75 percent of German companies have been hit by cyberattacks; while incident response processes are established, many lack continuous leadership engagement and preparation for AI-driven threats.
Identities and cloud services have become more lucrative for attackers than infrastructure vulnerabilities; many companies fail to close this gap technologically due to lack of people, processes, and clear accountability.
German companies suffer financial damages from cyberattacks often on the same day, while recovery takes days – yet cybersecurity remains predominantly an IT task rather than a top-management priority.
Holiday-related reductions in IT team capacity and longer response times make companies more vulnerable to identity attacks during summer months, particularly when compromised credentials and AI-powered phishing messages are deployed.
Cybercriminals increasingly employ professionalized automated standard methods and are becoming faster at exploiting vulnerabilities, while phishing and invisible attacks using legitimate tools are becoming the norm.
Operational Technology in factories presents attackers with significantly lower barriers than modern IT infrastructure, while cyber outages in production have existential consequences.
NIS2 introduces a 24-hour reporting obligation for cyberattacks, requiring organizations to comply with significantly faster incident reporting requirements.
Weekly overview of significant cyberattacks and security incidents from international specialist media – relevant for threat assessment in cyber risk management.