The World Economic Forum (WEF) released its Global Cybersecurity Outlook 2025 report today, shedding light on the increasingly complex and unpredictable landscape of cyberspace. The report identifies critical challenges ranging from supply chain vulnerabilities to AI-driven threats and highlights the urgent need for enhanced cyber resilience.
Key Takeaways from the Report:
1. Supply Chain Vulnerabilities: Over 54% of large organisations cite supply chain interdependencies as the primary barrier to achieving cyber resilience. The interconnected nature of supply chains exposes businesses to cascading risks, exacerbated by the growing reliance on digital tools.
2. Geopolitical Tensions: With rising global instability, one in three CEOs identifies cyber espionage and intellectual property theft as top concerns. Nearly 45% of cyber leaders worry about disruptions to business processes and operations.
3. AI Paradox: While 66% of organisations expect AI to significantly impact cybersecurity, only 37% have processes to assess AI security risks before deployment. This discrepancy underscores a gap in preparedness for AI-driven threats.
4. Sophisticated Threat Landscape: The rise of generative AI (GenAI) has amplified cyber risks, with nearly 47% of organisations listing GenAI-enabled attacks as a major concern. Threats like ransomware and disinformation campaigns are becoming increasingly complex.
5. Regulatory Fragmentation: While regulations enhance resilience, 76% of Chief Information Security Officers (CISOs) believe fragmented policies create compliance challenges, potentially hindering proactive cybersecurity measures.
6. Workforce Challenges: The cyber skills gap grew by 8% in 2024, with two-thirds of organisations lacking sufficient talent to meet security demands. Only 14% of firms report having adequate cybersecurity expertise.
The report emphasises shifting the focus from traditional cybersecurity measures to cyber resilience, defined as an organisation’s ability to mitigate the impact of significant cyber incidents. “Collaboration between public and private sector stakeholders is paramount to secure the benefits of digitalisation for all,” said Jeremy Jurgens, Managing Director, WEF.
Highlighting the role of leadership, Paolo Dal Cin, Global Lead at Accenture Security, stated: “Cybersecurity threats are more complex and unpredictable than ever. A proactive, security-first mindset is crucial to navigating these challenges.”
The report also reflects on the 2022 cyberattacks on Costa Rica, which served as a wake-up call. Paula Bogantes Zamora, Costa Rica’s Minister of Science, Innovation, Technology, and Telecommunications, remarked: “We’ve recognised the need to view cybersecurity as a critical investment, not merely an expense. Strengthening ecosystems through regional collaboration is essential.”
These findings align with the WEF’s broader agenda at the Annual Meeting 2025 in Davos, Switzerland, from January 20-24.