Cybersecurity is the highest priority for the vast majority of companies in Germany, Austria and Switzerland (DACH region). In order for this wish to become reality, many companies will probably first have to learn to fully dedicate themselves to this task. Comprehensive commitment is the key to greater cybersecurity, according to a new global study by CompTIA , a non-profit association and advocate for the IT industry and IT professionals. AI, the hype topic of the last two years, is used in the DACH region in particular for monitoring network traffic and automated response to incidents (52 percent each).
CompTIA’s” State of Cybersecurity 2025“ study shows that cybersecurity is first or second on the internal priority list for 98 percent of companies. However, only 25 percent of respondents believe that cybersecurity has improved significantly overall, and only 22 percent describe their company’s cybersecurity measures as completely satisfactory. Almost 1,200 executives and IT professionals from seven regions around the world were surveyed.
“Something is missing, either in companies’ approach to cybersecurity or in their ideas of ideal cybersecurity,” says Seth Robinson, vice president, industry research, CompTIA.
The cause of this discrepancy may lie in the unique position of cybersecurity as a business imperative at all levels of the organization – employees, management, executives and boards.
“The days of increasing cybersecurity by buying current technology are over,” explains Robinson. “Companies must continually think about their cybersecurity technology, processes that ensure asset protection, and an organizational structure that provides cutting-edge expertise.”
Experience in cybersecurity required
According to the report, the need for in-depth expertise in cybersecurity is growing. And despite a difficult economic situation in Germany, there is still a positive trend in the IT industry to hire staff, according to the ifo employment barometer.
However, hiring and training employees requires financial resources, and this remains a challenge for some. While a clear majority of respondents say cybersecurity is a high priority in their organization, only half of them believe it is relatively easy to raise funds for cybersecurity activities or that budgets are increasing.
“The first thing companies need to do is develop the skills needed to increase efficiency in this area. But there are other ways,” says Robinson. “The issue needs to be made more visible to managers, because then they can also develop the necessary awareness. In addition, there is the establishment of organizational guidelines and metrics and the development of policies that guide employee behavior in order to create a culture of cybersecurity.”
AI and cybersecurity
Artificial intelligence (AI) has the potential to accelerate, automate, but also complicate cybersecurity efforts. The most important AI-supported use cases in the DACH region include monitoring network traffic and automated response to security incidents (52% each), followed, at some distance, by analyzing user behavior (39%), generating defenses and automating infrastructure (38% each), and early detection of vulnerabilities (34%).