- Paul Andrews
- Jan 13
- 3 min read
The World Economic Forum’s Global Cybersecurity Outlook 2025 Report highlights the increasing complexity in the cyber landscape, which has significant implications for organizations and nations. This complexity arises from the rapid growth of emerging technologies, prevailing geopolitical uncertainty, the evolution of threats, regulatory challenges, vulnerabilities in supply chain interdependencies and the growing cyber skills gap.
Growing complexity further exacerbates cyber inequity, deepening the divide between developed and emerging economies, expanding sectoral disparities, and widening the gap between large and small organizations.
"Cyberspace is more complex and challenging than ever due to rapid technological advancements, growing cybercriminal sophistication and deeply interconnected supply chains. The Global Cybersecurity Outlook equips leaders with essential insights to navigate these challenges and strengthen cyber resilience," said Jeremy Jurgens, Managing Director, World Economic Forum.
“Collaboration between public and private sector stakeholders is paramount to secure the benefits of digitalization for all.”
The report identifies key factors driving the accelerating complexity and unpredictability in the cyber landscape, along with insights into their cumulative impact on both organizational and national cybersecurity posture.
These include:
Supply chain risk interdependencies: Increasing interdependency introduces vulnerabilities within interconnected supply chains, contributing to the growing complexity in cyberspace; 54% of large organizations consider supply chain challenges as the greatest barrier to achieving cyber resilience.
Geopolitical tensions: The prevailing turmoil has affected the perception of risks, with one in three CEOs citing cyber espionage and loss of sensitive information/ intellectual property theft as their top concern, while 45% of cyber leaders are concerned about disruption of operations and business processes.
Security in the Intelligent Age: There is a paradox between the recognition of AI-driven cybersecurity risks and the rapid implementation of AI without the necessary security safeguards to ensure cyber resilience. While 66% of organizations expect AI to have a major impact on cybersecurity in 2025, only 37% report having processes in place to assess the security of AI tools before deployment.
Evolution of the threat landscape: The unprecedented level of sophistication in cyber threats enabled by emerging technologies enhances malicious actors’ ability to operate scams and social engineering attacks, generate disinformation, and execute ransomware at a pace, scope and scale never seen before. Nearly 47% of organizations cite adversarial advancements powered by GenAI as their primary concern.
Regulations: While regulations bolster cyber resilience, 76% of CISOs at the 2024 Annual Meeting on Cybersecurity reported that fragmentation of regulations introduces significant compliance challenges.
Workforce challenges: Since 2024, the cyber skills gap has increased by 8%, with two in three organizations lacking essential talent and skills to meet their security requirements; only 14% of organizations are confident that they have the people and skills they need today.
“Cybersecurity threats are more complex and unpredictable than ever and can directly impact an organization’s financial stability. The disruptive force of AI, coupled with supply chain vulnerabilities and geopolitical tensions, calls for a more proactive and collaborative approach to ensure a strong cyber resilient posture across all industries,” said Paolo Dal Cin, Global Lead, Accenture Security.
“C-suite leaders must adopt a security-first mindset from the outset to confidently navigate these challenges with cybersecurity as an enabler that keeps our businesses and organizations resilient."
The report calls for a shift in perspective from cybersecurity to enhanced cyber resilience – an organization’s ability to mitigate the impact of significant cyber incidents on its goals and objectives. Additionally, it underscores the importance of evaluating cyber risks from a socioeconomic perspective, which is essential for organizations and nations to effectively allocate resources and strengthen their resilience against cyber threats.
“The 2022 cyberattacks on Costa Rica served as a wake-up call, underscoring the need for a fundamental shift in recognizing cybersecurity as a critical investment for the future, rather than a mere expense,” said Paula Bogantes Zamora, Minister of Science, Innovation, Technology and Telecommunications of Costa Rica. “Through this journey, we have recognized the need to strengthen our ecosystems by collaborating with our neighbours to enhance resilience not only in Costa Rica but also across the region.”
The Global Cybersecurity Outlook 2025 provides a comprehensive analysis of the escalating complexities in cybersecurity, with actionable insights to help leaders navigate the ever-changing cyberspace. The report emphasizes the need for collaborative efforts across the ecosystem to secure the interconnected networks essential to our digital economy and to effectively address the increasing shortage of cybersecurity skills. It also explores the economic implications of cybersecurity and highlights the critical role of leadership in prioritizing cybersecurity as a core business enabler.
