Executive summary
In 2023 the world faced a polarized geopolitical
order, multiple armed conflicts, both scepticism and
fervour about the implications of future technologies,
and global economic uncertainty. Amid this complex
landscape, the cybersecurity economy
1
grew
exponentially faster than the overall global economy,
and outpaced growth in the tech sector.
2
However,
many organizations and countries experienced that
growth in exceptionally different ways.
A stark divide between cyber-resilient organizations
and those that are struggling has emerged. This
clear divergence in cyber equity is exacerbated
by the contours of the threat landscape,
macroeconomic trends, industry regulation and early
adoption of paradigm-shifting technology by some
organizations. Other clear barriers, including the
rising cost of access to innovative cyber services,
tools, skills and expertise, continue to influence
the ability of the global ecosystem to build a more
secure cyberspace in the face of myriad transitions.
These factors are also ever-present in the
accelerated disappearance of a healthy “middle
grouping” of organizations (i.e. those that maintain
minimum standards of cyber resilience only). Despite
this divide, many organizations indicate clear
progress in certain aspects of their cyber capability.
This year’s outlook also finds cause for optimism,
especially when considering the relationship
between cyber and business executives.
These are the major findings from this year’s Global
Cybersecurity Outlook and the key cyber trends
that executives will need to navigate in 2024:
There is growing cyber inequity
between organizations that are
cyber resilient and those that
are not.
In parallel, the population of organizations that
maintain a minimum level of cyber resilience is
disappearing. Small and medium enterprises
(SMEs),
3
despite making up the majority of many
country’s ecosystems, are being disproportionately
affected by this disparity.
– The number of organizations that maintain
minimum viable cyber resilience is down 30%.
While large organizations demonstrated
remarkable gains in cyber resilience, SMEs
showed a significant decline.
– More than twice as many SMEs as the largest
organizations say they lack the cyber resilience
to meet their critical operational requirements.
– 90% of the 120 executives surveyed at the
World Economic Forum’s Annual Meeting on
Cybersecurity said that urgent action is required
to address this growing cyber inequity.
Emerging technology will
exacerbate long-standing
challenges related to cyber
resilience.
This will in turn accelerate the divide between the
most capable and the least capable organizations.
– As organizations race to adopt new technologies,
such as generative artificial intelligence (AI), a
basic understanding is needed of the immediate,
mid-term and long-term implications of these
technologies for their cyber-resilience posture.
– Fewer than one in 10 respondents believe that
in the next two years generative AI will give the
advantage to defenders over attackers.
– Approximately half of executives say that
advances in adversarial capabilities (phishing,
malware, deepfakes) present the most
concerning impact of generative AI on cyber.
The cyber-skills and talent
shortage continues to widen
at an alarming rate.
– Half of the smallest organizations by revenue
say they either do not have or are unsure as to
whether they have the skills they need to meet
their cyber objectives.
– Only 15% of all organizations are optimistic
that cyber skills and education will significantly
improve in the next two years.
– 52% of public organizations state that a lack of
resources and skills is their biggest challenge
when designing for cyber resilience.
Looming cyber inequity amid a rapidly evolving
tech landscape emphasizes the need for even
greater public-private cooperation.
Global Cybersecurity Outlook 2024 4
