WEF Report: CEOs Now Fear AI-Powered Fraud More Than Ransomware

The World Economic Forum released its Global Cybersecurity Outlook 2026 today, and the findings mark a notable shift in executive priorities. CEOs now rank cyber-enabled fraud and phishing as their top security concern—surpassing ransomware for the first time in the report's history. The change reflects how AI-powered scams have grown sophisticated enough to threaten organizations at scale.

The report describes a "three-front war" facing security teams: expanding cybercrime, AI misuse by attackers, and systemic supply chain vulnerabilities. The combination has stretched enterprise defenses to their limits.

What Changed

For years, ransomware dominated executive cybersecurity concerns. The threat of encrypted systems and leaked data drove security investments and insurance purchases. That hasn't disappeared, but something else now worries CEOs more.

AI-powered fraud has reached a sophistication threshold where executives and their families face convincing impersonation attacks. Voice cloning, deepfake video, and localized phishing content make social engineering attacks far more effective than the obviously suspicious emails of the past. Finance teams report receiving voice calls that convincingly impersonate executives authorizing wire transfers.

The WEF report notes that this shift reflects reality: organizations have gotten better at defending against ransomware through backups, network segmentation, and incident response planning. Fraud attacks bypass those defenses entirely because they target human decision-making rather than technical controls.

The AI Double Edge

Security teams increasingly use AI for faster alert processing, phishing detection, and incident response automation. The same technology enables attackers to scale reconnaissance and craft more convincing social engineering attacks.

Data leakage through generative AI systems emerged as a top concern among surveyed organizations. Employees paste sensitive information into AI chatbots, code assistants ingest proprietary source code, and third-party AI services retain data in ways organizations don't fully understand.

The report documents growing anxiety about model misuse and automation errors—AI systems making security decisions that humans would question if they understood what was happening. As organizations delegate more security functions to AI, the risk of cascading failures grows.

Supply Chain Complexity

Vendor and third-party dependencies continue expanding attack surfaces. A single compromised supplier can affect thousands of downstream organizations, as repeated incidents over the past two years demonstrated. Supply chain attacks targeting developer tools and repositories have become standard adversary tradecraft.

Large multinational organizations report adjusting vendor decisions based on security posture, expanding threat intelligence programs, and engaging government partners for information sharing. Smaller organizations often lack resources for comparable programs, creating an uneven defensive landscape.

The most resilient organizations prioritize third-party risk assessment and involve supplier security evaluation in procurement decisions before contracts are signed—not after incidents occur.

Regional Disparities

Organizations outside North America and Europe face significant capability gaps. Limited access to skilled personnel, reduced participation in threat intelligence sharing communities, and smaller security budgets create structural disadvantages.

These disparities matter for global organizations because supply chains cross regional boundaries. A subsidiary or supplier in a less-prepared region can become the initial compromise point for attacks targeting better-defended headquarters operations.

Geopolitical Influence

Nation-state activity and infrastructure disruption now influence corporate cybersecurity strategy at the board level. Large organizations report that geopolitical considerations affect vendor selection, data residency decisions, and investment in government relationships.

However, confidence in national cyber preparedness remains uneven. Organizations in some regions trust their governments to provide useful threat intelligence and coordinate responses. Others see governments as absent or counterproductive.

Why This Matters

The WEF report aggregates perspectives from security leaders across industries and regions. When CEOs collectively shift their top concern from ransomware to fraud, it signals that attack patterns have genuinely changed—not just media attention.

Organizations that built their security programs primarily around ransomware defense may find themselves underinvested in anti-fraud controls, user awareness training, and AI governance. The threats that worried executives five years ago aren't the threats causing losses today.

Key Takeaways

1. Fraud training needs updating - Employees need exposure to AI-generated voice and video impersonation, not just email phishing
2. AI governance requires attention - Data leakage through AI tools demands policy responses beyond acceptable use guidelines
3. Supply chain visibility matters - Organizations can't secure what they can't see; vendor security assessments should cover AI usage
4. Regional exposure varies - Global organizations should evaluate whether subsidiaries and suppliers in less-prepared regions create enterprise-wide risk
5. Ransomware isn't solved - Executives prioritizing fraud doesn't mean ransomware defenses can relax; the threat persists

The full WEF Global Cybersecurity Outlook 2026 is available on the World Economic Forum website.