Artificial intelligence, geopolitical fragmentation and a surge in cyber-enabled fraud are redefining the global cyber risk landscape at unprecedented speed, according to the World Economic Forum’s Global Cybersecurity Outlook 2026.
The World Economic Forum (WEF) report, developed in collaboration with Accenture, highlights that cyber-enabled fraud has become a pervasive threat. This shift underscores the growing societal and economic impact of fraud as it spreads across regions and sectors. The report also showcases how AI is supercharging both offensive and defensive capabilities. Geopolitical fragmentation further compounds these risks, reshaping cybersecurity strategies and widening preparedness gaps across regions.
This year marks the fifth edition of the Global Cybersecurity Outlook series, which has traced a steady evolution from pandemic-driven digitalization to today’s increasingly complex cybersecurity landscape. The new findings point to a cyber landscape undergoing profound structural shifts, where cyber resilience can no longer be approached as a technical function alone but as a strategic requirement that underpins economic stability, national resilience and public trust.
“As cyber risks become more interconnected and consequential, cyber-enabled fraud has emerged as one of the most disruptive forces in the digital economy, undermining trust, distorting markets and directly affecting people’s lives,” said Jeremy Jurgens, Managing Director, World Economic Forum. “The challenge for leaders is no longer just understanding the threat but acting collectively to stay ahead of it. Building meaningful cyber resilience will require coordinated action across governments, businesses and technology providers to protect trust and stability in an increasingly AI-driven world.”
The gap between highly resilient organizations and those falling behind remains stark, with skills shortages and resource constraints amplifying systemic risk. Meanwhile, global supply chains have become more interconnected and opaque, turning third-party dependencies into systemic vulnerabilities. These dynamics are converging at a moment when inequalities in cyber capabilities are widening, leaving smaller organizations and emerging economies disproportionately exposed.
“The weaponization of AI, persistent geopolitical friction and systemic supply chain risks are upending traditional cyber defences. For C-suite leaders, the imperative is clear; they must pivot from traditional cyber protection to cyber defence powered by advanced and agentic AI to be resilient against AI-driven threat actors,” said Paolo Dal Cin, global lead, Accenture Cybersecurity. “True business resilience is built by fusing cyber strategy, operational continuity and foundational trust—enabling organizations to swiftly adapt to the dynamic threat landscape.
The report identifies key factors that shape the evolving cyber landscape of 2026. These include:
- AI is accelerating cybersecurity risks at unprecedented speed. AI-related vulnerabilities rose faster than any other category in 2025, with 87% of respondents reporting an increase. Data leaks linked to generative AI (34%) and advancing adversarial capabilities (29%) are among the leading concerns for 2026. Meanwhile, 94% of leaders expect AI to be the most consequential force shaping cybersecurity in 2026. Organizations are responding, nearly doubling the share assessing AI security, from 37% to 64%.
- Geopolitics is redefining the global cybersecurity threat landscape, with 64% of organizations now factoring geopolitically motivated attacks into their risk strategies and 91% of the largest enterprises adjusting their cybersecurity posture accordingly. 31% of respondents expressed low confidence in their country’s ability to manage major cyber incidents. Confidence levels vary widely, from 84% in the Middle East and North Africa to 13% in Latin America and the Caribbean.
- Cyber-enabled fraud has become a pervasive global threat. A striking 73% of respondents were or knew someone directly affected in 2025 and CEOs now rank fraud and phishing ahead of ransomware as their top concerns.
- Supply chains remain a major systemic vulnerability. Among large companies, 65% cite third-party and supply chain risks as their greatest cyber resilience barrier, up from 54% last year. Concentration risk is also intensifying, with incidents at major cloud and internet service providers demonstrating how infrastructure-level failures can trigger widespread downstream impacts across interconnected digital ecosystems.
- Cyber inequity is widening across regions and sectors. Smaller organizations are twice as likely to report insufficient resilience compared to large firms. Regionally, the shortage of cybersecurity talent is most pronounced in Latin America and the Caribbean, with 65% of organizations reporting insufficient skills to achieve their security objectives, while 63% of organizations in sub-Saharan Africa face similar constraints.
“Developments in AI are reshaping multiple domains, including cybersecurity. When deployed responsibly, these technologies can strengthen cyber defences by supporting faster detection and response. But if misused or poorly governed, they can also introduce serious risks, from data leaks to cyberattacks,” said Josephine Teo, Minister for Digital Development and Information and Minister-in-Charge of Cybersecurity & Smart Nation Group, Singapore. “Governments therefore need a forward-looking and collaborative approach to ensure AI enhances cyber resilience while minimizing risks that increasingly transcend borders.” The report calls on leaders across sectors to move beyond isolated efforts and commit to raising the collective baseline by sharing intelligence, aligning standards and investing in the capabilities needed to ensure all organizations can benefit from a more secure and resilient digital environment. The survey draws on insights from 804 global business leaders in 92 countries, including 105 CEOs, 316 chief information security officers and 123 other C-suite executives, including chief technology officers and chief risk officers.
