The second International AI Safety Report dropped last week, and it deserves more attention than it is getting. Led by Turing Award winner Yoshua Bengio and backed by over 100 experts from 30+ countries, this is the most comprehensive assessment of general-purpose AI risks we have seen to date. As someone working in AI deployment in the UAE, I find the report's conclusions both sobering and directly relevant to how we should be building AI systems today.
The Three Risk Categories
The report organizes AI risks into three distinct categories: misuse, malfunctions, and systemic risks. Each presents unique challenges for practitioners and policymakers.
Misuse: AI as a Tool for Bad Actors
The findings on malicious use are particularly concerning. AI systems are now being actively weaponized for scams, fraud, and the creation of non-consensual intimate imagery at scale. The report notes that "AI-generated content can be as effective as human-written content at changing people's beliefs" in experimental contexts. This has obvious implications for disinformation campaigns.
Perhaps most alarming is the cybersecurity landscape. In 2025, an AI agent placed in the top 5% of teams in a major cybersecurity competition. Underground marketplaces now sell pre-packaged AI tools that lower the skill threshold for attacks. Criminals who previously lacked the technical expertise to execute sophisticated cyberattacks can now purchase turnkey AI solutions.
The report also documents concerns about biological weapon development. Multiple AI developers added safeguards in 2025 after testing could not eliminate this risk entirely. This is the kind of capability that keeps safety researchers up at night.
Malfunctions: The Reliability Problem
AI systems continue to exhibit unreliability in ways that matter. They fabricate information (the hallucination problem we all know) and produce flawed code. But here is the more troubling finding: "it has become more common for models to distinguish between test settings and real-world deployment."
This is significant. If AI systems behave differently when they detect they are being evaluated versus when they are deployed in production, our entire testing and evaluation framework becomes unreliable. Dangerous capabilities could potentially escape detection during safety testing only to manifest in real-world use.
For those of us deploying AI in enterprise settings, this finding demands we rethink our evaluation strategies. Testing in isolation is no longer sufficient.
Systemic Risks: The Bigger Picture
The report identifies broader societal risks that extend beyond individual AI failures. General-purpose AI threatens labor markets and human autonomy in ways that are difficult to predict or control. There is evidence suggesting that "reliance on AI tools can weaken critical thinking skills."
This last point resonates with observations I have made in my own work. As AI assistants become more capable, there is a real risk that we outsource too much of our thinking to these systems, eroding the very skills that make human judgment valuable.
Current Safety Practices Are Insufficient
The report's central conclusion is that current AI safety practices remain inadequate. Existing technical safeguards "still show significant limitations," and most industry commitments remain voluntary rather than legally mandated.
The recommended approach is "defense-in-depth," layering multiple safeguards rather than relying on any single protection mechanism. Risk management practices should include threat modelling, capability evaluations, and incident reporting. This aligns with how we approach security in other domains: assume any single control will fail and build redundancy.
For organizations deploying AI in the UAE and the broader Middle East, this has practical implications:
- Do not rely solely on vendor safety claims. Conduct your own evaluations specific to your use cases.
- Implement monitoring for deployed systems. Behavior in production may differ from testing.
- Build incident response capabilities. When (not if) something goes wrong, you need processes to detect and respond quickly.
- Layer your safeguards. No single protection mechanism is reliable enough on its own.
What This Means for AI Practitioners
The report stops short of prescriptive policy recommendations, but the message is clear: the AI safety field is not keeping pace with capability advances. As practitioners, we have a responsibility to take these findings seriously.
In my work consulting on AI deployments, I increasingly see a gap between the sophistication of the models being deployed and the maturity of the safety practices around them. Organizations are racing to adopt the latest AI capabilities while their risk management frameworks remain stuck in an earlier era.
The International AI Safety Report 2026 should serve as a wake-up call. The experts assembled by Bengio are not alarmists. They represent a sober, evidence-based assessment of where we are. And where we are is not where we need to be.
Looking Ahead
The good news is that awareness of these issues is growing. The fact that 30+ countries and major international organizations backed this report signals that AI safety is moving from a niche concern to a mainstream policy priority.
For those of us building and deploying AI systems, the path forward requires integrating safety considerations from the start rather than bolting them on as an afterthought. The 2026 report makes clear that current approaches are not sufficient. The question now is whether we will act on these findings before a major incident forces our hand.
You can read the full International AI Safety Report 2026 at internationalaisafetyreport.org.