Global Cybersecurity Outlook 2026 Regional Analysis North America

How does your organization address supply chain cyber risk? North AmericaWe simulate cyber incidents and/or plan recovery exercises with our ecosystem partnersWe align our cyber resilience strategy among our ecosystem partners We map our ecosystem in detail to understand where we or our partners are exposed to cyber threatsWe assess the security maturity of our suppliers We share information on threats with partners in our ecosystem (customers, suppliers, partners)We involve our security function in the procurement process 77% 75% 40% 33% 32% 31% Supply chain –The top three cyber risks related to supply chain security reported by organizations in this region are: 1. Inheritance risk: Inability to assure integrity of third-party software, hardware and services 2. Visibility: Lack of visibility into own organization’s extended supply chain 3. Concentration risk: A high degree of dependence on critical third-party suppliers –To mitigate these risks, 77% of organizations in this region prioritize involving the security function in procurement processes (overall average across all regions: 65%), while 75% assess their supplier maturity (overall average across all regions, 66%). –The top three challenges to achieving cyber resilience reported by organizations in this region are: 1. Rapidly evolving threat landscape and emerging technologies (68%) 2. Third-party and supply chain vulnerabilities (47%) 3. Legacy systems (37%) –92% report active engagement from their board in cybersecurity matters, which is in line with the global average (93%). With regard to the ways in which your board is engaged in cybersecurity, the following statements apply: 92% 8% Board is engaged in cybersecurity Board is not engaged in cybersecurity Cyber skills –48% of organizations in North America report a lack of workforce skills required to meet their current cybersecurity objectives, almost matching the global average of 49%. –DevSecOps Engineer is the most critical missing cybersecurity role in this region. Does your organization’s workforce have the skills needed to achieve its current cybersecurity objectives? Yes, we have the people and skills we need today No, we are missing critical people and skillsSouth Asia 57% 43% Europe and Central Asia 57% 43% East Asia and Pacific 56% 44% Middle East and North Africa 53% 47% North America 52% 48% Latin America and the Caribbean 35% 65%Sub-Saharan Africa 37% 63% To read the full report Global Cybersecurity Outlook 2026 on cybersecurity risks and trends at a global scale, please visit wef.ch/cybersecurity26. Explore the data deeper with our accompanying Data Explorer .*Some graphs may show percentages exceeding 100% due to multiple-choice questions and rounding.