WEF Global Cybersecurity Outlook 2026 flags AI acceleration, geopolitical fractures; calls for shared responsibility - Industrial Cyber

AI Attacks and Vulnerabilities Control device security Critical infrastructure Industrial Cyber Attacks Malware, Phishing & Ransomware News Reports Risk & Compliance Supply Chain Security System Design & Architecture Threat Landscape WEF Global Cybersecurity Outlook 2026 flags AI acceleration, geopolitical fractures; calls for shared responsibility January 13, 2026 The World Economic Forum (WEF) released on Monday its Global Cybersecurity Outlook 2026, developed with Accenture, offering a clear-eyed view of the forces set to shape cyber risk over the coming year. The report tracks how rapid AI adoption, geopolitical fragmentation, and deepening cyber inequity are redefining the threat landscape for economies and societies alike. As cyberattacks become faster, more sophisticated, and increasingly uneven in their impact, governments and organizations are under growing pressure to adapt.  Grounded in the perspectives of global leaders, the WEF report moves beyond diagnosis. It lays out practical insights to help decision-makers recalibrate strategy, guide investment, and inform policy in an environment where cyber resilience is no longer optional but foundational. It also recognized that as the boundaries between digital and physical worlds continue to blur, organizations that thrive will be those that recognize cyber resilience as a shared, strategic responsibility – one that underpins trust, enables innovation, and safeguards the interconnected foundations of global society. “Cybersecurity risk in 2026 is accelerating, fuelled by advances in AI, deepening geopolitical fragmentation and the complexity of supply chains,” Jeremy Jurgens, managing director at the WEF, and Paolo Dal Cin, global cybersecurity lead at Accenture, wrote in the Global Cybersecurity Outlook 2026 report. “These shifts are compounded by the enduring sovereignty dilemma and widespread cyber inequity, two factors that expose systemic vulnerabilities. The result is a threat environment where the speed and scale of attacks are testing the limits of traditional defences.” They added that “By examining leaders’ perspectives and highlighting the priorities that drive success, this report delivers a clear message: cybersecurity is not predetermined. Its future depends on the choices we make today. By investing in foresight, capability, and innovation, and by strengthening collaboration across industries, sectors, and national boundaries, we can transform volatility into momentum and build a safer, more resilient digital future together.” Global Cybersecurity Outlook 2026 revealed that ​​AI is anticipated to be the most significant driver of change in cybersecurity in the year ahead, according to 94% of survey respondents. “This growing recognition is translating into concrete action across organizations. The percentage of respondents assessing the security of AI tools has nearly doubled from the previous year, from 37% in 2025 to 64% in 2026.” At the same time, the WEF noted that AI vulnerabilities are accelerating at an unprecedented pace, as 87% of respondents identified AI-related vulnerabilities as the fastest-growing cyber risk over 2025. In 2026, geopolitics remains the top factor influencing overall cyber risk mitigation strategies. Some 64% of organizations are accounting for geopolitically motivated cyberattacks, such as the disruption of critical infrastructure or espionage. Notably, 91% of the largest organizations have changed their cybersecurity strategies due to geopolitical volatility. “In the context of geopolitical volatility, confidence in national cyber preparedness continues to erode, with 31% of survey respondents reporting low confidence in their nation’s ability to respond to major cyber incidents, up from 26% last year,” the WEF reported. “Confidence levels vary greatly across regions. Respondents from the Middle East and North Africa express a high degree of confidence in their country’s ability to protect critical infrastructure (84%), while confidence is lower among respondents in Latin America and the Caribbean (13%).” Recent incidents affecting key infrastructure, such as airports and hydroelectric facilities, continue to call attention to these concerns. Despite its central role in safeguarding critical infrastructure, the public sector reports markedly lower confidence in national preparedness. About 23% of public-sector organizations reported having insufficient cyber resilience capabilities. The WEF disclosed that 73% of respondents reported that they or someone in their network had been personally affected by cyber-enabled fraud in 2025. “Chief executive officers (CEOs) rate cyber-enabled fraud as their top concern, shifting focus from ransomware to emerging risks such as cyber-enabled fraud and AI vulnerabilities. Chief information security officers (CISOs), by contrast, remain concerned about ransomware and supply chain resilience. This reflects how cybersecurity priorities diverge between the boardroom and the front line.” Data leaks and the advancement of adversarial capabilities are among the top concerns for CEOs regarding generative AI. CEOs identify data leaks (30%) and the advancement of adversarial capabilities (28%) as the most significant security concerns related to generative AI (genAI). These two risks stand out clearly above others, indicating that exposure of proprietary data through genAI and the growing sophistication of cyber attackers are the primary issues on CEOs’ radars for 2026. WEF mentioned that private-sector CEOs question national readiness for major cyberattacks on critical infrastructure. “Less than 45% of all CEOs from the private sector are confident in their country’s ability to respond to major cyber incidents targeting critical infrastructure.” The Global Cybersecurity Outlook 2026 revealed that CEOs of highly resilient organizations integrate security into their procurement processes to address supply chain risk. Specifically, CEOs of highly resilient organizations integrate security into their procurement processes (70%) and prioritize supplier maturity assessments (59%) to address supply chain risk. Henna Virkkunen, executive vice-president for tech sovereignty, security and democracy at the European Commission, said that “as the threat landscape evolves and AI increasingly powers offensive operations in cyberspace, we must step up our work on the resilience of our critical infrastructure and connectivity. The EU stands ready to work with like-minded partners to protect what is today the digital backbone of our economy and society.”  Looking ahead, she added, “our priority is to boost investments in cyber to strengthen Europe’s industrial capabilities and harness deep tech for better detection and anticipation, invest in people to close the cyber skills gap, and deepen intelligence sharing so that we can spot and address vulnerabilities faster.”  “Developments in AI are reshaping multiple domains, including cybersecurity. Implemented well, these technologies can assist and support human operators in detecting, defending, and responding to cyberthreats,” said Josephine Teo, Singapore’s minister for digital development and information, and minister-in-charge of cybersecurity and smart nation group. “However, they can also pose serious risks such as data leaks, cyberattacks, and online harms if they malfunction or are misused.”  Tao called upon governments to adopt a forward-looking, practical, and collaborative approach to developing and using emerging technologies safely, as their capabilities and risks continue to evolve. “The risks transcend borders, and the challenge is to maximize AI’s benefits, including to strengthen our cyber resilience, while minimizing its risks.” Arvind Krishna, chief executive officer at IBM, wrote in the WEF report that criminals are always willing to use all possible ways to get access to value, much of which is contained in the cyber infrastructure. “Consequently, to stay ahead, those of us who defend must use every tool at our disposal – which now includes agentic AI.” The Global Cybersecurity Outlook 2025 highlighted a significant gap between the widespread recognition of AI-driven risks and the rapid adoption of AI technologies without adequate safeguards. By 2026, however, this picture is changing, as the share of organizations assessing the security of their AI tools has nearly doubled from 37% in 2025 to 64% in 2026, indicating that more organizations are introducing structured processes and governance models to manage AI securely and responsibly. As organizations confront AI threats, geopolitical volatility, and supply chain vulnerabilities, the need for resilience has never been clearer. “In the 2026 survey, 40% of organizations reported conducting periodic reviews of their AI tools before deploying them, rather than only doing a one-time assessment (24%) – a clear sign of progress towards continuous assurance. However, roughly one-third still lack any process to validate AI security before deployment, leaving systemic exposures even as the race to adopt AI in cyber defences accelerates.” The Global Cybersecurity Outlook 2026 reported that AI is fundamentally transforming security operations, accelerating detection, triage, and response while automating labour-intensive tasks such as log analysis and compliance reporting. “AI’s ability to process vast datasets and identify patterns at speed positions it as a competitive advantage for organizations seeking to stay ahead of increasingly sophisticated cyberthreats. The survey data reveals that 77% of organizations have adopted AI for cybersecurity, primarily to enhance phishing detection (52%), intrusion and anomaly response (46%), and user-behaviour analytics (40%).” Addressing the practical challenges of AI adoption in cybersecurity, organizations consistently identify insufficient knowledge and/ or skills (54%) to deploy AI for cybersecurity, the need for human oversight (41%), and uncertainty about risk (39%) as the main hurdles. These findings indicate that trust is still a barrier to widespread AI adoption. The WEF report recognized that “Ongoing instability in the wake of the war in Ukraine has coincided with a rise in hybrid attacks, using drones to target European airports and other critical infrastructure, along with the spread of disinformation, which has further destabilized the regional security landscape. Beyond Europe, escalating geopolitical rivalries and conflicts across the Indo-Pacific, Middle East, and Africa require organizations to maintain heightened vigilance as risks intensify across regions and industries.”  It added that of particular concern to participants in focus groups for this report was the use of advanced offensive cyber capabilities by nation-state actors to hack telecommunications networks in the U.S. The Global Cybersecurity Outlook 2026 report also highlighted that geopolitical tensions particularly expose threats and vulnerabilities in the critical national infrastructure that supports society and underpins the operations of countless organizations. Sectors such as energy, water, and transportation are increasingly targeted in cyber warfare campaigns, where the interconnected nature of systems amplifies the impact of disruptions. A striking illustration came in April 2025 when a Norwegian hydropower dam was hacked, opening a floodgate and releasing 500 litres of water per second for four hours, in what officials described as a deliberate act of sabotage. Alarmingly, 31% of the Global Cybersecurity Outlook survey participants express a lack of confidence in their nation’s ability to respond effectively to major cyber incidents, which is up from 26% last year. This indicates a growing sense of uncertainty and heightened exposure. The Global Cybersecurity Outlook 2026 data shows wide regional variation in confidence about national preparedness to respond to major cyber incidents targeting critical infrastructure. Respondents in the Middle East and North Africa expressed the highest confidence, with 84% saying they are confident in their country’s ability to respond. In the same region, 11% reported a neutral view, while only 4% said they are not confident. In East Asia and the Pacific, 47% of respondents said they are confident, 27% reported neutral confidence, and 26% said they are not confident. Moving on to Europe and Central Asia, confidence levels are more evenly split. About 40% of respondents said they are confident in their country’s preparedness, 35% reported a neutral view, and 25% said they are not confident. South Asia shows a similar pattern, with 40% of respondents expressing confidence, another 40% reporting a neutral position, and 19% saying they are not confident. In North America, 38% of respondents said they are confident in their country’s ability to respond to critical infrastructure cyber incidents. About 30% reported a neutral stance, while 32% said they are not confident. Sub-Saharan Africa shows lower overall confidence, with 37% of respondents saying they are confident, 24% reporting neutral views, and 39% saying they are not confident. Meanwhile, Latin America and the Caribbean reported the lowest confidence levels. Only 13% of respondents said they are confident in national preparedness, while 38% reported neutral views and 49% said they are not confident. “The uneven confidence across regions points to a broader shift in how nations perceive cyber resilience – from a technical challenge to a question of sovereignty and self-reliance,” the WEF reported. “As nations seek to protect critical infrastructure, many are re-evaluating their dependencies on foreign technology providers and global supply chains. This connection between infrastructure protection and digital autonomy has become a defining feature of modern cybersecurity policy.” The WEF report identified that in today’s digital-industrial era, the boundary between IT and OT has all but disappeared. “While strict air-gapped segregation of IT and OT systems used to be the norm in OT governance frameworks for years, contemporary advances in technology and expectations of connectivity between systems are making such practices untenable. Sectors such as manufacturing, energy, transportation and critical infrastructure systems now see IT and OT systems increasingly converge, driving efficiencies and innovation, but also needing to apply more advanced segmentation to control risk exposure.” It added that many industrial environments remain ill-equipped for the speed and complexity of modern threats. “OT systems are typically averse to rapid modernization due to their close integration with core business functions and their typically long investment horizons. Survey data reveals that, despite growing awareness, governance practices around OT remain inconsistent and often siloed within operational teams.” The Global Cybersecurity Outlook 2026 analyzed that space and seabed infrastructure remain comparatively overlooked in cyber risk planning, despite enabling core functions of critical infrastructure. “In 2026, 9% of respondents indicated that space technologies will most significantly impact cybersecurity. Looking ahead to 2030, satellite-based positioning, navigation and timing will be even more essential for aviation, maritime activities, power-grid coordination and financial transactions. At the same time, satellite communications and undersea cables will form the backbone for emergency services, cloud infrastructure and international data exchange.” In 2026, the WEF said that 37% of Global Cybersecurity Outlook survey respondents believe quantum technologies will affect cybersecurity within the next 12 months. This reflects expectations of greater investment, stronger regulatory momentum, and a faster pace of digital transformation in the year ahead. By 2030, quantum will have evolved from a theoretical disruptor into a selective but material threat to cryptography.   Recognizing in its conclusion that as organizations confront a surge in AI-driven threats, geopolitical volatility and supply chain vulnerabilities, the imperative for resilience has never been clearer, the WEF added that “while adversaries leverage automation and advanced tactics to exploit systemic weaknesses, the challenge for defenders lies in keeping pace – not only through technological innovation but by strengthening governance, investing in skills and fostering a culture of trust and collaboration. The gap between highly resilient organizations and those falling behind remains stark, with skills shortages and resource constraints amplifying systemic risk.” It added that organizations that embed resilience into leadership agendas, proactively manage supply chain and AI risks, and engage their broader ecosystems are better positioned to withstand shocks and adapt to uncertainty. “The shift towards intelligence-driven collaboration, scenario-based testing and regulatory harmonization signals a maturing approach to collective defence.” Anna Ribeiro Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT. Related DOE’s CESER Strategic Plan sets three-pronged strategy to harden energy infrastructure, boost cyber resilience CISA flags rising threats to endpoint management systems after Stryker breach, urges stronger defense Claroty reports 82% of CPS attacks used remote access protocols as hacktivists target HMIs and SCADA at scale WEF Aviation Sustainability report warns cyber vulnerabilities threaten operational and regional stability, calls for resilience Black Kite integrates Open FAIR-based Risk Assessments for real-time cyber risk quantification Dream Security flags critical RCE vulnerability in GNU Inetutils telnetd, exposing ICS and OT systems EU unveils coordinated strategy to counter cyber, sabotage and disinformation threats amid rising hybrid attacks The Backup Paradox: Why Manufacturing Recovery Readiness Still Lags Behind Investment AKMSecure joins OTCC to advance zero trust and strengthen protection of critical infrastructure Acalvio debuts 360 Deception platform to counter agentic AI, erode speed and trust advantage held by modern attackers