**Geneva**: The World Economic Forum’s Global Cybersecurity Outlook 2025 report addresses heightened cybersecurity challenges amid geopolitical tensions, supply chain vulnerabilities, and cyber-inequity, calling for improved compliance and holistic strategies to enhance cyber-resilience and address emerging threats like ransomware and AI vulnerabilities.
The World Economic Forum (WEF) recently unveiled its Global Cybersecurity Outlook 2025 report, highlighting the escalating challenges in the digital realm shaped by geopolitical tensions, technological advancements, and the growing issue of cyber-inequity. This extensive research features empirical data and insightful surveys, offering a comprehensive understanding of the current cybersecurity landscape.
As cyberspace evolves, it becomes increasingly complex, with several interconnected factors contributing to the challenges. Notably, geopolitical uncertainty has been marked by rising global tensions, which elevate the risks associated with state-sponsored cyber-attacks and espionage. Alarmingly, 54% of large organisations have reported supply chain vulnerabilities as their foremost concern, indicating a pressing need for enhanced visibility into suppliers’ cybersecurity practices.
Emerging technologies, particularly artificial intelligence (AI) and generative AI (genAI), introduce new vulnerabilities. While 66% of organisations predict a significant impact from AI on cybersecurity, only 37% have pre-emptively implemented security measures for these tools. The fragmentation of regulatory frameworks further complicates compliance; 76% of Chief Information Security Officers (CISOs) stated that such fragmentation impedes their resilience efforts.
Cyber-inequity continues to be a growing concern, revealing stark disparities in cybersecurity readiness across various sectors and regions. Reports indicate that small organisations have seen a sevenfold increase in reports of insufficient cyber-resilience since 2022, with the current figure reaching 35%. Variations in confidence regarding national preparedness for critical infrastructure attacks also exist, with only 15% of respondents in Europe and North America expressing trust in their countries, compared to higher percentages in Africa and Latin America.
Amidst the threats posed by cybercriminals, AI serves dual purposes; it can be employed as a tool for defence yet also exploited for malicious purposes. Cyber-enabled fraud is on the rise, with organised crime groups utilising digital platforms to target critical infrastructure and social services. The report cites that scam operations originating in Southeast Asia have contributed to global losses exceeding $1 trillion in 2024.
Ransomware continues to dominate the list of cyber threats, with 45% of respondents ranking it as their top concern. The emergence of Ransomware-as-a-Service (RaaS) has democratised access to ransomware tools, leading to more frequent and sophisticated attacks. The cybersecurity workforce is also facing significant challenges. There was an 8% increase in workforce shortages in 2024, leaving two-thirds of organisations struggling to meet their staffing needs, particularly acute within the public sector.
While regulations play an essential role in fortifying cyber-resilience, the fragmented nature of these rules exacerbates challenges for organisations. Complex compliance burdens lead to mounting costs, while harmonised standards could reduce these compliance challenges and foster greater global collaboration in cybersecurity efforts.
In the face of these challenges, organisations are encouraged to adopt holistic strategies to enhance their cyber-resilience. These strategies include treating cybersecurity as a core business risk, improving supply chain oversight, addressing skill shortages through training and retention, safeguarding AI deployment, and advocating for streamlined regulatory frameworks.
The report also discusses the dual-edged potential of quantum computing, which could revolutionize various industries while simultaneously presenting pressing cybersecurity challenges due to its capability to break public-key encryption. A significant portion of organisations (40%) reported actively assessing quantum threats; however, many await clearer guidelines from government and industry bodies. Developments such as the National Institute of Standards and Technology’s post-quantum cryptography standards are ongoing efforts aimed at mitigating these risks.
As the report reveals, interconnected supply chains and an increasing reliance on cloud technologies contribute to a complex cybersecurity landscape. The report underscores that supply chain vulnerabilities remain a primary source of cyber risk, and it is essential for organisations to tighten end-to-end oversight and enforce robust software development practices.
Geopolitical tensions are influencing many organisations’ cyber strategies. Nearly 60% of respondents acknowledged the impact of these risks, with some adjusting vendor relationships or halting operations in specific regions as a response. The report noted regulatory pressures, such as the EU’s Digital Operational Resilience Act and the United States’ Cyber Incident Reporting for Critical Infrastructure Act, driving improved cyber-resilience.
Speaking in the foreword of the report, Jeremy Jurgens, managing director at the World Economic Forum, provided insights into the ongoing state of cyber threats, stating, “Following decades of relative stability, the world today is marked by increased geopolitical conflicts. The fallout of this turbulence in the digital realm – the growing prowess of cyber-criminals, rapid advances in emerging technologies and widening cyber capabilities – have led to a cyberspace that is more complex than ever before.”
This report suggests that navigating the intricacies of current cybersecurity challenges will necessitate collaborative approaches, robust frameworks, and ongoing investment in workforce capabilities to face ever-evolving threats.
Source: Noah Wire Services
Subscribe to Industry Updates
