Three in four companies affected by cyberattacks – AI is changing the requirements for cyber resilience



June 26, 2026



Artifical Intelligence (AI)

ManageEngine study shows: German companies have robust security processes, but AI-powered attacks are increasing the pressure to act

Cyberattacks have long been part of everyday business life for German companies. A recent study by ManageEngine, a division of Zoho Corporation, shows that 75 per cent of companies in Germany have experienced at least one cybersecurity incident in the past twelve months. At the same time, however, the results also highlight that many organisations have significantly strengthened their cyber resilience in recent years and now respond to security incidents in a more structured manner than they did just a few years ago.

For the study, 302 executives and IT and security experts from German companies of various sizes were surveyed. The focus was on questions regarding the threat landscape, organisational preparedness and key areas of investment in the field of cybersecurity.

Cyber resilience is emerging as a strategic competitive factor

The study’s findings paint a nuanced picture: on the one hand, the number and complexity of attacks are rising steadily; on the other, many companies now have established processes in place for incident response, recovery and governance.

This is particularly evident in the organisational foundations. 95 per cent of the companies surveyed have a formal backup strategy. 91 per cent have defined clear responsibilities for the management of security incidents. At the same time, 80 per cent state that they have set specific timeframes for the detection and handling of security incidents.

Operational response times are also fast. 93 per cent detect incidents on the same day, whilst 91 per cent also initiate initial countermeasures within this timeframe. Nevertheless, recovery often remains time-consuming: only 44 per cent of companies can fully recover from an incident within ten days, whilst 30 per cent require 20 days or more to do so.

Phishing remains the dominant form of attack

Despite the rapid development of new attack techniques, phishing remains the most common entry point for cybercriminals. According to the study, 54 per cent of all recorded attacks are attributable to phishing and social engineering campaigns. This is followed by the exploitation of technical vulnerabilities, accounting for 48 per cent.

These figures illustrate that attackers continue to specifically exploit both human and technical weaknesses. Whilst security solutions are becoming increasingly powerful, raising employee awareness remains an essential component of effective cyber resilience.

AI is becoming the greatest future risk

Perceptions of future threats are currently changing particularly rapidly. 45 per cent of the companies surveyed view AI-enabled cyberattacks as the greatest security risk over the coming twelve months.

This concern is understandable: generative AI enables attackers to make phishing campaigns more realistic, adapt malware more quickly, and automate and scale attacks at a speed never seen before.

Germany is thus following a Europe-wide trend. Companies in the UK and Spain now also regard AI-based attacks as the greatest future cyber threat.

Companies are investing specifically in new security strategies

The changing threat landscape is having a direct impact on investment plans. 35 per cent of respondents cite preparing for AI-based attacks and emerging threats as their top investment priority for the next two years.

Cyber resilience is thus increasingly evolving from a purely IT task into a strategic area of investment. Alongside traditional protective measures, areas such as automated attack detection, AI-supported security analyses and adaptive security architectures are steadily gaining in importance.

IT and security teams are working at their limits

However, the study also highlights organisational challenges. Responsibility for cyber resilience continues to lie predominantly with IT and security teams.

67 per cent of companies state that incident response is primarily the responsibility of IT. Only 48 per cent report the active involvement of specialised security teams.

The strain on specialist departments is correspondingly high. Around one third of respondents describe their own organisation as being constantly overburdened or in crisis mode. A shortage of skilled staff, skills gaps and a high reliance on manual processes further complicate the development of long-term resilience.

Incidents are increasingly being used to drive concrete improvements

On a positive note, however, the systematic follow-up of security incidents is proving effective. 95 per cent of companies carry out structured reviews following a cyber attack.

The insights gained from these are immediately incorporated into improvement measures: 53 per cent implement targeted optimisations, whilst 38 per cent make more comprehensive, long-term changes to their security architecture.

The largest investments are made in staff training (52 per cent) and technical improvements (50 per cent). Many companies are thus pursuing a holistic approach that combines organisational and technical measures.

Cyber resilience requires greater support from management

Despite the generally positive trend, ManageEngine sees a significant need for action at executive level. Whilst many companies have established processes and governance structures in place, the strategic involvement of senior management often remains reactive.

39 per cent of respondents state that the board or senior management only engage intensively with cyber security, particularly in the event of a crisis. Only 28 per cent describe the level of commitment from senior management as consistently high.

According to Praveen Das, Regional Technical Head for Europe at ManageEngine, this is precisely where the key challenge for the coming years lies. Cyber resilience must evolve just as dynamically as the threat landscape itself. AI-enabled attacks, in particular, require a long-term strategic approach that combines technological investment, governance, skills development and ongoing support from top management.

Resilience is becoming the benchmark for digital corporate governance

The study’s findings illustrate that German companies have made significant progress in operational cyber resilience in recent years. Standardised incident response processes, backup strategies and clearly defined responsibilities now form a solid foundation in many organisations.

At the same time, the increasing prevalence of artificial intelligence marks a turning point. In future, cyber resilience will no longer be measured solely by how quickly companies respond to attacks, but above all by how proactively they prepare for new, AI-enabled threats. As a result, cyber resilience is increasingly becoming a company-wide management task – and a decisive factor for digital competitiveness.

Organised crime in Europe: Europol warns of adaptable criminal ecosystems

Jun 26, 2026

New Europol report shows: dismantled networks are quickly replaced by new ones The fight against organised crime in Europe is having an impact – yet at the same time, criminal structures are evolving faster than ever. This is the conclusion reached by the latest...

Air-conditioning as a safety and health factor: Study highlights a gap in provision for older people

Jun 26, 2026

Rising temperatures as a result of climate change are altering the demands placed on buildings and their technical systems. Whilst air-conditioning is increasingly regarded as an integral part of building infrastructure in many regions, a recent study by the...

All news in 2026

Jun 25, 2026

24.06.2026 SecuriSmoke ASD 2000: New generation of digital aspirating smoke detectors 21.06.2026 Digitalizing access management for lockers and cabinets: a new solution combines flexibility and user confidence 19.06.2026 INTERPOL and Group-IB uncover digital...