Cyber-enabled fraud has become a pervasive global threat, which also underscores the growing societal and economic impact of fraud as it spreads across regions and sectors.

Geopolitical fragmentation is compounding these risks, reshaping cybersecurity strategies and widening preparedness gaps across regions, while AI is bolstering both offensive and defensive capabilities, says international financial organisation the World Economic Forum (WEF) in its 'Global Cybersecurity Outlook 2026' report.

The report calls on leaders across sectors to move beyond isolated efforts and commit to raising the collective baseline by sharing intelligence, aligning standards and investing in the capabilities needed to ensure all organisations can benefit from a more secure and resilient digital environment.

The cyber-landscape is undergoing profound structural shifts, and cyber-resilience can no longer be approached as a technical function alone, but must be viewed as a strategic requirement that underpins economic stability, national resilience and public trust.

“As cyber-risks become more interconnected and consequential, cyber-enabled fraud has emerged as one of the most disruptive forces in the digital economy, undermining trust, distorting markets and directly affecting people’s lives,” says WEF MD Jeremy Jurgens.

“The challenge for leaders is no longer just understanding the threat, but acting collectively to stay ahead of it. Building meaningful cyber-resilience will require coordinated action across governments, businesses and technology providers to protect trust and stability in an increasingly AI-driven world,” he notes.

Cyber-enabled fraud has become a pervasive global threat. Of the 804 global business leaders in 92 countries surveyed for the report, 73% of the respondents had been directly affected by cyber-fraud or knew someone who had been directly affected by cyber-fraud in 2025.

CEOs now rank fraud and phishing ahead of ransomware as their top concerns, the WEF says.

Further, the gap between highly resilient organisations and those falling behind remains stark, with skills shortages and resource constraints amplifying systemic risk, the report shows.

Global supply chains have become more interconnected and opaque, turning third-party dependencies into systemic vulnerabilities. These dynamics are converging at a moment when inequalities in cyber capabilities are widening, leaving smaller organisations and emerging economies disproportionately exposed, the WEF states.

Among large companies, 65% cite third-party and supply chain risks as their greatest cyber-resilience barrier, up from 54% last year.

Concentration risk is also intensifying, with incidents at major cloud and Internet service providers demonstrating how infrastructure-level failures can trigger widespread downstream impacts across interconnected digital ecosystems, the WEF report says.

Additionally, geopolitics is redefining the global cybersecurity threat landscape, with 64% of organisations now factoring geopolitically motivated attacks into their risk strategies and 91% of the largest enterprises adjusting their cybersecurity posture accordingly.

The report also shows that 31% of respondents expressed low confidence in their country’s ability to manage major cyber incidents. Confidence levels vary widely, from 84% in the Middle East and North Africa to 13% in Latin America and the Caribbean.

Meanwhile, AI is accelerating cybersecurity risks at unprecedented speed. AI-related vulnerabilities rose faster than any other category in 2025, with 87% of respondents reporting an increase, the report says.

Data leaks linked to generative AI were highlighted as the top concern for this year by 34% of respondents, while 29% highlighted advancing adversarial capabilities as the top concern for this year.

Additionally, 94% of leaders expect AI to be the most consequential force shaping cybersecurity in 2026. Organisations are responding to this and have nearly doubled the share assessing AI security, from 37% to 64%, the report notes.

“Developments in AI are reshaping multiple domains, including cybersecurity. When deployed responsibly, these technologies can strengthen cyber defences by supporting faster detection and response. But if misused or poorly governed, they can also introduce serious risks, from data leaks to cyberattacks,” says Singapore Digital Development and Information Minister Josephine Teo.

“Governments, therefore, need a forward-looking and collaborative approach to ensure AI enhances cyber resilience while minimising risks that increasingly transcend borders,” she recommends.

Meanwhile, cyber inequity is widening across regions and sectors and smaller organisations are twice as likely to report insufficient resilience compared to large firms.

Regionally, the shortage of cybersecurity talent is most pronounced in Latin America and the Caribbean, with 65% of organisations reporting insufficient skills to achieve their security objectives, while 63% of organisations in sub-Saharan Africa face similar constraints, the report shows.

“The weaponisation of AI, persistent geopolitical friction and systemic supply chain risks are upending traditional cyber defences. For C-suite leaders, the imperative is clear; they must pivot from traditional cyber protection to cyber defence powered by advanced and agentic AI to be resilient against AI-driven threat actors," said Accenture Cybersecurity global lead Paolo Dal Cin.

“True business resilience is built by fusing cyber strategy, operational continuity and foundational trust, thereby enabling organisations to swiftly adapt to the dynamic threat landscape,” he says.