Emerging technologies, prevailing geopolitical uncertainty, the evolution of threats, regulatory challenges, vulnerabilities in supply chain interdependencies and a growing skills gap are increasing complexity in the cybersecurity landscape and present barriers to cyber resilience.

“Cyberspace is increasingly complex and challenging owing to rapid technological advancements, growing cybercriminal sophistication and deeply interconnected supply chains,” said global organisation the World Economic Forum (WEF) MD Jeremy Jurgens.

The ‘WEF Global Cybersecurity Outlook 2025’ report calls for a shift in perspective from cybersecurity to enhanced cyber resilience, meaning an organisation’s ability to mitigate the impact of significant cyber incidents on its goals and objectives.

Additionally, the report underscores the importance of evaluating cyber risks from a socioeconomic perspective, which is essential for organisations and nations to effectively allocate resources and strengthen their resilience against cyber threats.

Growing complexity further exacerbated cyber inequity, deepening the divide between developed and emerging economies, expanding sectoral disparities and widening the gap between large and small organisations, the WEF noted.

“Collaboration between public- and private-sector stakeholders is paramount to secure the benefits of digitalisation for all,” Jurgens said.

Specifically, the increasing interdependency in interconnected supply chains introduces vulnerabilities and contributes to the growing complexity in cyberspace. Fifty-five per cent of large organisations surveyed for the report consider supply chain challenges as the greatest barrier to achieving cyber resilience, the report showed.

Further, the WEF noted that there was a paradox between the recognition of AI-driven cybersecurity risks and the rapid implementation of AI without the necessary security safeguards to ensure cyber resilience.

While 66% of organisations expect AI to have a major impact on cybersecurity this year, only 37% report having processes in place to assess the security of AI tools before deployment, it highlighted.

Additionally, the unprecedented level of sophistication in cyberthreats enabled by emerging technologies enhances malicious actors’ ability to operate scams and social engineering attacks, generate disinformation and execute ransomware at a pace, scope and scale never seen before, the report said.

Nearly 47% of organisations cited adversarial advancements powered by generative AI as their primary concern, it added.

However, since 2024, the cyber skills gap has increased by 8%, with two in three organisations lacking essential talent and skills to meet their security requirements and only 14% of organisations saying they are confident that they have the people and skills they need today.

Further, while regulations bolster cyber resilience, 76% of chief information security officers, or CISOs, at the 2024 Annual Meeting on Cybersecurity reported that fragmentation of regulations introduces significant compliance challenges, the report pointed out.

The prevailing turmoil and geopolitical tensions have affected the perception of risks, with one in three CEOs citing cyber espionage and loss of sensitive information or intellectual property theft as their top concern, while 45% of cyber leaders are concerned about disruption of operations and business processes.

In terms of solutions, the report emphasises the need for collaborative efforts across the ecosystem to secure the interconnected networks essential to the digital economy and to effectively address the increasing shortage of cybersecurity skills.

Cybersecurity has economic implications for nations and organisations and the report highlights the critical role of leadership in prioritising cybersecurity as a core business enabler.

“Cybersecurity threats are more complex and unpredictable than ever and can directly impact an organisation’s financial stability. The disruptive force of AI, coupled with supply chain vulnerabilities and geopolitical tensions, calls for a more proactive and collaborative approach to ensure a strong cyber resilient posture across all industries,” said IT consulting company Accenture Security global lead Paolo Dal Cin.

“C-suite leaders must adopt a security-first mindset from the outset to confidently navigate these challenges with cybersecurity as an enabler that keeps our businesses and organisations resilient,” he said.