The report, released this week, was developed in collaboration with Accenture and identifies cyber trends that business leaders will have to tackle in the year ahead. It was compiled using information from several surveys conducted between June and November 2023.
The WEF says more collaboration between private and public sectors is required to counter threats and establish a more resilient environment.
“As the cyber realm evolves in response to emerging technologies and shifting geopolitical and economic trends, so do the challenges that threaten our digital world,” said Jeremy Jurgens, MD, WEF, Switzerland. “We urgently need coordinated action by key public-private stakeholders if we are to collectively address these complex, ever-evolving threats and build a secure digital future for all.”
The WEF says the increasingly stark divide between cyber-resilient organisations and those that are struggling is also a risk.
The organisation claims the number of businesses that maintain minimum viable cyber resilience is down 30% compared to last year. While large organisations have demonstrated notable gains in cyber resilience, small and medium-sized companies showed significant decline.
This growing inequity is being fuelled by macroeconomic trends, industry regulation and, crucially, early adoption of paradigm-shifting technology by some organisations, the WEF notes.
In addition, the cyber skills and talent shortage continues to widen at an alarming rate. Only 15% of all organisations are optimistic about cyber skills and education significantly improving in the next two years.
In an interconnected world this growing rift means no organisations are completely safe. According to the report, external partners are both the greatest asset and the biggest hindrance to the cyber security of any organisation.
More than 40% of the organisations surveyed that suffered a material incident in the past 12 months say it was caused by a third party.
Jürgen Stock, Secretary-General of Interpol, said, “No country or organisation is spared from cyber crime, yet many are direly underequipped to effectively face the threats, and we cannot have effective global response mechanisms without closing the capacity gap.”
Emerging technologies, such as AI, are another trend to watch in this year’s outlook. Fewer than one in 10 respondents believe that in the next two years GenAI will give the advantage to defenders over attackers, and approximately half of experts surveyed agree that this technology will have the most significant impact on cyber security in the next two years.
Its rise is stoking fears among experts about the exacerbation of long-standing challenges, with around half of executives saying that AI-driven advances in adversarial capabilities of cyber criminals (phishing, malware, deepfakes) present the most concerning impact of generative AI on cyber security.
The incorporation of cyber resilience into organisational risk management is also becoming more common, as per the report.
“Cyber resilience is increasingly dependent on a C-suite team that closely collaborates and communicates security priorities across the business and the industry,” says Paolo Dal Cin, global lead, Accenture Security. “This approach provides a clear view of cyber risks and allows security to be embedded from the start in all strategic business priorities as well as across third parties, vendors and suppliers.”