The growing complexity of global cybersecurity: Moving from challenges to action
The relationship between cybersecurity and economic stability has never been more evident.
Image: REUTERS/Stephanie Lecocq
Stay up to date:
Cybersecurity
- Various factors like emerging technologies and geopolitical tensions are complicating the cybersecurity landscape.
- The increasing complexity of the cyberspace was a major topic of discussion at the Annual Meeting 2025 in Davos, Switzerland.
- Through continued collaboration and innovation, we can work toward a future where cybersecurity becomes a source of strength rather than vulnerability.
As we enter 2025, our latest Global Cybersecurity Outlook reveals an unprecedented convergence of challenges reshaping the digital security landscape.
While the complexity of today's cyber environment is daunting, our focus at the World Economic Forum's Centre for Cybersecurity must be on translating this complexity into concrete actions that organizations can implement to enhance their resilience.
The widening cyber inequity gap
The most pressing concern emerging from our research is the growing cyber inequity between the "haves" and "have-nots." This disparity manifests across three critical dimensions, each with its own set of challenges and implications for global cyber resilience.
First, the gap between large and small organizations has reached alarming proportions. While larger enterprises continue to strengthen their cyber defenses, 35% of small organizations now report insufficient cyber resilience — a sevenfold increase since 2022. This disparity is particularly concerning as small organizations often form critical links in global supply chains, making their vulnerabilities potential entry points for attackers targeting larger enterprises.
Second, the divide between developed and developing markets continues to widen. While only 15% of organizations in Europe and North America lack confidence in their countries' preparedness to respond to major cyber incidents, this figure rises to 36% in Africa and 42% in Latin America. This geographic disparity creates systemic vulnerabilities that adversaries can exploit, potentially affecting global digital infrastructure.
Third, we observe significant variations in cyber maturity across different industry sectors. The public sector appears particularly vulnerable, with 38% of respondents perceiving their resilience as inadequate, compared to just 10% of medium-to-large private-sector organizations. This sectoral inequity creates dangerous gaps in our collective defense.
Cybersecurity economics and supply chain risk
The relationship between cybersecurity and economic stability has never been more evident. As observed during recent discussions at the World Economic Forum’s Annual Meeting 2025 in Davos, critical infrastructure protection has become a paramount concern.
In a public session on Defending the Cyber Frontlines, Siemens Energy Chairman Joe Kaeser recounted the Stuxnet incident, illustrating the complex challenges companies face when their components become unwitting participants in state-sponsored cyber operations. The incident further highlights the need for better coordination between public and private sectors.
Supply chain vulnerabilities have also emerged as a preeminent challenge, with 54% of large organizations identifying this as their greatest barrier to achieving cyber resilience. The complexity of modern supply chains, combined with increasing digital interconnectedness, creates countless systemic points of failure that can have far reaching consequences for organizations and economies.
Accept our marketing cookies to access this content.
These cookies are currently disabled in your browser.
AI's security paradox and emerging threats
Our research has identified a striking paradox in how organizations approach artificial intelligence and cybersecurity. While two-thirds of organizations recognize AI's potential to significantly impact cybersecurity, barely more than a third have implemented proper processes to assess the security of AI tools before deployment. This gap between recognition and readiness creates significant vulnerabilities as organizations rush to adopt AI technologies without adequate security controls.
On the flip side, AI technologies can help enhance the efficacy of cybercriminal exploits and provide economies of scale. Deepfakes and vishing can also have a significant impact in the proliferation of frauds as evidenced in several cases over the past year.
The evolving nature of cyber conflict adds another layer of complexity. As Cloudflare CEO Matthew Prince observed in Davos, despite predictions of massive escalation in cyberattacks, we've seen a form of deterrence emerge among major powers, similar to nuclear deterrence, based on the fear of mutually assured destruction. However, this dynamic primarily benefits larger nations, leaving smaller countries and organizations more vulnerable.
International norms and cooperation
The challenges we face require unprecedented levels of international cooperation. During discussions in Davos, International Committee of the Red Cross President Mirjana Spoljaric Egger emphasized that international humanitarian law principles already provide a framework for responsible behavior in cyberspace. These norms exist and apply to cyber operations, particularly regarding the protection of civilian infrastructure and essential services.
However, implementation remains a challenge prompting the need for a framework to establish clearer rules of engagement in cyberspace while respecting different political systems.
In a Davos session on Cutting through Cyber Complexity, Hoda Al Khzaimi, Associate Vice Provost for Research Translation and Entrepreneurship at New York University Abu Dhabi, noted that attackers often possess greater agility and access to information, while regulations to counter these threats remain misaligned. The expert panellists maintained that collaboration between governments, agencies and the private sector remain essential for addressing such cybersecurity challenges.
Accept our marketing cookies to access this content.
These cookies are currently disabled in your browser.
Moving from complexity to action
While the challenges we face are complex, our response must focus on concrete, actionable steps. Based on our research and engagement with global leaders, we recommend organizations prioritize:
Strengthening AI security controls: In Davos, the Forum released a white paper, AI and Cyber: Balancing Risks and Rewards, to help organizations understand the key security risks associated with AI adoption. The paper, which was developed in collaboration with the University of Oxford, calls on organizations to take steps to identify the potential risks and vulnerabilities; to assess potential negative impacts; to balance residual risk against the potential rewards; and to repeat mitigation efforts throughout the AI life cycle.
Talent development: The cybersecurity sector faces a critical shortage of skilled professionals. This represents both a challenge and an opportunity, as cybersecurity has become one of the fastest-growing job markets globally, second only to artificial intelligence. While some remain sceptical of its implications, many view AI as a tool to empower and augment workforce capabilities. A Forum white paper, Strategic Cybersecurity Talent Framework, provides actionable approaches for public and private sector to build and sustain a skilled cybersecurity workforce.
Supply chain resilience: Organizations must move beyond periodic assessments to implement continuous monitoring and collaboration with partners. This includes sharing threat intelligence and best practices across the ecosystem. The Centre for Cybersecurity continues to advance these discussions to promote cyber resilience with partners and communities of diverse industries.
Economic impact assessment: Companies need to develop more sophisticated models for evaluating both direct and indirect costs of potential cybersecurity incidents incorporating these assessments into their risk management frameworks. Focusing on the intersection of cybersecurity and economics, the World Economic Forum launched the Riyadh Centre for Cyber Economics to support public and private decision-makers with insights on how to strengthen global economic resilience against cyber threats.
Cross-sector partnerships: Building stronger partnerships between public and private sectors is essential, particularly to advance cyber equity in smaller organizations and developing markets to defend against cyber threats. The Partnership Against Cybercrime promotes public-private cooperation to combat cybercrime and serves as a platform for sharing insights and continuously exploring approaches to drive successful collaboration against cybercrime.
The path forward
As we navigate this complex landscape, our focus must remain on translating complexity into practical action. The Forum's Centre for Cybersecurity continues to facilitate collaboration between public and private sector organizations globally and through its various initiatives, the centre is working to better understand and address the economic dimensions of cybersecurity while promoting more equitable access to cyber defense capabilities.
The convergence of geopolitical tensions, technological advancement and economic pressures has created unprecedented complexity in cyberspace. However, this complexity must not paralyze us. Instead, it should motivate us to take concrete actions that enhance our collective security. As we have seen in our discussions with global leaders, solutions exist, but they require coordinated action and sustained commitment from all stakeholders.
Looking ahead, we must focus on building a more inclusive and resilient digital future. This means not only strengthening our technical defenses but also ensuring that the benefits of cybersecurity are more equitably distributed across organizations, sectors, and regions.
Through continued collaboration, innovation and commitment to addressing cyber inequities, we can work toward a future where cybersecurity becomes a source of strength rather than vulnerability in our increasingly connected world.
Accept our marketing cookies to access this content.
These cookies are currently disabled in your browser.
Don't miss any update on this topic
Create a free account and access your personalized content collection with our latest publications and analyses.
License and Republishing
World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.
The views expressed in this article are those of the author alone and not the World Economic Forum.
Forum Stories newsletter
Bringing you weekly curated insights and analysis on the global issues that matter.
More on CybersecuritySee all
David Elliott
February 4, 2025
Akhilesh Tuteja
January 31, 2025