Cybersecurity is entering a new phase globally, as organisations are increasingly being urged to prepare not only to prevent cyberattacks but also to sustain operations when digital systems fail, according to new insights released by the World Economic Forum.
The global policy body noted that cybersecurity discussions have historically centred on technology controls such as firewalls, endpoint protection tools and incident response systems, with organisations investing heavily in preventing breaches and improving detection capabilities. While these measures remain essential, the forum said the evolving threat landscape now requires an extended organisational response that extends beyond technical defence.
In its latest analysis, the WEF argues that modern cyber risk is shaped by persistent threats, increasing system complexity and the accelerating adoption of artificial intelligence, factors that have altered the traditional assumptions underpinning cybersecurity strategies. Under these conditions, even well-protected organisations may experience operational disruption, shifting attention toward what the forum describes as “cyber resilience.”
According to the report, cyber resilience focuses on how organisations continue functioning when technology becomes unavailable, degraded or unreliable, rather than solely on how quickly systems can be restored after an attack. The approach places decision-making, coordination and operational continuity at the centre of cyber preparedness.
The growing relevance of this shift is reflected in recent threat data across emerging digital markets. Findings released by Check Point Research, the research arm of Check Point Software Technologies, showed that Nigerian organisations recorded the highest number of cyberattacks in Africa in January 2026, averaging 4,701 attacks per organisation weekly, significantly above the global average of 2,090 incidents recorded during the same period.
Within Africa, Nigeria’s position at the top of the chart underscores the scale of its digital footprint and expanding online economy, but also highlights the mounting vulnerability facing its public and private sector institutions. Angola followed closely with 4,512 attacks per organisation per week, though its figures declined 7 percent year-on-year. Kenya recorded 2,172 weekly attacks, representing a 41 percent drop from the previous year, while South Africa logged 2,145 attacks per organisation per week, reflecting a 36 percent year-on-year increase.
Globally, the education sector remained the most targeted industry, with institutions experiencing an average of 4,364 weekly attacks per organisation, up 12 percent year-on-year. Government entities followed at 2,759 attacks per week, reflecting an 8 percent annual increase. Telecommunications ranked third with 2,647 weekly incidents, also up 8 percent year-on-year, as cybercriminals intensified efforts to exploit connectivity infrastructure and expanding 5G ecosystems.
From a regional perspective, Latin America recorded the highest attack volumes worldwide at 3,110 attacks per organisation per week, reflecting a 33 percent year-on-year increase. The Asia-Pacific region followed closely with 3,087 weekly attacks, up 7 percent. Africa’s average stood at 2,864 attacks per organisation, while Europe and North America recorded year-on-year increases of 18 percent and 19 percent respectively.
The figures illustrate the scale of exposure facing organisations as digital adoption accelerates across financial services, telecommunications, government platforms and cloud-based operations. Analysts say such trends reinforce the WEF’s position that cyber incidents are increasingly becoming enterprise-wide risks rather than isolated technical events.
From protection to continuity
The WEF noted that cybersecurity has traditionally focused on three primary objectives: preventing attacks, reducing the time attackers remain undetected and restoring systems after compromise. However, the organisation warned that severe cyber incidents often create conditions where recovery timelines extend beyond expectations and data integrity becomes uncertain, complicating operational decisions.
Under such circumstances, the challenge shifts from technical recovery to organisational coordination. Legal teams must interpret regulatory obligations, finance departments assess potential liabilities, communications units manage stakeholder messaging, and executive leadership is required to make time-sensitive decisions despite incomplete information.
The forum observed that misalignment among these functions can escalate an incident into a broader business crisis, even where technical containment is successful. Delayed decision-making, inconsistent communication and unclear accountability were identified as common factors that amplify reputational and financial damage during cyber events.
Limits of traditional readiness testing
Another concern highlighted in the analysis is the way organisations measure cyber preparedness. Many companies continue to test readiness primarily within IT departments through simulations focused on malware containment or system restoration timelines.
While necessary, the WEF said such exercises often fail to assess whether organisations can operate during sustained disruption or whether leadership teams can coordinate effectively under pressure.
To address this gap, the forum recommends structured scenario-based simulations commonly known as tabletop exercises. Unlike technical drills, these exercises involve executives and multiple business functions navigating realistic crisis scenarios where recovery is delayed, external scrutiny increases and operational uncertainty persists.
These simulations are designed to evaluate factors that cannot be captured through technical dashboards alone, including speed of executive engagement, clarity of decision ownership, effectiveness of information sharing across departments and the organisation’s ability to maintain essential services in degraded operating conditions.
Rising complexity in the AI era
The WEF also linked the urgency of cyber resilience to the rapid adoption of artificial intelligence technologies. While AI is strengthening defensive capabilities, it is simultaneously enabling threat actors to automate attacks, scale phishing campaigns and exploit vulnerabilities more efficiently.
This dual-use nature of AI, the forum noted, increases unpredictability and places additional pressure on organisations to prepare for scenarios where prevention measures are tested by speed and complexity.
Implications for rapidly digitising economies
For countries experiencing rapid digital transformation, including Nigeria, the convergence of rising cyber threats and expanding digital infrastructure introduces new operational risks. As organisations rely more heavily on interconnected platforms, disruptions can cascade quickly across services, supply chains and customer interactions.
Industry observers say this reality is pushing cybersecurity discussions into boardrooms, where cyber incidents are increasingly viewed through the lens of business continuity, governance and enterprise risk management rather than purely technological resilience.
The WEF concluded that prevention remains the foundation of cybersecurity strategy because it reduces risk and limits disruption. However, resilience determines whether organisations can maintain stability when prevention measures are challenged.
Rather than a one-time initiative, the forum described cyber resilience as an ongoing discipline requiring continuous testing, leadership involvement and organisational learning. Companies that repeatedly practise crisis coordination and adapt their response frameworks over time are more likely to recover quickly from disruption than those relying solely on technical defences.
As cyber threats continue to intensify globally, the report suggests that the defining difference between organisations may no longer be who avoids attacks entirely, but who can continue operating effectively when attacks succeed.
