News

"protecting against cyber attacks" — What the new study reveals

Q: What kinds of damage happen most often after a cyber attack?

The most common impact is downtime ( 63 percent ), followed by financial losses ( 42 percent ) and legal consequences ( 36 percent ). Other frequently reported effects include data theft ( 34 percent ) and ransom demands ( 29 percent ).

Q: Which first steps protect against cyber attacks with the highest impact?

Prioritize prompt patching , multi-factor authentication (MFA) , and ongoing user awareness training . The report emphasizes that disciplined baseline hygiene blocks a large share of real-world attacks—especially when patching and MFA are implemented without long delays.

Q: How can companies close the gap when they do not know if they were attacked?

A key issue is insufficient detection and logging— 28 percent of companies could not say whether they had been attacked. Improving telemetry baselines , centralizing logs , and funding detection engineering helps reduce “unknown unknowns” and shortens dwell time.

Q: What security metrics should leadership review to manage cyber risk?

Use outcome-focused KPIs, not tool counts—for example MFA coverage , the share of critical patches deployed within 7 days , and phishing failure rate trends. Also track mean time to detect and contain and backup restore success so governance can tie risk appetite to control effectiveness.

The new study shows how attackers exploit routine weaknesses and which defenses work. It walks you through prioritized steps—patching, access controls, training—and gives actionable measures to lower your risk and speed recovery after a breach.

Von Daniel Schreiber Senior Tech Editor · 14. Juni 2024 Aktualisiert: 11. Februar 2026 · 5 min Lesezeit

How a New Study Changes Your Cybersecurity Strategy

Schnelle Antworten

How common are cyber attacks for companies in the DACH region?

In the Horizon3.ai sample of 300 firms, 60 percent reported at least one cyber incident in the last two years. Only 12 percent said they were confident they were not attacked, while 28 percent did not know either way.

What kinds of damage happen most often after a cyber attack?

The most common impact is downtime (63 percent), followed by financial losses (42 percent) and legal consequences (36 percent). Other frequently reported effects include data theft (34 percent) and ransom demands (29 percent).

Which first steps protect against cyber attacks with the highest impact?

Prioritize prompt patching, multi-factor authentication (MFA), and ongoing user awareness training. The report emphasizes that disciplined baseline hygiene blocks a large share of real-world attacks—especially when patching and MFA are implemented without long delays.

How can companies close the gap when they do not know if they were attacked?

A key issue is insufficient detection and logging—28 percent of companies could not say whether they had been attacked. Improving telemetry baselines, centralizing logs, and funding detection engineering helps reduce “unknown unknowns” and shortens dwell time.

Do regular penetration tests pay off, and what should the loop look like?

Yes—recurring, scoped penetration tests can uncover exploitable paths before attackers do, especially if remediation is fast and retesting follows. The value comes from the remediation loop: assign an issue owner, agree on an fix SLA, log compensating controls, and complete retesting.

What security metrics should leadership review to manage cyber risk?

Use outcome-focused KPIs, not tool counts—for example MFA coverage, the share of critical patches deployed within 7 days, and phishing failure rate trends. Also track mean time to detect and contain and backup restore success so governance can tie risk appetite to control effectiveness.

Protecting Against Cyber Attacks: New Study Unveils Alarming Trends

According to the “Cyber Security Report DACH 2024” by Horizon3.ai, roughly 60 percent of companies in Germany, Austria and Switzerland were hit at least once by a cyberattack over the past two years—underscoring that protecting against cyber attacks is now a baseline requirement, not a nice-to-have. Stand Q2 2026, the frequency and impact of attacks continue to climb as AI tooling accelerates threat actors and widens the gap between risks and defenses.

How common are attacks in the DACH region?

In the Horizon3.ai sample of 300 firms, 60 percent reported at least one cyber incident in the last two years; only 12 percent were confident they were not attacked. A further 28 percent did not know either way.

More than a third (37 percent) reported concrete damage, while 23 percent detected and fully blocked an attack. Nearly a quarter (23 percent) faced three or more incidents; another 12 percent were hit even more often. Given ~70 newly disclosed software vulnerabilities emerging daily (Horizon3.ai), the true exposure is likely higher, especially where monitoring coverage is thin.

Multiple Attacks on the Rise

Attack frequency clusters: 11 percent were hit once, 18 percent twice, 23 percent three times, and 12 percent even more. In practice, organizations without centralized visibility or asset inventories underestimate incident counts—lateral movement and long dwell times can mask compromises until ransomware or operational disruption forces discovery.

What damage patterns are most common?

Downtime (63 percent) leads the impact chart, followed by financial losses (42 percent), legal consequences (36 percent), data theft (34 percent) and ransom demands (29 percent). For many firms, a single outage or exfiltration event triggers cascading effects—contractual penalties, regulatory notification, incident response and recovery costs—well beyond headline ransom figures.

Legal and Financial Ramifications

Horizon3.ai’s Rainer M. Richter warns that executives can face personal liability if they cannot demonstrate that reasonable, proportionate safeguards were in place. Board-level documentation of risk assessments, patch and identity governance, supplier due diligence and tested recovery plans is essential to show due care when regulators or courts ask for proof.

What are the most effective first steps for protecting against cyber attacks?

Prioritize patching, strong unique passwords with multi-factor authentication, and continuous user awareness training; these controls stop a large share of real-world attacks.

Baseline hygiene consistently outperforms expensive point tools when execution is disciplined. Authoritative guidance highlights prompt patching and MFA as high-efficacy moves, with lag between public patches and real deployment often measured in months when it should be days. See the analysis in peer‑reviewed cybersecurity literature. Complement with trusted-DNS filtering, allow-listed software, and segmented access to limit blast radius, as summarized in the Canadian Centre for Cyber Security’s practical checklist.

Identity: Enforce MFA on email, VPN, admin consoles; remove legacy protocols; rotate and vault admin credentials.
Patching: Track assets, patch browsers, VPNs, hypervisors and edge services on a fast lane; measure mean time to patch.
Email and web: Enable phishing protection, DMARC enforcement, and DNS filtering to block known-malicious domains.
Least privilege: Segment production from office IT; restrict machine-to-machine trust; monitor token and API abuse.
Backups and recovery: Keep immutability and offline copies; test restore times; document ransomware playbooks.
Awareness: Run ongoing phishing simulations and role-specific training to counter social engineering at scale.

Leadership's Role in Cybersecurity

The survey skewed toward senior roles—CISO (23 percent), IT leads (21 percent), CIO (18 percent), CTO (13 percent), administrators (7 percent)—yet half did not expect to be held personally accountable after an incident. That confidence is misplaced. Governance must tie risk appetite to control effectiveness, with KPIs such as patch latency, MFA coverage, detection engineering backlog, and recovery time objectives reviewed at the board.

Urgent Need for Proactive Measures

Attack waves are getting faster and more automated via AI, while remote work and IoT broaden attack surface. From an editorial perspective, firms that instrument fundamentals (asset discovery, identity hardening, rapid patching) and rehearse response outperform peers chasing tool sprawl without operational maturity.

Do regular penetration tests pay off?

Yes—recurring, scoped penetration tests surface exploitable paths before attackers do, especially when paired with rapid remediation and retesting.

Horizon3.ai advocates frequent pentesting to validate resilience under real attacker workflows. In the financial sector, “stress tests” institutionalize this idea. For mid-market IT with evolving SaaS and hybrid cloud, automated discovery plus periodic offensive testing closes gaps that audits miss—misconfigurations, privilege escalation chains, and exposed services. The Horizon3.ai briefing details how platforms like NodeZero operationalize this with continuous updates to reflect emerging CVEs.

From Test to Fix

Value comes from the remediation loop: issue owner assigned, fix SLA agreed, compensating control logged, and retest completed. In the newsroom’s experience, monthly mini-engagements on critical scopes (identity plane, external perimeter, crown-jewel apps) outperform annual “boil-the-ocean” tests.

Scope, Detection, and the “Unknown Unknowns”

A striking 28 percent of companies could not say whether they had been attacked. That is a detection and logging problem. Establishing telemetry baselines, centralizing logs, and funding detection engineering reduces unknowns and shortens dwell time. Even simple steps—centralized endpoint agents, cloud audit log retention, and alert triage runbooks—improve signal-to-noise and make post-incident forensics viable.

Measurement that Matters

Track coverage and outcomes, not just tool adoption: MFA coverage across all identities; percentage of critical patches deployed within 7 days; phishing failure rate trend; mean time to detect and contain; backup restore success rate. These metrics translate directly into lowered legal, financial, and operational risk.

Fazit

The DACH data set confirms what many security teams see daily: attacks are frequent, impacts are material, and basic controls still block the bulk of threats. Protecting against cyber attacks hinges on disciplined execution—MFA everywhere, fast patching, segmentation, trained staff—validated by recurring penetration tests and measurable remediation. Where leadership treats cybersecurity as governance with metrics, detection improves, dwell time shrinks, and recovery becomes predictable.

In the ever-evolving landscape of cybersecurity, staying ahead of hackers is crucial. A recent study has shed light on new methods to protect against cyber threats. One of the key findings is the importance of regularly updating software to patch vulnerabilities. For instance, the SolarWinds WHD Hotfix Patch is a critical update that addresses security flaws. By applying these patches promptly, you can significantly reduce the risk of being exploited by hackers.

Another important aspect highlighted in the study is the role of secure connectivity solutions. With the rise of the Internet of Things (IoT), ensuring secure connections is more important than ever. The satellite IoT connectivity solutions offer robust security features that can help safeguard your devices from unauthorized access. These solutions provide flexible tariffs, making them accessible for various needs and budgets.

Lastly, the study emphasizes the need for advanced security systems to deter potential intrusions. A smart burglar deterrent system, like the smart burglar deterrent system, can be an effective measure to protect your home or office. These systems use advanced technology to detect and prevent break-ins, providing an additional layer of security.

By staying informed about the latest security trends and implementing these solutions, you can better protect yourself from hackers. Remember, the key to effective cybersecurity is continuous vigilance and proactive measures.