Cybersecurity is stepping into a new era of complexity

Cybersecurity is entering a new era of complexity, according to the World Economic Forum’s Global Cybersecurity Outlook 2025 report.

Growing complexity intensifies cyber inequity

This complexity arises from the rapid growth of emerging technologies, prevailing geopolitical uncertainty, the evolution of threats, regulatory challenges, vulnerabilities in supply chain interdependencies and the growing cyber skills gap.

Growing complexity further intensifies cyber inequity, deepening the divide between developed and emerging economies, expanding sectoral disparities, and widening the gap between large and small organizations.

“Cyberspace is more complex and challenging than ever due to rapid technological advancements, growing cybercriminal sophistication and deeply interconnected supply chains,” said Jeremy Jurgens, Managing Director, World Economic Forum. “Collaboration between public and private sector stakeholders is paramount to secure the benefits of digitalization for all.”

Increasing interdependency introduces vulnerabilities within supply chains, contributing to the growing complexity in cyberspace; 54% of large organizations consider supply chain challenges as the greatest barrier to achieving cyber resilience.

The prevailing turmoil has affected the perception of risks, with one in three CEOs citing cyber espionage and loss of sensitive information/ intellectual property theft as their top concern, while 45% of cyber leaders are concerned about disruption of operations and business processes.

There is a paradox between the recognition of AI-driven cybersecurity risks and the rapid implementation of AI without the necessary security safeguards to ensure cyber resilience. While 66% of organizations expect AI to have a major impact on cybersecurity in 2025, only 37% report having processes in place to assess the security of AI tools before deployment.

Evolution of the threat landscape

The level of sophistication in cyber threats enabled by emerging technologies enhances malicious actors’ ability to operate scams and social engineering attacks, generate disinformation, and execute ransomware at a pace, scope and scale never seen before. 47% of organizations cite adversarial advancements powered by GenAI as their primary concern.

As organizations move more workloads to software-as-a-Service (SaaS) platforms with limited control over configurations,this introduces a significant concentration of risk. A ransomware attack on a major provider could ripple across thousands of dependent businesses, halting operations overnight

While regulations bolster cyber resilience, 76% of CISOs at the 2024 Annual Meeting on Cybersecurity reported that fragmentation of regulations introduces significant compliance challenges.

Since 2024, the cyber skills gap has increased by 8%, with two in three organizations lacking essential talent and skills to meet their security requirements; only 14% of organizations are confident that they have the people and skills they need today.

Insurance is one important tool among the portfolio of risk-management strategies that organizations can employ to address risk, with insurance offerings to cover the impacts from cyber events becoming more mature in recent years. Industry experts estimate that the size of the global market for cyber insurance will grow from $14 billion in 2023 to $29 billion in 2027.