Cyber-enabled fraud overtakes ransomware as top risk for executives
AI-generated from multiple sources. Verify before acting on this reporting.
GENEVA — Cyber-enabled fraud has surpassed ransomware as the primary cybersecurity concern for corporate leadership, marking a significant shift in the global threat landscape. The World Economic Forum's Global Cybersecurity Outlook 2026 report, released Wednesday, identifies the change as a critical development for C-suite executives and Chief Information Security Officers across the United States and globally.
The report indicates that financial losses attributed to fraud schemes are outpacing those from ransomware attacks. While ransomware has dominated headlines for years, the prevalence of social engineering techniques, particularly business email compromise, has driven the rise in fraud-related incidents. These methods target human vulnerabilities rather than technical system flaws, making them increasingly difficult to mitigate with traditional cybersecurity defenses.
Insurance underwriters and policyholders are adjusting their risk assessments in response to the data. The shift suggests that organizations must prioritize employee training and verification protocols alongside technical security measures. Executives are now facing pressure to address the financial implications of fraud, which often involves direct theft of funds rather than the encryption of data seen in ransomware cases.
Cybercriminals have adapted their strategies to exploit the growing reliance on digital communication channels. Business email compromise attacks have become more sophisticated, often impersonating executives or trusted partners to authorize fraudulent transactions. This evolution has forced companies to reevaluate their internal controls and financial authorization processes.
The report highlights that the United States remains a primary target for these attacks, with significant financial exposure for businesses of all sizes. The transition from ransomware to fraud as the top risk reflects broader changes in how cyber threats are executed and monetized. As organizations focus on recovering from past ransomware incidents, the rise of fraud presents a new challenge that requires different mitigation strategies.
Industry experts note that the financial impact of fraud is often less visible than ransomware attacks, which typically involve public demands for payment. This invisibility may contribute to underreporting, potentially obscuring the true scale of the problem. The lack of immediate public notification in fraud cases means that losses can accumulate over time before being detected.
The findings come as companies continue to invest heavily in cybersecurity infrastructure. However, the report suggests that technical solutions alone are insufficient against social engineering tactics. The human element remains the weakest link in the security chain, requiring a cultural shift within organizations to recognize and prevent fraud attempts.
Questions remain regarding the long-term trajectory of cyber-enabled fraud. As artificial intelligence tools become more accessible, the sophistication of these attacks is expected to increase. Whether organizations can adapt their defenses quickly enough to counter evolving fraud techniques remains uncertain. The insurance industry is also grappling with how to price this shifting risk, with premiums potentially rising for sectors most vulnerable to social engineering attacks.
The World Economic Forum's assessment provides a roadmap for executives to realign their security priorities. As the threat landscape continues to evolve, the focus on fraud prevention is likely to intensify in the coming years.