Geopolitical tensions and adoption of AI top key threats to cyber security, global report warns

The Global Cybersecurity Outlook, 2025 has warned that escalating geopolitical tensions and ongoing rapid adoption of artificial intelligence (AI) will contribute to increased complexities in the sector.

The two, according to the report, may worsen the current leading cyber risks including ransomware attacks, AI-enhanced tactics – such as phishing, vishing and deepfakes – and supply chain attacks.

The report makes a deep analysis of the most important drivers of complexity and provides valuable insights into the most pressing cyber challenges in the year ahead and their potential implications, noting that nearly 60 per cent of organisations state that geopolitical tensions have affected their cybersecurity strategy.

"Geopolitical turmoil has also affected the perception of risks, with one in three CEOs citing cyber espionage and loss of sensitive information/intellectual property (IP) theft as their top concern, while 45 per cent of cyber leaders are concerned about disruption of operations and business processes," the report that relied on a survey conducted on 409 survey participants from 57 countries notes.

New vulnerabilities

It also adds that the inevitable adoption of AI introduces new vulnerabilities that contribute to an uptick in social engineering attacks and consequently a more uncertain environment which translates to an unpredictable risk landscape.

The report found some 72 per cent of respondents report an increase in organisational cyber risks, with ransomware remaining a top concern. Nearly 47 per cent of organisations cite adversarial advances powered by generative AI (GenAI) as their primary concern, enabling more sophisticated and scalable attacks.

In 2024 there was a sharp increase in phishing and social engineering attacks, with 42 per cent of organisations reporting such incidents.

"The rapid adoption of emerging technologies is contributing to new vulnerabilities as cybercriminals harness them effectively to achieve greater sophistication and scale. Simultaneously, the proliferation of regulatory requirements around the world is adding a significant compliance burden for organisations. All of these challenges are exacerbated by a widening skills gap, making it extremely challenging to manage cyber risks effectively,"

This disparity in cyber resilience is further highlighted by regional differences in preparedness. While only 15 per cent of respondents in Europe and North America lack confidence in their country's ability to respond to major cyber incidents targeting critical infrastructure, this proportion rises to 36 per cent in Africa and 42 per cent in Latin America.

The public sector is disproportionately affected, with 38 per cent of respondents reporting insufficient resilience, compared to just 10 per cent of medium-to-large private sector organisations.

This inequity extends to the cyber workforce, with 49 per cent of public-sector organisations indicating they lack the necessary talent to meet their cybersecurity goals – an increase of 33 per cent from 2024.

Cyber skills gap

A key contributor to this is the increased cyber skills gap that has increased by eight per cent since last year, with two out of three organisations reporting moderate-to-critical skills gaps, including a lack of essential talent and skills to meet their security requirements. Furthermore, only 14 per cent of organisations are confident that they have the people and skills they need today.

The report shows that the skills gap widened by 8 per cent from 2024 to 2025, predominantly affecting the public sector, in which 49 per cent of organisations indicated they do not have the workforce to meet their cybersecurity objectives, a 33 per cent increase on 2024.

Other Topics To Read

• Technology
• Headlines
• AI
• Artificial Intelligence
• cybersecurity
• phishing
• Global Cybersecurity Outlook
• social engineering
• cyber espionage
• Geopolitical tensions and adoption of AI top key threats to cyber security
• global report warns

"The cybersecurity sector is grappling with a significant workforce shortage, with estimates of the shortfall ranging from 2.8 million to 4.8 million cybersecurity professionals. The acute scarcity of cybersecurity talent exacerbates the risk landscape, leaving more than two-thirds of organisations vulnerable to sophisticated cyberattacks and breaches due to a lack of critical skills."

Growing challenges

As cyberspace becomes increasingly complex, the report observes that it has the potential of further exacerbating cyber inequity for organisations that are unable to meet growing challenges.

"These challenges demand a comprehensive re-evaluation of cyber strategies at the organisational and ecosystem level to address the complexity that has become inherent in the cyber landscape. A broader understanding of cyber risk is necessary that goes beyond mere "IT" and considers cyber from an overall business risk perspective."

In Kenya, in the three months between July and September 2024, the National KE-CIRT/CC, a multi-agency framework that coordinates response to cyber security matters, detected over 657.8 million cyber threat events, which represented a 41.87 per cent decrease from the 1,131,696,878 threat events detected in the previous period, April-June 2024.

The majority of these attacks, according to the Communications Authority of Kenya, exploited system vulnerabilities, were due to the continued adoption of AI-enabled attacks, other attacks targeted at system misconfigurations, and continued adoption of botnets and distributed denial of service (DDoS) attack techniques.