Geopolitical uncertainty is the biggest driver of emerging threats for banks and insurers according to the 2025 ORX Horizon and Cyber Horizon reports, based on input from 47 leading global financial services firms. The benchmark studies ranked cybercrime in the top spot for the 4th consecutive year, ahead of other risk categories by a significant margin.

Published by ORX, the world’s largest operational risk association, the Horizon reports revealed Technology & Digital Strategy and Business Service Disruption in second and third place respectively.

Figure 1: Normalised Borda scores based on participants ranking of emerging risks - Chart from Operational Risk Horizon 2025 report

Firms polled in the report cited ongoing geopolitical tensions and political instability as a major risk driver for cybercrime, particularly emerging threats orchestrated by nation states such as cloud service provider compromise and state-sponsored cyberattacks. 

This issue is becoming even more pressing with the rapid advancements in technology, particularly in AI, which are enhancing the complexity, frequency, and severity of these attacks.

Steve Bishop, research and information director at ORX comments, “Conversations with the ORX community suggest that while their firms feel well equipped to handle cyber threats, many view their suppliers as less mature in this space, particularly smaller vendors.

“This is compounded by geopolitical instabilities that could impact the supply chain, the lack of global regulatory alignment, regulatory pressures such as DORA, CPS230, Basel III, BCB239 and challenges with overseeing third-party control environments.”

Third parties, ransomware and cloud driving cybercrime fears

Third party compromise is the top emerging cyber threat over both short and long term, with 92% of firms ranking this in their top five concerns for the next 6-12 months.  

Ransomware attacks pose the second highest threat for 76% of firms in the short term (2nd overall), and 60% in the long-term (3rd overall).  

Despite general consensus that the likelihood of a successful ransomware attack is low, the potentially devastating impacts are driving concern. Firms acknowledge that successful ransomware attacks would have significant impact on business disruption, customers and reputational damage and ultimately financial impacts. In addition, regulatory requirements are also driving a focus on ransomware.

Figure 3: Normalised Borda scores based on participants ranking of emerging cyber threats - Chart from Cyber Horizon 2025 report

AI on the rise 

AI also featured heavily in the Cyber Horizon report, with the rankings of AI-related threats increasing over the longer term. The most significant jump is that of AI-enabled fraud – deepfakes (9th to 4th), while attack on AI models increases from 15th to 11th.

In addition to AI-related cyber threats rising in prominence over the next 12-36 months, AI was frequently indicated as a driver for other emerging cyber threats. AI is lowering the barriers to entry and increasing the volume and speed of attacks. It is also enhancing the sophistication of some attack types, for example AI-enabled spear phishing attacks and more convincing deepfakes.

Steve Bishop adds, “Since collecting the data for these reviews between November and December 2024, there have already been several significant geopolitical and regulatory developments bringing more uncertainty. The US has a new administration, the German government has recently collapsed over fiscal policy disputes, and instability in the Middle Eastern continues. We can expect the themes presented in this report to evolve at pace over the next 12 months.”