The World Economic Forum (WEF) Global Cybersecurity Outlook 2025 reports that several compounding factors are creating an increasingly complex and risky business environment. These include the growing complexity of supply chains, rising geopolitical tensions, cybercriminal’s increasing use of artificial intelligence (AI), and the entry of traditional organized crime groups into cybercrime.
Ransomware remains the top organizational cyber risk year on year, with 45 percent of respondents ranking it as a top concern in this year’s survey. Over half of the large organizations surveyed worldwide, 54 percent, identified supply chain challenges as the most challenging barrier to achieving cyber resilience, citing the increasing complexity of supply chains, coupled with a lack of visibility and oversight into the security levels of suppliers.
Almost 60 percent of organizations state that geopolitical tensions have affected their cybersecurity strategy. Geopolitical turmoil has also affected the perception of risk, with one in three CEOs citing cyber espionage and loss of sensitive information/intellectual property (IP) theft as their top concern, while 45 percent of cyber leaders are concerned about disruption of operations and business processes.
AI will have the most significant impact
Two-thirds, 66 percent of organizations expect AI to have the most significant impact on cybersecurity in the year to come. However, only 37 percent report having processes in place to assess the security of AI tools before deployment. According to the WEF, GenAI tools are lowering the cost of phishing and social engineering campaigns, giving attackers access to organizations.
“Some 42 percent of organizations experienced a successful social engineering attack in the past year, a number that can only increase with advances and the malicious adoption of AI,” predicts the WEF.
As Cyber Intelligence reported last year, the surge in the volume and value of cyber-enabled fraud has attracted “traditionally” violent organized crime groups to cybercrime.
“This is perhaps most starkly shown by the trafficking of more than 220,000 people to forcibly work in online scam farms in South-East Asia. With such farms engaging in the harvesting of data, disinformation, and social engineering to name a few capabilities, they are essentially becoming ‘criminal service providers’,” says the WEF.
