- The report analyzes the current threat landscape and shows why digital resilience is becoming a decisive factor for business success.
- Strategies and technologies to combat complex attacks.
- The report highlights the influence of AI on attack and defense strategies, presents the commitment of CANCOM to quantum cryptography, and provides guidance on implementing regulatory requirements such as NIS-2 and DORA.
With the publication of its Cyber Security Report 2025, CANCOM once again presents a comprehensive analysis of the current threat landscape and security strategies in the digital space. The annual report highlights the most important developments in the field of cybersecurity and shows how companies can strengthen their digital resilience – a topic that is becoming increasingly important considering growing threats from ransomware, social engineering, and attacks on supply chains.
Virtually all aspects of our economic, social, political, and private lives are related in some way to cybersecurity. According to the Allianz Global Risk Barometer, cyber incidents are among the biggest business risks worldwide, accounting for 36 percent of the total. At the same time, 87 percent of the companies surveyed in a Munich Re study feel that they are not adequately protected. “Cybersecurity is one of the most important key factors for strong business performance and future security,” emphasizes Jochen Borenich, CEO of CANCOM Austria, in the foreword to the report.
Top topics for 2025: adversary evolution, the Big 4, and zero-day attacks
The report identifies several key threat areas: the increasing professionalization of attackers, known as “adversary evolution,” the vulnerability of global supply chains, and the growing sophistication of social manipulation techniques.
In addition to these threats, the report also analyzes the activities of the so-called Big 4 – China, Russia, Iran, and North Korea – as well as the increasing danger posed by zero-day attacks, which often go undetected and are used specifically by state actors.
A key conclusion of the report is that ransomware is and remains the number one threat. Attacks are not only becoming more frequent, but also more complex, with extortion attempts taking place on several levels simultaneously: from data encryption and data theft to DDoS attacks and targeted contact with third parties. Artificial intelligence (AI) is increasingly acting as an accelerator of these developments: AI-based technologies enable automated attack patterns, deceptively real deepfakes, and highly personalized phishing campaigns.
Another focus of the report is on the use of AI and LLMs in cybersecurity. It shows which LLM models attackers are using and how companies can minimize risks through data validation and targeted segmentation.
AI is both an opportunity and a risk for cybersecurity
However, AI also opens up new opportunities for defense – for example, through anomaly detection, threat intelligence, and automated responses.
The question is no longer whether AI plays a role in cybersecurity, but how it can be used responsibly, efficiently, and strategically. Another key topic in the report is therefore the use of AI and machine learning (ML) in cybersecurity. While attackers are increasingly relying on generative AI, CANCOM uses ML-based technologies for early detection and defense against threats. “Data quality, validation, and transparency are crucial for using AI safely and effectively,” explains Erwin Friedl, Principal Cyber Security Analyst at CANCOM.
Holistic security strategies against current threat scenarios
In addition to analyzing the current threat landscape, the report also highlights specific, practical strategies that companies can use to counter current and future risks. For example, how companies can holistically secure their IT and OT infrastructures with the 4+1 strategy (Prevent, Protect, Detect, Respond + Recover). But it also highlights the contribution made by the Security Operations Center and the interaction between red and blue teams – the so-called PURPLE team.
Quantum cryptography and NIS2: A look into the future
CANCOM is also contributing its network and security expertise to research into quantum cryptography and is working on the encryption of data transfers as part of the EU’s QCI-CAT project. At the same time, the company is supporting its customers in implementing regulatory requirements such as the NIS2 Directive. The Cyber Security Report also provides valuable assistance in this regard.
Practical examples and voices from the business world
The report contains numerous best practices and interviews – including with ORF, ZARGES, and SPAR ICS – that show how companies are working with CANCOM to strengthen their security architecture. The key finding: the more sophisticated the attacks, the more intelligent and forward-looking the defense strategies must be.
The CANCOM Cyber Security Report 2025 is aimed at companies throughout the DACH region and takes into account both national and European developments – from regulatory requirements such as NIS2 and DORA to industry-specific challenges in manufacturing, healthcare, and the public sector. The complete CANCOM Cyber Security Report 2025 is now available for download in German: www.cancom.de/loesungen/it-themen/security/#download
