Ahead of the club of the rich and powerful the World Economic Forum’s 54th annual meeting in Davos next week, the WEF has brought out its Global Cybersecurity Outlook 2024 report, developed with the consultancy Accenture, on cyber trends, based on surveys carried out between June and November 2023.
Jeremy Jurgens, Managing Director, World Economic Forum, Switzerland, said: “As the cyber realm evolves in response to emerging technologies and shifting geopolitical and economic trends, so do the challenges that threaten our digital world. We urgently need coordinated action by key public-private stakeholders if we are to collectively address these complex, ever-evolving threats and build a secure digital future for all.”
The report sees an increasingly stark divide between cyber-resilient organizations and those that are struggling as a key risk for 2024. The number of organizations that maintain minimum viable cyber resilience is down 30 per cent compared to last year. While large organizations have demonstrated notable gains in cyber resilience, small and medium-sized companies showed significant decline, according to the study.
This growing inequity is being fuelled by macroeconomic trends, industry regulation and, crucially, early adoption of paradigm-shifting technology by some. A cyber skills and talent shortage continues to widen at an alarming rate, the report adds. Only 15pc of all organizations are optimistic about cyber skills and education significantly improving in the next two years.
In an interconnected world this growing rift means no organisations are completely safe. According to the report, external partners are both the greatest asset and the biggest hindrance to the cybersecurity of any organisation. In fact, 41pc of the organizations surveyed that suffered a material incident in the past 12 months say it was caused by a third party.
Jürgen Stock, Secretary-General of international police body Interpol, said: “No country or organization is spared from cybercrime, yet many are direly under-equipped to effectively face the threats, and we cannot have effective global response mechanisms without closing the capacity gap. It is crucial that key stakeholders work collaboratively towards immediate, strategic actions that can help ensure a more secure and resilient global cyberspace.”
Emerging technologies, such as artificial intelligence (AI), are part of the outlook. Fewer than one in ten respondents believe that in the next two years generative AI will give the advantage to defenders over attackers, and about half of experts surveyed agree that generative AI will have the most significant impact on cybersecurity in the next two years. Its rise is stoking fears among experts about the exacerbation of long-standing challenges, with around half of executives saying that AI-driven advances in adversarial capabilities of cyber criminals (phishing, malware, deepfakes) present the most concerning impact of generative AI on cybersecurity.
Experts also saw an encouraging increase in focus on the importance of cybersecurity globally, particularly at the executive and CEO levels. The incorporation of cyber resilience into organizational risk management is also becoming more common, as per the report.
Paolo Dal Cin, Global Lead, Accenture Security, said: “Cyber resilience is increasingly dependent on a C-suite team that closely collaborates and communicates security priorities across the business and the industry. This approach provides a clear view of cyber risks and allows security to be embedded from the start in all strategic business priorities as well as across third parties, vendors and suppliers.”
See also the Forum’s global risks report which includes cyber.
