The reference foresight exercise
Since 2023, ENISA has run a dedicated foresight exercise — updated in 2024 — to identify the threats most likely to worsen through 2030. The method combines a structured survey of experts (Delphi method) with scenario workshops, not an improvised extrapolation. Of the ten trajectories it identifies, several concern individuals directly.
🧩Dependence on a handful of technology providers
ENISA ranks software supply-chain compromise at the top of its list: a flaw at a single widely used provider can ripple out to millions of end users at once, far beyond the company directly targeted.
ENISA, Foresight Cybersecurity Threats for 2030 — Update 2024👥The shortage of cybersecurity skills
The shortage of trained professionals ranks second among identified trajectories — a less visible factor than the technology itself, but one that directly slows organizations' ability to detect and respond to increasingly automated attacks.
ENISA, Foresight Cybersecurity Threats for 2030 — Update 2024🤖The abuse of artificial intelligence
ENISA explicitly identifies AI abuse as a trajectory in its own right — not just a factor that worsens other threats. It's already measurable today: the FBI opened a dedicated descriptor for AI-related complaints in 2026, with 22,000 reports and nearly $900 million in losses in the very first year.
ENISA, Update 2024 · FBI (IC3), 2026📡A handful of cloud providers as a single point of failure
The concentration of global digital services among a small number of cross-border infrastructure providers means an outage or attack at one of them can disrupt essential services across several countries at once.
ENISA, Foresight Cybersecurity Threats for 2030 — Update 2024📰More sophisticated disinformation campaigns
ENISA lists advanced disinformation and information-manipulation campaigns among its ten major trajectories — a phenomenon already documented today and set to intensify as content-generation tools become ever more accessible.
ENISA, Foresight Cybersecurity Threats for 2030 — Update 2024A trend already visible today
These projections aren't built from nothing: ENISA's latest annual threat-landscape report (2025, analyzing more than 4,875 incidents between July 2024 and June 2025) already observes a growing blur between hacktivists, cybercriminals and state-linked groups — shared tools, techniques and sometimes infrastructure. What ENISA calls an "environment of continuous and diversified pressure" isn't a hypothesis for 2030, then — it's a trajectory already under way.
Source: ENISA, Threat Landscape 2025.
Why static protection won't be enough
None of these trajectories point toward a slowdown. If attack techniques keep evolving at the pace ENISA and the FBI already document, protection built on a list of numbers or keywords frozen at a single point in time is necessarily falling behind. That's why Egidio is designed as an engine that keeps learning rather than a static filter.
Frequently asked questions
Who produces these projections for 2030?
ENISA (the European Union's cybersecurity agency) has published a dedicated foresight exercise since 2023, updated in 2024, built with industry experts through a structured method (Delphi survey, scenario workshops).
Are these certain predictions?
No — these are trajectories judged most likely and most impactful by a panel of experts, not certainties. They're meant to guide defense priorities, not predict a single scenario.
Do these threats only concern businesses?
No. Several, like AI abuse or disinformation, have a direct impact on individuals — in the phone and text scams that The Threat Laboratory already documents today.