Top Cyber Vulnerabilities for 2025

According to the World Economic Forum’s Global Cybersecurity Outlook, cyber threats in 2025 will be shaped by increasingly sophisticated ransomware, social engineering and AI-powered cyber-attacks. Here are six key cybersecurity vulnerabilities cited by the WEF in a summary of its report:

– Supply chain concerns: 54% of large organizations cite supply chain challenges as the biggest barrier to cyber resilience, driven by complexity and lack of visibility into suppliers’ security.

– Geopolitical tensions: Almost 60% of organizations say geopolitical issues affect their cybersecurity strategy, with CEOs concerned about cyber espionage and IP theft, and cyber leaders focused on disruption of operations.

– AI adoption risks: Despite growing reliance on AI for cybersecurity, many organizations lack processes to properly assess the security of AI tools before deployment, creating a gap in managing associated risks.

– Generative AI and cybercrime: Almost three-quarters of organizations report rising cyber risks, with generative AI fuelling more sophisticated social engineering and ransomware attacks; 42% saw an uptick in phishing incidents.

– Regulatory challenges: Fragmentation of cybersecurity regulations across jurisdictions poses compliance challenges for 76% of CISOs, despite the role of regulations in improving cyber resilience.

– Cyber talent shortage: The cyber skills gap increased by 8% in 2024, with two-thirds of organizations facing moderate-to-critical talent shortages and only 14% confident in their current team’s capabilities.

One of the interesting developments noted by the WEF is that although 66% of organizations see AI tools as the biggest cybersecurity game-changer, only 37% have safeguards to assess those tools before use.