If cybercrime was an economy, it would rank as the third largest globally, with costs projected to reach $9.5 trillion annually by 2025. The question is whether Governments are prepared to withstand the next wave of attacks. Ransomware, identity attacks, and other cyber threats put national security, public trust, and critical infrastructure at risk. To combat these threats, governments must act swiftly to strengthen their security posture and leverage AI to build resilient defenses against evolving cyber threats to protect citizens and vital data.

A Growing Threat Landscape

Last year, Microsoft detected more than 600 million cyberattacks targeting customers daily, including government entities and critical infrastructure. The recent Microsoft Digital Defense Report highlights a significant increase in the sophistication of cyberattacks, particularly against governments and critical sectors like healthcare, energy, and finance. As geopolitical tensions rise, cyberattack methods are evolving, putting government entities at greater risk. For example, password attacks alone have surged from 572 per second to over 7,000 per second in just three years.

By 2027 as IDC predicts 95% of nations will have experienced a major cyberattack caused by threat actors using generative AI. According to that report, only 30% will be resilient enough to prevent significant disruptions and breaches.

How AI is Transforming Cybersecurity

As cybersecurity risks are growing, so is the potential for AI to help mitigate these threats. In Ukraine, for example, during the ongoing war, AI-enabled public cloud technologies have played a critical role in protecting government systems from cyberattacks. AI tools allowed Ukrainian authorities to detect and respond to threats swiftly, ensuring the continued operation of critical services even during periods of intense attacks. This real-time threat detection and rapid response is precisely why AI is such a game-changer for cybersecurity.

Similarly, in Albania, a massive cyberattack backed by Iranian hackers targeted critical government systems. Working in collaboration with Microsoft, the U.S. FBI, and Albanian cybersecurity experts, the country successfully defended its infrastructure and began rebuilding with stronger defenses. This partnership between governments and private companies underscores the critical need for collaboration in addressing cybersecurity challenges.

The Role of AI in Enhancing Security

AI’s role in the public sector goes beyond just threat detection. It’s transforming the way cybersecurity is approached. AI-powered systems can process massive amounts of data in real time, identifying anomalies and vulnerabilities that would be hard to detect manually. Automation allows for the prioritization of incidents, freeing up cybersecurity professionals to focus on more complex issues.

One notable example comes from Serbia’s Office for IT and e-Government, which implemented Copilot for Security, an AI tool designed to support teams in detecting and addressing threats more efficiently. AI also helps security teams quickly spot potential risks and reduces the time it takes to respond to emerging threats.

Beyond improving efficiency, AI helps fill the critical skills gap in cybersecurity. Public Sectors around the world are struggling to find enough trained cybersecurity professionals to handle the increasing volume and complexity of cyber threats. AI steps in by automating routine tasks, allowing smaller teams to scale their operations effectively without needing to hire additional staff.

The Cost of Cyberattacks is growing

The cost of cyberattacks is soaring. In 2024, 34% of state and local government organizations reported being hit by ransomware, a notable decrease from 69% in 2023. However, the recovery cost has doubled, averaging $2.83 million per attack. Cyberattacks on government agencies result in not just financial losses, but potentially catastrophic impacts on national security, citizen trust, and critical infrastructure. If the digital systems that citizens rely on are compromised, it can lead to serious disruptions in services that impact everyday life.

The Path Forward: AI as a Cornerstone of Public Sector Cybersecurity

Ratko Mutavdzic, Government Industry Director for Europe, Middle East and Africa, Microsoft, commented: “The road to securing digital government services is clear - AI must be central to every cybersecurity strategy. Governments need to prioritize investments in AI-driven cybersecurity solutions not only to defend against attacks but also to respond in real-time and ensure resilience in the face of cyberattacks. This approach is further underscored by the European Union’s NIS2 Directive, which raises cybersecurity standards by mandating enhanced incident reporting, stricter supply chain oversight, and greater accountability for boards of directors. The combination of AI integration and regulatory compliance will strengthen the resilience of digital government services, enabling them to withstand and recover swiftly from cyber threats’’

Key lessons for public sector leaders include:

• Collaboration Is Key: The scale of cyber threats means that no one government can defend against them alone. International collaboration between governments and private companies is essential for sharing intelligence and building stronger defenses.
• Adopt AI Solutions: AI technologies must be integrated into public sector security frameworks to improve the speed and accuracy of threat detection and response. This isn’t just about purchasing new tools; it’s about a paradigm shift toward using AI as a foundational layer in security strategy.
• Invest in Skills Development: While AI can automate many cybersecurity tasks, there’s still a shortage of skilled cybersecurity professionals. Public Sector must invest in upskilling their workforce to stay ahead of the evolving threat landscape.
• Prepare for the Inevitable: Governments must proactively prepare for cyberattacks, rather than just reacting when they occur. This means regular threat assessments, training, and contingency planning. AI-powered monitoring and threat-detection tools can support these efforts, ensuring that governments are ready for whatever comes next.

Ensuring a Secure, AI-Driven Future for Public Services

As governments continue their digital transformation, the need for robust cybersecurity has never been more urgent. AI is no longer just an optional tool; it’s a critical component of a comprehensive security strategy. By embracing AI-powered cybersecurity solutions, collaborating with other governments and private sector partners, and preparing the workforce for the future, governments can safeguard their digital infrastructure and ensure that public services remain secure, efficient, and accessible to all.

By making the right investments in AI and cybersecurity, governments can build a resilient, secure foundation that will withstand the challenges of tomorrow’s digital landscape.