Cybersecurity and resilience will be a key topic of the Forum's Annual Meeting in Davos 2024. Image: Unsplash/Marek Piwnicki
- The World Economic Forum's Global Cybersecurity Outlook 2024 explores the multifaceted challenges facing leaders as they look to build cyber-resilience in their organizations.
- From skills shortages to the rise of generative AI, the report identifies the opportunities and the hurdles new technologies bring.
- Cybersecurity and resilience will be a key topic of the Forum's Annual Meeting in Davos 2024.
A significant divide is growing between cyber-resilient organizations and those that have yet to put adequate measures in place, according to the latest World Economic Forum Global Cybersecurity Outlook.
Faced with a range of challenges, hurdles and threats, organizations face a 'myriad' of transitions. There are causes for optimism, though, with cyber-resilience increasingly on leaders' agendas.
“As the cyber realm evolves in response to emerging technologies and shifting geopolitical and economic trends, so do the challenges that threaten our digital world,” said Jeremy Jurgens, Managing Director, World Economic Forum. “We urgently need coordinated action by key public-private stakeholders if we are to collectively address these complex, ever-evolving threats and build a secure digital future for all.”
Here are the key findings of this year's report.
The rise of cyber inequity
The divide between cyber-resilient organizations and those that aren't is highlighted by the lack of a "middle-grouping" – those with basic cybersecurity protocols in place – the report says.
It notes that small and medium enterprises, which make up a significant proportion of many countries' economies, are disproportionately affected.
Indeed, 90% of executives surveyed at our Annual Meeting of Cybersecurity in November 2023 said urgent action was needed to address this growing inequity.
31%
Drop in organizations reporting a minimum cyber resilience since 2022.
25%
Just a quarter of small organizations have cyber insurance.
The risks associated with emerging technologies
The rise of new and emerging technologies will also exacerbate existing challenges. Organizations must develop a better understanding of the impact of the new technologies they adopt, such as generative AI, from the perspective of cyber-resilience, the report warns.
Concerns around generative AI include its ability to enhance cyber adversaries' existing activities, such as phishing and the spreading of misinformation.
56%
Leaders who believe gen AI will advantage cyberattackers over defenders in the next two years.
7%
Forecast impact of Gen AI on global GDP over a 10-year period.
The widening cyber skills and talent shortage
Attracting and retaining cybersecurity talent is vital, but there is already a shortage of available professionals – as well as the lack of a robust talent pipeline – the report points out.
Emerging technologies are only set to increase this demand, with the number of leaders reporting shortages of skilled staff to respond to cyber incidents increasing year-on-year, rising from 6% in 2022 to 20% this year.
52%
Public organizations reporting skills and resourcing is their biggest cyber resilience challenge.
15%
Organizations that are confident cyber skills and education will improve in the next two years.
Increasing recognition of cyber resilience in organizational risk management
Security executives have expressed increased concern about the level of cyber resilience in their business in this year's report.
And, the growing awareness of cyber-risk and cybercrime among business executives has led to increased concern about their organization's ability to be cyber resilient.
Business and cyber leaders must continue to invest in and build awareness of security fundamentals, the report stresses.
45%
leaders who say operational disruptions is their biggest concern.
29%
Organizations reporting a material impact cyber incident in the previous 12 months.
Cyber ecosystem risk is becoming more problematic
While significant cyber-risk remains among third parties and within supply chains, collaboration between organizations can create opportunities to build resilience, the report says.
These partnerships are both an organization's "greatest asset and biggest hindrance to secure, resilient and trustworthy digital future".
Understanding supply chain risks and those from third-party relationships is essential for organizations to increase their cyber-resilience, it warns.
51%
Leaders who say supply chain partners have not asked them for proof of their cybersecurity posture.
41%
Organizations who suffered a material incident in the previous 12 months say a third party caused it.
Building cyber resilience
The growing gap in cyber resilience is being driven by the ability to cultivate best practices, attracting the right talent and the cost of the correct tools and services, according to the report.
This inequity means some organizations will win and some will lose out. However, there are reasons to be optimistic, the report stresses. The fundamentals that cyber professionals have put in place are working.
However, there needs to be a concerted effort to change the current trajectory.
“No country or organization is spared from cybercrime, yet many are direly underequipped to effectively face the threats, and we cannot have effective global response mechanisms without closing the capacity gap,” said Jürgen Stock, Secretary General, INTERPOL.
“It is crucial that key stakeholders work collaboratively towards immediate, strategic actions that can help ensure a more secure and resilient global cyberspace."
Cyber resilience at Davos
Cybersecurity and resilience will be on the agenda at our Annual Meeting in Davos from 15-19 January. Find out more about the meeting here and follow events via the website and across our social media channels.