Cybersecurity threats remain the leading cyber risk for organisations, with 45% of respondents identifying it as their top concern for 2025. According to the World Economic Forum’s (WEF) Global Cybersecurity Outlook 2025 released today, 54% of large organisations cite supply chain "interdependencies" as the biggest barrier to achieving cyber resilience.

The report states that "cyber-enabled fraud" is identified as the second highest organisational cyber risk for 2025, with CEOs voicing it as a significant threat along with ransomware and supply chain disruptions. “At the same time, identity theft climbs to the top of the agenda, emerging as the primary personal cyber risk for both CISOs and CEOs.”

Cyber risk was ranked among the top three threats, primarily affecting organisations. Severe organisational disruptions due to cyber risks and criminal activity were expected by 71% of chief risk officers. “Cyberthreats continued to escalate, with 72% of respondents to the Global Cybersecurity Outlook (GCO) survey reporting a rise in cyber risks.”

Cybercrime has increased both in frequency and sophistication including ransomware attacks, phishing, vishing and deepfakes and a significant rise in supply chain attacks, says the report.

It highlights the cyber skill gap is expanding, with two in three organisations not having the necessary talent they need to meet their security requirements, widening cyber skills gap by 8% since 2024. Whereas 14% of organisations believe they are having the required skills and personnel currently needed.

While 66% of organisations foresee AI making a huge impact on cybersecurity by 2025, only 37% have put measures in place to evaluate the security of AI tools before they are deployed, it adds.

Complexity in the cyber landscape is driven majorly by geopolitical turmoil, overreliance on complex supply chains and increasing adoption of emerging technologies is leading to a riskflated environment. “Geopolitical tensions are an influence on cyber strategy in nearly 60% of organisations, with one in three CEOs citing cyber espionage and loss of sensitive information/IP as top concerns.”

The world witnessed the largest IT outage in history in 2024, causing a $5 billion loss and disrupting airlines, banks, broadcasters, healthcare providers, retail payment systems and ATMs globally.

Nearly 80% of leaders from private companies feel that privacy regulations have the capability to reduce risk in the ecosystem of their organisations. “However, two-thirds of respondents cited the complexity and proliferation of regulatory requirements as a challenge.”

Speaking on the complexity and ever evolving technological advancements, Jeremy Jurgens, managing director, WEF states, “Cyberspace is more complex and challenging than ever due to rapid technological advancements, growing cybercriminal sophistication and deeply interconnected supply chains. The Global Cybersecurity Outlook equips leaders with essential insights to navigate these challenges and strengthen cyber resilience. Collaboration between public and private sector stakeholders is paramount to secure the benefits of digitalisation for all.”

Scammers globally have drawn over $1 trillion in the past year, with some countries losing more than 3% of their gross domestic product (GDP), as stated by Global Anti-Scam Alliance report.

Top concern hovering over GenAI for 47% of organisations is AI to automate and personalise deceptive communications. “Some 42% of organisations experienced a successful social engineering attack in the past year, a number that can only increase with advances and the malicious adoption of AI.”