top of page
Search

Global Cybersecurity Outlook 2025

Writer's picture: Inno-Thought TeamInno-Thought Team
3 days ago

The World Economic Forum's Global Cybersecurity Outlook 2025, written in collaboration with Accenture, examines the cybersecurity trends that will affect economies and societies in the year to come. The report explores major findings and puts a spotlight on the complexity of the cybersecurity landscape, which is intensified by geopolitical tensions, emerging technologies, supply chain interdependencies and cybercrime sophistication.



Key insights


In a complex cyberspace characterized by geopolitical uncertainties, widening cyber inequity and sophisticated cyberthreats, leaders must adopt a security-first mindset.

While the 2024 edition of the Global Cybersecurity Outlook highlighted the growing inequity in cyberspace, this year’s report shines a light on the increasing complexity of the cyber landscape, which has profound and far-reaching implications for organizations and nations.


This complexity is driven by a series of compounding factors:


  • Escalating geopolitical tensions are contributing to a more uncertain environment.

  • Increased integration of and dependence on more complex supply chains is leading to a more opaque and unpredictable risk landscape.

  • The rapid adoption of emerging technologies is contributing to new vulnerabilities as cybercriminals harness them effectively to achieve greater sophistication and scale.

  • Simultaneously, the proliferation of regulatory requirements around the world is adding a significant compliance burden for organizations.


All of these challenges are exacerbated by a widening skills gap, making it extremely challenging to manage cyber risks effectively.


Figure A: Factors compounding the complex nature of cybersecurity

The growing complexity of cyberspace is exacerbating cyber inequity, widening the gap between large and small organizations, deepening the divide between developed and emerging economies, and expanding sectoral disparities.1 Some 35% of small organizations believe their cyber resilience is inadequate, a proportion that has increased sevenfold since 2022. By contrast, the share of large organizations reporting insufficient cyber resilience has nearly halved.


Figure B: Organizations reporting insufficient cyber resilience

This disparity in cyber resilience is further highlighted by regional differences in preparedness: while only 15% of respondents in Europe and North America lack confidence in their country’s ability to respond to major cyber incidents targeting critical infrastructure, this proportion rises to 36% in Africa and 42% in Latin America.


The public sector is disproportionately affected, with 38% of respondents reporting insufficient resilience, compared to just 10% of medium-to-large private-sector organizations. This inequity extends to the cyber workforce, with 49% of public-sector organizations indicating they lack the necessary talent to meet their cybersecurity goals – an increase of 33% from 2024.


The Global Cybersecurity Outlook 2025 report includes a deeper analysis of the most important drivers of complexity and provides valuable insights into the most pressing cyber challenges in the year ahead and their potential implications for executives.


Figure C: Regional differences in cyber resilience

These are the key findings from this year’s report and the main trends that executives will need to navigate in 2025:


Supply chain vulnerabilities are emerging as the top ecosystem cyber risk

Of large organizations, 54% identified supply chain challenges as the biggest barrier to achieving cyber resilience. The increasing complexity of supply chains, coupled with a lack of visibility and oversight into the security levels of suppliers, has emerged as the leading cybersecurity risk for organizations. Key concerns include software vulnerabilities introduced by third parties and propagation of cyberattacks throughout the ecosystem.


Geopolitical tensions shape cybersecurity strategy


Nearly 60% of organizations state that geopolitical tensions have affected their cybersecurity strategy. Geopolitical turmoil has also affected the perception of risks, with one in three CEOs citing cyber espionage and loss of sensitive information/intellectual property (IP) theft as their top concern, while 45% of cyber leaders are concerned about disruption of operations and business processes.


Figure D: The effects of geopolitical tensions on organizations' cybersecurity strategies


Rapid adoption of AI introduces new vulnerabilities


While 66% of organizations expect AI to have the most significant impact on cybersecurity in the year to come, only 37% report having processes in place to assess the security of AI tools before deployment. This reveals the paradox of the gap between the recognition of AI-driven cybersecurity risks and the rapid implementation of AI without the necessary security safeguards to ensure cyber resilience.


Figure E: Cybersecurity vulnerabilities anticipated in 2025


Generative AI is augmenting cybercriminal capabilities, contributing to an uptick in social engineering attacks


Some 72% of respondents report an increase in organizational cyber risks, with ransomware remaining a top concern. Nearly 47% of organizations cite adversarial advances powered by generative AI (GenAI) as their primary concern, enabling more sophisticated and scalable attacks. In 2024 there was a sharp increase in phishing and social engineering attacks, with 42% of organizations reporting such incidents.


Regulations bolster cyber resilience, yet their fragmentation introduces significant compliance challenges


Regulations are increasingly seen as an important factor for improving baseline cybersecurity posture and building trust. However, their proliferation and disharmony are creating significant challenges for organizations, with more than 76% of chief information security officers (CISOs) at the World Economic Forum’s Annual Meeting on Cybersecurity in 2024 reporting that fragmentation of regulations across jurisdictions greatly affects their organizations’ ability to maintain compliance.


Organizations are grappling with a shortage of critical cyber talent


Since 2024, the cyber skills gap has increased by 8%, with two out of three organizations reporting moderate-to-critical skills gaps, including a lack of essential talent and skills to meet their security requirements. Furthermore, only 14% of organizations are confident that they have the people and skills they need today.

0 views0 comments
connexion_panel_edited.jpg
CXO_8-in-1.png
subscribe_button.png

 

Disclaimer:

The information contained in this site is for reference only. While we have made every attempt to ensure that the information contained in this site has been obtained from reliable sources, we are not responsible for any errors or omissions, or for the results obtained from the use of this information. All information in this site is provided "as is", with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability and fitness for a particular purpose. In no event will Ho Hon Asia Limited, its related partnerships or corporations, or the partners, agents or employees thereof be liable to you or anyone else for any decision made or action taken in reliance on the information in this site or for any consequential, special or similar damages, even if advised of the possibility of such damages.
Certain links in this site connect to other websites maintained by third parties over whom we have no control. We make no representations as to the accuracy or any other aspect of information contained in other websites.

2025 @ Inno-Thought and its affiliates. All rights reserved.

bottom of page