Cyber fraud has overtaken ransomware as the top concern for global CEOs. Alongside nations being unprepared for a cyber-attack, global business leaders also feel that digital fraud and malicious software pose the greatest cyber risks to them.
The World Economic Forum’s latest edition of the Global Cybersecurity Outlook survey found that 87% of respondents experienced rising AI-related vulnerabilities in 2025. 94% of leaders expect AI to be the biggest force shaping cybersecurity in 2026.
31% report low confidence in their nations’ ability to respond to critical infrastructure attacks and geopolitical volatility.
Managing director of the World Economic Forum, Jeremy Jurgens, says that cyber risks are more interconnected and consequential, and cyber fraud is one of the digital economy’s most disruptive forces. It undermines trust, distorts markets, and directly affects people’s lives.
“The challenge for leaders is no longer just understanding the threat but acting collectively to stay ahead of it. Building meaningful cyber resilience will require coordinated action across governments, businesses and technology providers to protect trust and stability in an increasingly AI-driven world.”
Skill shortages and resource constraints amplify the risks to businesses. Not every organisation can build resilience against cybercrime. Businesses must pivot to more advanced cyber defences to be resilient against evolving AI-driven threats.
“The weaponization of AI, persistent geopolitical friction and systemic supply chain risks are upending traditional cyber defences,” said Paolo Dal Cin, global lead, Accenture Cybersecurity.
“True business resilience is built by fusing cyber strategy, operational continuity and foundational trust—enabling organizations to swiftly adapt to the dynamic threat landscape.”
Data leaks linked to generative AI tools are also emerging as a major concern, flagged by around one-third of respondents. With 94% of leaders expecting AI to be the most consequential force shaping cybersecurity in 2026, organisations are already shifting their approach.
The share of businesses actively assessing AI-related security risks has climbed sharply, nearly doubling from 37% to 64%.
Cyber risks are also spreading beyond internal systems. In 2025, 73% of respondents said they were directly affected by a cyber incident or knew someone who was.
For large organisations, third-party exposure is now a dominant weakness, with 65% identifying supply chain and external partner risks as their biggest barrier to cyber resilience, up from 54% the year prior.
The report also warns that cyber inequity is widening, with smaller organisations roughly twice as likely as larger companies to report inadequate resilience. Skills shortages remain one of the most pressing constraints globally, and are most severe in regions already facing limited resources.
In Latin America and the Caribbean, 65% of organisations report not having enough cybersecurity talent to meet their security goals, while 63% in sub-Saharan Africa face similar shortfalls.
Cyber resilience cannot be built in silos. Leaders across government, business, and technology must strengthen the collective baseline by sharing threat intelligence, aligning standards, and investing in skills and capability development, so that more organisations can operate safely in an increasingly AI-driven digital economy.
