Bad actors get better at finding and exploiting vulnerabilities, and enterprises bemoan their limited internal resources that makes it hard to be proactive in cybersecurity.
With each passing year, the threat environment seems to intensify while costs associated with a breach soar.
So why should 2025 be any different? Recent research reveals most security professionals expect more of such difficulties ahead, thanks to a variety of issues including more state-backed cybercrime.
Findings from the World Economic Forum’s Global Security Outlook Report 2025, conducted in partnership with Accenture, underscored the challenges enterprises and smaller organisations are facing amid global turmoil, relentless threat actors, and fast-evolving technology innovation.
Size matters in cybersecurity
The results of the World Economic Forum (WEF) survey of cybersecurity professionals in 57 countries also showed major differences in organisations based on size. Some 35% of small organisations are concerned that their cyber resilience is lacking, seven times more than in 2022. Large enterprises reported the opposite, with half as many saying their cyber resilience was unsatisfactory.
There is a dichotomy in cybersecurity confidence comparing public and private sector organisations. Some 38% of surveyed government participants said they worry they are unprepared for a breach. Only 10% of mid-sized and large enterprise expressed concerns. Public sector anxiety incorporates the fear of 49% who worry their security skill sets are inadequate to accomplish cybersecurity objectives, a jump of 33% over last year.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataGeopolitical tensions factor into corporate decision making
Geopolitical tensions are holding sway over corporate cybersecurity strategies, with just under 60% of organisations saying it factors into their decision-making and contributes their understanding of risks. Cyber espionage and loss of sensitive and high-value data are their biggest worries.
In recent years, concerns about critical infrastructure accelerated with threat actors compromising IT and OT systems. There is significant difference by region in the level of faith organisations have in their country’s ability to protect critical infrastructure.
Respondents in Latin America followed by Africa had the least confidence in their government’s effectiveness in defending critical infrastructure. Organisations in North America and Europe had the highest level of conviction in their country’s critical infrastructure security.
Supply chain issues
With respect to threats, 54% of the respondents said supply chain issues were the largest obstacle to maintaining cyber resilience. Across industries, the complicated and highly distributed nature of supply chains and the lack of control and insight into third-party distribution networks has been an issue for years.
Cybercriminals recognise these vulnerabilities and are stepping up their tactics to exploit them.
AI tools cybersecurity gap
AI is part of most technology conversations, and for good reason. Advances came rapidly in recent years and adoption is soaring. But two concerns give organisations pause: the integrity of data output and security of AI systems.
A strong 66% of the WEF survey respondents anticipate AI will have a sweeping impact on cybersecurity in 2025. But just 37% said they have processes in place to make sure their AI tools are secure before they deploy them. This is a gap that threat actors are sure to exploit.
