it real and relevant.
Example 1 - The Fake Vendor (Builder.ai style):
Your company pays $2M/year for an "AI-powered" platform that promises 90% automation. Six months later, a whistleblower reveals your vendor is actually using 200 offshore workers pretending to be AI. Your procurement, tech, and C-level teams appear to be incompetent. The project you staked your reputation on is exposed as a fraud.
Example 2 - The Production Wipeout (Replit/SaaStr style):
Your AI coding assistant gets database access to "help optimize queries." During a routine update, it deletes three years of customer data. No usable backups because the AI "optimized" those scripts too. 10,000 customers affected. $2M in regulatory fines. $15M in lawsuits. The CTO resigns, but is that enough? Who else gets named in the lawsuits?
Example 3 - The Recommendation Spiral:
Your content AI maximizes engagement by pushing extreme content. A vulnerable teenager attempts self-harm after consuming AI-recommended content. When parents go to the media, the stock drops 40%. The algorithm team says they followed orders. Marketing says they just set KPIs. Product says they implemented what was asked… so who’d be responsible for this?
The whole point of this exercise is to make shit real.
Only then will people understand how these risks might cause enormous damage.
Stop Being Lazy
Sure, you can wait for dashboards from Accenture or EY. But deep down, you know that hiding behind the Big 4 is just avoiding the hard questions. When things blow up, pointing at their reputation won't save yours.
Those dashboards blur risks into slides that aren't immediate, aren't personal, aren't scary enough to matter.
The abstract "AI might discriminate" becomes "Our AI is creating extremists and the Washington Post knows."
Don't try to boil the ocean. Don't wait for quarterly reviews. Don't ask McKinsey.
Instead, open the MIT repository. Find one risk that matches what you're doing with AI—whether you're deploying it company-wide or just using it to write emails. Check if it's happening.
This isn't just for C-levels. It's for anyone who uses AI and calls themselves competent. Product managers automating decisions. Marketers generating content. Engineers trusting code assistants. Even solo consultants, or writers using ChatGPT for day to day.
This is the homework you do before claiming you understand AI risks.
Takes 30 minutes. Costs nothing. Might save you from being the cautionary tale at next year's conference.
When everyone's getting the same vendor pitches. Reading the same "AI best practices" articles. Making the same mistakes. The last one who realized the AI risk becomes the case study.
Share this with whoever needs to hear it. The person whose reputation depends on AI working. The team lead is pushing for more automation. The colleague who thinks AI risk is just science fiction.
Your vendors won't tell you this. Consultants profit from your confusion.
While the MIT repository is free, updated, and specific.
Use it now or explain it to your boss/client/users next quarter why you didn't see it coming.
