Amplified attacks with artificial intelligence (AI), increased risks of cyberwar and a global shortage of experts to respond to these dangers were among the main cyber risks that the World Economic Forum (WEF) identified for 2025.
“Despite executives’ increased awareness of the risks of cybersecurity, “Complexity in cyberspace is further exacerbating cyber inequity as resilient organizations move forward, while others struggle with limited resources.”stated Jeremy Jurgens, general director of the WEF; and Paolo Dal Cin, head of Global Security at the firm Accenture, when prefacing the Global Cybersecurity Panorama 2025, released this Monday. “In a borderless cyberspace, greater collaboration between public and private sector actors is crucial to safeguard the benefits of digitalization for all. This is a call to action, and the time to act is now”.
The 2025 report, which the WEF produces annually, draws on data and interviews with leaders in cybersecurity academia and industry, along with the results of a survey administered to cybersecurity executives in 57 countries and affiliated with organizations. of all sizes.
According to the document, This year the escalation of geopolitical tensions in several regions contributes to greater uncertaintyespecially in a world with supply chains that are increasingly integrated and dependent on technology to function.
In parallel, 72% of respondents confirmed that cyber risks in their organizations have increasedwith the hijacking of systems (ransomwarein English) at the top of the list of concerns. Furthermore, in 2024, 42% of organizations reported incidents of social engineering or fraudulent messages seeking to gain access to systems or personal data (phishingin English).
In turn, 66% of organizations cited AI as the most significant impact on cybersecurity in the coming year. However, only 37% reported having processes in place to evaluate the security of AI tools before implementation.
“This reveals the paradox of the gap between the recognition of AI-driven cybersecurity risks and the rapid implementation of AI without the security safeguards necessary to ensure cyber resilience,” the report analyzed.
The talent gap worsens
So much so that, Among organizations surveyed, only 14% said they had enough talent to meet their cybersecurity goals.
“The skills gap widened by 8% from 2024 to 2025, predominantly affecting the public sector, in which 49% of organizations indicated that they do not have the workforce to comply with their cybersecurity,” said the WEF, which at the level Global estimates between 2.8 and 4.8 million of unmet demand for talent trained in cybersecurity.
Crucial to monitor water systems and essential services
As an example of how infrastructure and essential services are already a front of war, the WEF recalled that in the Ukraine war “critical sectors such as energy, telecommunications, water and heating are repeatedly targeted by both cyber and physical attacks. ”,
“As cyber threats continue to evolve, they not only threaten system functionality, but also endanger human safety, increasing the severity and consequences of disruptions to vital infrastructure,” the document warns.
Therefore, the general recommendation was that governments and basic service providers be proactive in monitoring and applying security patches to their systems.
Keep an eye on biosecurity
In light of cyber attacks on laboratories in South Africa and the United Kingdom over the past year, the WEF stressed the importance of reinforcing biosecurity with monitoring and layers of digital and physical protection.
“A 2024 World Health Organization report highlighted several ways cyber threats could compromise biosecurity, including access to sensitive data or research, disruption of laboratory security systems, theft or sabotage of information relevant to biosecurity and espionage for competitive or harmful purposes,” the document detailed.
Latin America lagging behind
In the case of the Latin American region, the WEF report – produced in collaboration with the global firm Accenture – reflected that the majority (58%) of respondents in the region expressed distrust that their country is ready to respond to cyber incidents. on a large scale. In contrast, in Europe and North America, only 15% of those surveyed said they distrusted it.
The lack of national and regional regulations is also emerging as a major risk for Latin America where, to date, there are no standardized protocols, as there are in Europe and the United States.