Key Takeaways
Geopolitical tensions are transforming cybersecurity, with most organizations reporting an impact. Artificial intelligence (AI) adds complexity: While some institutions see its potential, only a few assess AI security tools.
To build resilience, organizations must strengthen cyber hygiene, align security with business goals and embrace collaboration.
Nearly 60% of organizations report that geopolitical tensions have influenced their cybersecurity strategies, according to a World Economic Forum survey .
One in three CEOs identify cyber espionage and theft of sensitive information or intellectual property (IP) as their top concerns.
Meanwhile, 45% of cybersecurity leaders are worried about disruptions to operations and business processes.
A growing concern is the crossover between nation-state threats and cybercriminal activity. Nation-state actors increasingly use tools and techniques from the cybercriminal world and vice versa.
State-sponsored attackers are now targeting not only governments but also seeking to disrupt economies, compromise critical infrastructure, and create global chaos.
Organizations face direct attacks and risk becoming collateral damage as adversaries exploit vulnerabilities in supply chains and shared services.
In this scenario, understanding geopolitical dynamics is crucial for effective long-term risk management. CISOs acknowledge the volatile situation, noting there are no standard playbooks for managing geopolitical risk.
Instead, it requires a return to traditional risk management. Strong alignment between security teams and business functions is essential to navigate the complexities introduced by geopolitical risks.
While 66% of organizations believe AI will have the most significant impact on cybersecurity in the coming year, only 37% have processes in place to evaluate the security of AI tools before deploying them.
According to the World Economic Forum, this highlights a paradox: Despite recognizing AI-driven cybersecurity risks, many organizations rapidly adopt AI without implementing adequate safeguards to ensure cyber resilience.
Additionally, 72% of respondents report a rise in organizational cyber risks, with ransomware remaining a key concern.
Nearly 47% of organizations identify advancements driven by generative AI (GenAI) as their primary worry, as it enables more sophisticated and scalable attacks.
In 2024, there was a notable spike in phishing and social engineering incidents, with 42% of organizations reporting such cases.
Cyber resilience—the ability to reduce the impact of major cyber incidents—requires ongoing vigilance and adaptive strategies. 72% of organizations report rising cyber risks and 63% point to a complex and evolving threat landscape as their biggest challenge.
Half of the organizations rank information-sharing and threat intelligence through Computer Emergency Response Teams (CERTs) and Information Sharing and Analysis Centers (ISACs) as the most effective international cooperation measures.
However, these efforts are often fragmented, limiting their overall impact.
Effective incident response depends on fostering a culture of openness and collaboration. High-resilience organizations encourage reporting by providing cyber training (76%), support teams (62%), and anonymous reporting channels (48%).
This collaborative mindset is critical for tackling sophisticated, borderless cyber threats for WEF.