The cyber threat landscape in 2025 will be shaped by increasingly sophisticated attacks, with ransomware, social engineering and AI-powered cybercrime remaining top concerns, according to the World Economic Forum’s latest Global Cybersecurity Outlook.
Data breaches continued at historic levels in 2024, with 3,158 data compromises tracked by the Identity Theft Resource Center – on par with the previous record-breaking year. However, victim notices surged 211% to 1.3 billion, but this was largely due to five mega-breaches, each triggering over 100 million notices.
While 66% of organizations see AI as the biggest cybersecurity game-changer this year, only 37% have safeguards to assess AI tools before use, the report finds. This highlights the gap between awareness of AI risks and its unchecked adoption, adding to the growing complexity of cyberspace, where emerging technologies, geopolitical tensions and supply chain vulnerabilities are creating new challenges for cybersecurity.
Here are six key cybersecurity vulnerabilities anticipated by leaders in 2025:
- Supply chain concerns: 54% of large organizations cite supply chain challenges as the biggest barrier to cyber resilience, driven by complexity and lack of visibility into suppliers’ security.
- Geopolitical tensions: Almost 60% of organizations say geopolitical issues affect their cybersecurity strategy, with CEOs concerned about cyber espionage and IP theft, and cyber leaders focused on disruption of operations.
- AI adoption risks: Despite growing reliance on AI for cybersecurity, many organizations lack processes to properly assess the security of AI tools before deployment, creating a gap in managing associated risks.
- Generative AI and cybercrime: Almost three-quarters of organizations report rising cyber risks, with generative AI fuelling more sophisticated social engineering and ransomware attacks; 42% saw an uptick in phishing incidents.
- Regulatory challenges: Fragmentation of cybersecurity regulations across jurisdictions poses compliance challenges for 76% of CISOs, despite the role of regulations in improving cyber resilience.
- Cyber talent shortage: The cyber skills gap increased by 8% in 2024, with two-thirds of organizations facing moderate-to-critical talent shortages and only 14% confident in their current team’s capabilities.
