Cyber risk accelerates in 2026 as AI, fraud and geopolitics reshape digital defence

By TechWatch PH Staff

Cybersecurity is entering one of its most dynamic and complex years yet, according to the World Economic Forum’s Global Cybersecurity Outlook 2026. 

The annual report, developed with Accenture and based on a survey of global leaders, shows that artificial intelligence (AI), geopolitical tensions and widening capability gaps are fundamentally altering how risk is perceived and addressed across industries and governments.

AI: both shield and sword

AI is now the most consequential force shaping the cyber landscape. An overwhelming 94 percent of respondents say AI will drive cybersecurity change in 2026, with organizations nearly doubling the share assessing AI security from last year — from 37 percent to 64 percent. 

Yet AI’s impact cuts both ways: while it strengthens detection and automation, 87% report that AI-related vulnerabilities grew faster than any other risk in 2025.

This duality is already influencing boardroom priorities. Cyber-enabled fraud — including AI-assisted scams, phishing and invoice fraud — has surged to become CEOs’ top concern, overtaking traditional threats like ransomware. More than 73% of respondents or their networks were affected by such fraud in 2025.

The data underscores how AI-related risks have surged to the top of global cybersecurity concerns, with 87 percent of respondents saying AI vulnerabilities increased over the past year, making it the fastest-growing threat category. 

Photo courtesy of World Economic Forum

Cyber-enabled fraud and phishing followed closely at 77 percent, reflecting how attackers are increasingly leveraging automation and generative tools to scale scams. 

Supply chain disruption (65 percent) and the exploitation of software vulnerabilities (58 percent) also showed significant growth, highlighting persistent weaknesses in interconnected digital ecosystems. 

Traditional threats like ransomware (54 percent) continue to rise, while insider threats and denial-of-service attacks were largely seen as stable rather than declining. 

Geopolitics and supply chains add complexity

The report highlights that geopolitical fragmentation is not a backdrop but a driver of cyber risk strategies. 

About 64 percent of organisations now explicitly incorporate geopolitically motivated attacks — such as intrusions targeting critical infrastructure or espionage — into their mitigation plans. 

Responses remain uneven: while some regions express high confidence in national cyber readiness, others — particularly in Latin America and the Caribbean — report low confidence.

Supply chain resilience has also climbed the agenda. With global networks of third-party vendors, 65 percent of large companies now cite supply chain vulnerabilities as one of their largest cyber resilience challenges, up sharply from last year.

The resilience gap remains wide

Across sectors, disparities in cyber capability persist. Public sector organisations frequently report insufficient resilience compared with larger private entities, underscoring a broader digital divide. This gap compounds the emerging “sovereignty dilemma” — where concerns about national autonomy and fractured cooperation constrain collective defence.