Enterprise leaders see AI dangers and fraud outpacing ransomware, says WEF
Halfway by way of a decade that’s coming to be outlined by the runaway acceleration of technological change, the specter of ransomware assaults appears to be dropping down the agenda in boardrooms around the globe, with C-suite executives extra involved about rising dangers arising from synthetic intelligence (AI) vulnerabilities, cyber-enabled fraud and phishing assaults, disruption to provide chains, and exploitation of software program vulnerabilities.
That is in line with the fifth annual World Financial Discussion board (WEF) World cybersecurity outlook report, based mostly on a survey of 804 contributors from 92 nations, together with 316 chief data safety officers (CISOs), 105 CEOs and 123 different C-suite executives similar to chief threat or know-how officers, performed between August and September 2025, in addition to workshop discussions and brief polls performed across the discussion board’s World Future Councils and Cybersecurity assembly.
A complete of 87% of those respondents believed dangers from AI elevated prior to now 12 months, in contrast with 13% who had been impartial on the topic. Roughly 77% noticed dangers from fraud and phishing on the rise; 66% talked about provide chain disruption; and 58% recognized vulnerability exploitation as a rising menace.
Nonetheless, when it got here to ransomware, simply 54% noticed rising threat ranges, in contrast with 39% who expressed a impartial opinion, whereas the rest of the respondents, roughly 7%, stated the danger from ransomware truly decreased in 2025.
“Cyber safety threat in 2026 is accelerating, fuelled by advances in AI, deepening geopolitical fragmentation and the complexity of provide chains,” wrote WEF managing director Jeremy Jurgens within the report’s preamble.
“These shifts are compounded by the enduring sovereignty dilemma and widespread cyber inequity, two components that expose systemic vulnerabilities. The result’s a menace atmosphere the place the pace and scale of assaults are testing the bounds of conventional defences.”
AI threat components
Digging deeper into among the threat components arising from AI, the C-suite stated that information leaks, adopted by advancing adversarial capabilities, had been probably the most urgent issues, adopted by the technical safety of AI programs, more and more advanced governance, authorized dangers round mental property and legal responsibility, and software program provide chain and code improvement issues.
Notably, the highest two issues swapped locations within the 2026 report in contrast with final 12 months – with 34% most involved about information publicity this 12 months in contrast with 22% in 2025, whereas the proportion of these most involved about adversarial capabilities fell from 47% final 12 months to 29% this 12 months.
This possible displays a altering, doubtlessly maturing, perspective to AI threat, and the WEF stated it was seeking to a “turning level” within the AI threat panorama this 12 months.
It stated that despite the fact that the AI arms race between defenders and attackers reveals no indicators of slowing, consideration is pivoting from “offensive innovation” in the direction of much less noisy – however arguably extra harmful – components.
A number of the different information factors within the report additionally seem to bear this out, with C-suite executives doubling down on structured processes and governance fashions to higher handle AI.
Quoted within the report, Josephine Teo, Singapore’s minister for digital improvement and data and minister-in-charge of the nation’s Cyber Safety Company and Good Nation Group, stated: “Developments in AI are reshaping a number of domains, together with cyber safety. Carried out nicely, these applied sciences can help and help human operators in detecting, defending and responding to cyber threats.
“Nonetheless, they will additionally pose critical dangers similar to information leaks, cyber assaults and on-line harms in the event that they malfunction, or are misused.”
Teo urged a extra forward-looking, sensible and collaborative method to the protected improvement and use of quickly evolving tech similar to AI.
“The dangers transcend borders, and the problem is to maximise AI’s advantages, together with to strengthen our cyber resilience, whereas minimising its dangers,” she stated.
Ransomware nonetheless a dwell menace
Nonetheless, regardless of the headline dangers detailed within the WEF’s report, the ransomware menace has not gone away – as demonstrated by most of the most well-documented cyber assaults to have taken place in 2025, most of which had been nonetheless finally pushed by extortion.
Certainly, amongst those that recognized as CISOs, ransomware remained the main threat concern. Whereas CEOs concern themselves extra with broader enterprise impacts of cyber crime, CISOs are understandably consumed by the operational disruption a profitable ransomware assault could cause.
This will likely go some strategy to explaining the elevated issues over cyber fraud revealed by the WEF’s information.
A complete of 77% of respondents stated they’d seen a rise in cyber-enabled fraud and phishing, and 72% revealed that both they themselves or somebody of their skilled or private networks had been affected by it – the commonest types of assault reported had been phishing, cost fraud and identification theft.
