Rapid growth of emerging technologies, prevailing geopolitical uncertainty, the evolution of threats, regulatory challenges, vulnerabilities in supply chain interdependencies and the growing cyber skills gap are resulting in an increasingly complex cyber landscape which could have significant implications for organizations and nations, according to a new report.
This growing complexity will further exacerbate cyber inequity, deepening the divide between developed and emerging economies, expand sectoral disparities, and widen the gap between large and small organizations, the World Economic Forum’s Global Cybersecurity Outlook 2025 report said.
“Cyberspace is more complex and challenging than ever due to rapid technological advancements, growing cybercriminal sophistication and deeply interconnected supply chains. The Global Cybersecurity Outlook equips leaders with essential insights to navigate these challenges and strengthen cyber resilience,” said Jeremy Jurgens, managing director, World Economic Forum.
“Collaboration between public and private sector stakeholders is paramount to secure the benefits of digitalization for all,” he added.
Read | 78 million new jobs to be generated by 2030, but urgent upskilling needed: Report
Key factors
The report identifies key factors driving the accelerating complexity and unpredictability in the cyber landscape, along with insights into their cumulative impact on both organizational and national cybersecurity posture. These include:
- Supply chain risk interdependencies: Increasing interdependency introduces vulnerabilities within interconnected supply chains, contributing to the growing complexity in cyberspace; 54 percent of large organizations consider supply chain challenges as the greatest barrier to achieving cyber resilience.
- Geopolitical tensions: The prevailing turmoil has affected the perception of risks, with one in three CEOs citing cyber espionage and loss of sensitive information / intellectual property theft as their top concern, while 45 percent of cyber leaders are concerned about disruption of operations and business processes.
- Security in the intelligent age: There is a paradox between the recognition of AI-driven cybersecurity risks and the rapid implementation of AI without the necessary security safeguards to ensure cyber resilience. While 66 percent of organizations expect AI to have a major impact on cybersecurity in 2025, only 37 percent report having processes in place to assess the security of AI tools before deployment.
- Evolution of the threat landscape: The unprecedented level of sophistication in cyber threats enabled by emerging technologies enhances malicious actors’ ability to operate scams and social engineering attacks, generate disinformation, and execute ransomware at a pace, scope and scale never seen before. Nearly 47 percent of organizations cite adversarial advancements powered by GenAI as their primary concern.
- Regulations: While regulations bolster cyber resilience, 76 percent of CISOs at the 2024 Annual Meeting on Cybersecurity reported that fragmentation of regulations introduces significant compliance challenges.
- Workforce challenges: Since 2024, the cyber skills gap has increased by 8 percent, with two in three organizations lacking essential talent and skills to meet their security requirements; only 14 percent of organizations are confident that they have the people and skills they need today.
Changing mindset
“Cybersecurity threats are more complex and unpredictable than ever and can directly impact an organization’s financial stability. The disruptive force of AI, coupled with supply chain vulnerabilities and geopolitical tensions, calls for a more proactive and collaborative approach to ensure a strong cyber resilient posture across all industries,” said Paolo Dal Cin, global lead, Accenture Security. “C-suite leaders must adopt a security-first mindset from the outset to confidently navigate these challenges with cybersecurity as an enabler that keeps our businesses and organizations resilient.”
The report calls for a shift in perspective from cybersecurity to enhanced cyber resilience – an organization’s ability to mitigate the impact of significant cyber incidents on its goals and objectives. Additionally, it underscores the importance of evaluating cyber risks from a socioeconomic perspective, which is essential for organizations and nations to effectively allocate resources and strengthen their resilience against cyber threats.