A new World Economic Forum report released on Thursday provides a snapshot of the multifaceted challenges facing the global cybersecurity landscape. While increased geopolitical tensions and economic instability continue to concern industry experts, the report spotlights widening cyber inequity and emerging technologies, such as artificial intelligence, as key rising risks for the year ahead in the fast-growing cybersecurity sector.
The Global Cybersecurity Outlook 2024 report, developed in collaboration with Accenture, distils insights of industry experts and global executives about key cyber trends that leaders will need to navigate in 2024, based on a series of surveys carried out between June and November 2023. Given the increasingly complex cyber threat landscape, the report also calls for concerted collaboration, across borders and industries, to counter these interrelated threats and build a more resilient environment.
“As the cyber realm evolves in response to emerging technologies and shifting geopolitical and economic trends, so do the challenges that threaten our digital world,” said Jeremy Jurgens, Managing Director, World Economic Forum, Switzerland. “We urgently need coordinated action by key public-private stakeholders if we are to collectively address these complex, ever-evolving threats and build a secure digital future for all.”
The increasingly stark divide between cyber-resilient organizations and those that are struggling has emerged as a key risk for 2024. The number of organizations that maintain minimum viable cyber resilience is down 30% compared to last year. While large organizations have demonstrated notable gains in cyber resilience, small and medium-sized companies showed significant decline.
This growing inequity is being fuelled by macroeconomic trends, industry regulation and, crucially, early adoption of paradigm-shifting technology by some organizations. In addition, the cyber skills and talent shortage continues to widen at an alarming rate. Only 15% of all organizations are optimistic about cyber skills and education significantly improving in the next two years.
In an interconnected world this growing rift means no organisations are completely safe. According to the report, external partners are both the greatest asset and the biggest hindrance to the cybersecurity of any organisation. In fact, 41% of the organizations surveyed that suffered a material incident in the past 12 months say it was caused by a third party.
“No country or organization is spared from cybercrime, yet many are direly underequipped to effectively face the threats, and we cannot have effective global response mechanisms without closing the capacity gap,” said Jürgen Stock, Secretary-General of INTERPOL. “It is crucial that key stakeholders work collaboratively towards immediate, strategic actions that can help ensure a more secure and resilient global cyberspace.
Emerging technologies, such as artificial intelligence (AI), are another key trend to watch in this year’s outlook. Fewer than one in 10 respondents believe that in the next two years generative AI will give the advantage to defenders over attackers, and approximately half of experts surveyed agree that generative AI will have the most significant impact on cybersecurity in the next two years. Its rise is stoking fears among experts about the exacerbation of long-standing challenges, with around half of executives saying that AI-driven advances in adversarial capabilities of cyber criminals (phishing, malware, deepfakes) present the most concerning impact of generative AI on cybersecurity.
Despite these concerns, experts also highlighted an encouraging increase in focus on the importance of cybersecurity globally, particularly at the executive and CEO levels. The incorporation of cyber resilience into organizational risk management is also becoming more common, as per the report.
“Cyber resilience is increasingly dependent on a C-suite team that closely collaborates and communicates security priorities across the business and the industry,” Paolo Dal Cin, Global Lead, Accenture Security. “This approach provides a clear view of cyber risks and allows security to be embedded from the start in all strategic business priorities as well as across third parties, vendors and suppliers.”