Geopolitical uncertainty is the biggest driver of emerging threats for banks and insurers according to the 2025 ORX Horizon and Cyber Horizon reports, based on input from 47 leading global financial services firms. The benchmark studies ranked cyber crime in the top spot for the fourth consecutive year, ahead of other risk categories by a significant margin.
The Horizon reports revealed technology and digital strategy, and business service disruption in second and third place respectively.
Firms polled in the report cited ongoing geopolitical tensions and political instability as a major risk driver for cyber crime, particularly emerging threats orchestrated by nation states such as cloud service provider compromise and state-sponsored cyber attacks.
This issue is becoming even more pressing with the rapid advancements in technology, particularly in AI, which are enhancing the complexity, frequency and severity of these attacks.
ORX research and information director Steve Bishop said, “Conversations with the ORX community suggest that while their firms feel well equipped to handle cyber threats, many view their suppliers as less mature in this space, particularly smaller vendors.
“This is compounded by geopolitical instabilities that could impact the supply chain, the lack of global regulatory alignment, regulatory pressures such as DORA, CPS230, Basel III, BCB239 and challenges with overseeing third-party control environments.”
Third parties, ransomware and cloud drive cyber crime fears
Third party compromise is the top emerging cyber threat over both short and long term, with 92% of firms ranking this in their top five concerns for the next six to twelve months.
Ransomware attacks pose the second highest threat for 76% of firms in the short term (second overall), and 60% in the long-term (third overall).
Despite consensus on the low likelihood of a successful ransomware attack, the potential for devastating impacts is of concern. Firms acknowledge that such ransomware attacks would have significant implications on business disruption, customers and reputational damage and ultimately financial impacts. In addition, regulatory requirements are also driving a focus on ransomware.
AI on the rise
AI also featured heavily in the Cyber Horizon report, with the rankings of AI-related threats increasing over the longer term. The most significant jump is that of AI-enabled fraud – deepfakes ( ninth to fourth), while attack on AI models increased from 15th to 11th.
In addition to AI-related cyber threats rising in prominence over the next 12-36 months, AI was frequently indicated as a driver for other emerging cyber threats. AI is lowering the barriers to entry and increasing the volume and speed of attacks. It is also enhancing the sophistication of some attack types, for example AI-enabled spear phishing and more convincing deepfakes. M