“The ability to understand the strategic and economic impact of cyber incidents has validated it as a major systemic economic threat,” the WEF said in a report issued Friday (May 15) in conjunction with its Annual Meeting on Cybersecurity.
The WEF cited the example of a major cyberattack last year which led to a prolonged shutdown of car production in the U.K., which weakened the country’s economic growth and had an impact of around 1.9 billion pounds (about $2.5 billion) and affected thousands of organizations.
Cyber incidents are increasing insurance and compliance costs and recovery expenditures, while interrupting operations, hurting customer trust and, in some cases, threatening the solvency of businesses, particularly smaller businesses, the report added.
“At the national level, weak cyber resilience can deter foreign investment, undermine innovation ecosystems and erode competitiveness in critical industries,” said the WEF. “As economies become more digital and interconnected, cybersecurity is emerging as a foundational pillar of economic security.”
During the meeting, the report said, leaders stressed that cyber risk only becomes a sustained priority after its financial impact is clearly recognized. This is fueling demand for more robust risk quantification models and consolidated economic evidence to better guide decision-making and mobilize investment, the WEF said.
Advertisement: Scroll to Continue
“In response, organizations are shifting away from compliance-driven approaches towards measurable resilience,” the report added. “The focus is moving to how quickly systems can recover, how much loss can be avoided, and how effectively operations can continue under stress.”
According to the WEF, this shift is reconfiguring investment priorities. Instead of expanding toolsets, leaders are focusing on high-impact capabilities, boosting visibility of critical assets and dependencies, bolstering incident response readiness and promoting rapid recovery.
The report followed one earlier this month from the International Monetary Fund (IMF), which argued that policymakers need to start treating cybersecurity as a core financial stability issue given rising AI-related cyber risks.
With attacks becoming faster, automated and more sophisticated, the existing cybersecurity measures must be expanded and sharpened, the IMF wrote on its blog.
“Policymakers should prioritize robust resilience standards, supervision focused on systemic transmission channels, and close public-private collaboration on threat intelligence and incident response,” the IMF said.
The rapidly growing threat posed by AI is spotlighted by Anthropic’s Mythos, which allows even non-experts to uncover and exploit vulnerabilities in operating systems and web browsers faster than defenders can patch and remediate them.
