While 66% of organizations expect AI to have the most significant impact on cybersecurity in the year to come, only 37% report having processes in place to assess the security of AI tools before deployment. This reveals the paradox of the gap between the recognition of AI-driven cybersecurity risks and the rapid implementation of AI without the necessary security safeguards to ensure cyber resilience. Some 72% of respondents report an increase in organizational cyber risks, with ransomware remaining a top concern. Nearly 47% of organizations cite adversarial advances powered by generative AI (GenAI) as their primary concern, enabling more sophisticated and scalable attacks. In 2024 there was a sharp increase in phishing and social engineering attacks, with 42% of organizations reporting such incidents. Regulations are increasingly seen as an important factor for improving baseline cybersecurity posture and building trust. However, their proliferation and disharmony are creating significant challenges for organizations, with more than 76% of chief information security officers (CISOs) at the World Economic Forum’s Annual Meeting on Cybersecurity in 2024 reporting that fragmentation of regulations across jurisdictions greatly affects their organizations’ ability to maintain compliance. Since 2024, the cyber skills gap has increased by 8%, with two out of three organizations reporting moderate-to-critical skills gaps, including a lack of essential talent and skills to meet their security requirements. Furthermore, only 14% of organizations are confident that they have the people and skills they need today.Rapid adoption of AI introduces new vulnerabilities Generative AI is augmenting cybercriminal capabilities, contributing to an uptick in social engineering attacks Regulations bolster cyber resilience, yet their fragmentation introduces significant compliance challenges Organizations are grappling with a shortage of critical cyber talentIn your view, which of the following will most signiﬁcantly affect cybersecurity in the next 12 months?Does your organization have a process in place to assess the security of AI tools before deploying them? 0 20% 10% 30% 50% 40% 70% 60%AI / machine learning technologies (generative AI, malicious use of AI, AI-driven detection and response) Convergence of IT and OT security Cloud technologies (greater adoption of cloud solutions) Quantum technologies (computing, encryption) Decentralized technologies (secure multi-party computation, blockchain) Satellite technologies (communication, GPS, internet) Other66% 13% 11% 4% 3% 2% 2%63%37% Yes NoCybersecurity vulnerabilities anticipated in 2025 FIGURE E Global Cybersecurity Outlook 2025 7