Estimated reading time: 4 minutes
The World Economic Forum’s Global Cybersecurity Outlook 2026 highlights that fraudsters are now a bigger concern than ransomware groups. The report, released today, warns that CEOs are most worried about phishing and cyber-enabled fraud, especially as AI makes these attacks more convincing, costly, and common.
Fraud And Phishing Take The Top Spot
According to the World Economic Forum, cyber-enabled fraud has become the top threat for CEOs, overtaking ransomware. While CEOs are most concerned about fraud and phishing, many CISOs still focus on ransomware.
This difference in focus is important for insurance buyers. Fraud usually raises questions about crime coverage before cyber coverage. Claims teams often have to sort out details like social engineering terms, sublimits, and exclusions, which can slow down the response when quick action is needed.
Survey results show this change in daily losses. Around 73% of respondents said they or someone they know experienced cyber-enabled fraud in 2025. The report identifies phishing, payment fraud, and identity theft as the most common types of these attacks.
The report also tracks the trend. Most respondents said that cyber-enabled fraud and phishing increased over the past year, with 77% reporting a rise.
Leaders describe the impact clearly: “Cyber-enabled fraud poses a pervasive societal threat, undermining trust and security across all demographics.”
Cybersecurity Outlook Pivots To Fraud
The World Economic Forum describes this change as an economic shock. In its release, the Forum warned that “cyber-enabled fraud has emerged as one of the most disruptive forces in the digital economy.” This matches the loss patterns seen by insurers.
Fraud losses may look simple in financial records, but they often lead to complex legal problems. Victims often sue over weak controls, slow responses, or poor vendor oversight, turning small issues into urgent legal cases.
Incidents like invoice fraud and business email compromise also challenge company governance. Finance teams approve payments, security teams investigate after the money is gone, and legal teams handle recovery and notifications. The report’s survey shows the global scope of the issue. It included 804 qualified participants from 92 countries, with 316 CISOs and 105 CEOs among them.
AI Fuels Scale And Credibility
Attackers now use generative tools to improve social engineering. The report mentions realistic phishing messages and deepfake content, and it also warns about models trained on stolen data.
Leaders are also worried about new weaknesses as organizations adopt AI. The report says 87% identified AI-related vulnerabilities as the fastest-growing risk in 2025, and it also notes increasing concern about fraud and phishing.
The technology risks are urgent. In one chart, 94% of respondents chose AI and machine learning as the most important technologies shaping the next year.
Check Out Our Podcast – Cyber Liability Insurance For SMEs: Cowbell COO explains rising cyber risks
This rapid growth in AI brings up familiar insurance questions. Underwriters will want to know about AI governance, testing, audit trails, and how organizations control AI agents’ privileges.
The report notes some progress in internal checks. The percentage of organizations assessing AI tool security increased from 37% to 64%, but many still do not have any validation process.
Geopolitics And Supply Chains Widen Exposure
Cyber risk planning is now part of geopolitical strategy meetings. About 64% of organizations include geopolitically motivated attacks in their risk mitigation plans.
Confidence in national readiness is falling. The report says 31% of respondents have little faith in their country’s ability to respond to incidents. This raises liability concerns for critical infrastructure operators and vendors.
Supply chains add more pressure. In the survey, 61% of respondents said rapidly changing threats are a top challenge, and 46% pointed to third-party and supply chain vulnerabilities.
For CEOs at highly resilient organizations, supply chain risk is the main concern. The report says 78% of these CEOs see third-party dependencies as their biggest challenge.
Mature organizations also run joint practice exercises. The report says 44% of highly resilient firms simulate incidents with partners, compared to just 16% of less resilient ones.
Get The Cyber Insurance News Upload Delivered
Subscribe to our newsletter!
A Liability-Driven Call For Collective Defense
The report’s conclusion brings everything together. It states that “cyber risk is no longer a technical issue alone” and calls for better governance, skills, and collaboration across all sectors.
Law enforcement leaders echo that stance. INTERPOL’s secretary-general put it bluntly: “Only together can we stay ahead of criminals.”
For cyber insurers, this new focus on fraud means they must quickly change how they assess risk. Strong controls over payments, identity, and vendor access are now key to preventing losses. Cyber liability insurance policyholders should ask for clearer coverage details across cyber, crime, and D&O policies.
Insurers will quickly reward organizations that have tested response plans and practice exercises. They will also require immediate proof of AI risk controls. Buyers who can provide this evidence will have fewer disputes after a fraud incident.
Related Cybersecurity and Cyber Liability Insurance Posts
- SKILLSTORM, YUPRO CREATE VETERAN PIPELINE; PARTNERSHIP TARGETS 750,000 OPEN CYBERSECURITY JOBS
- Are Ransomware Gangs Trustworthy?
- Did This Large Medical Practice Have too Much Cyber Insurance?
- 1Fort Welcomes Cyber Security Veteran Leon Rishniw as CISO
- Cybersecurity Concerns Rise With AI- Report
