eco IT Security Survey 2025: How AI is Becoming the New Shield

Attacks are becoming more sophisticated, and defences more intelligent: According to the latest IT Security Survey by eco - Association of the Internet Industry, 88 per cent of surveyed IT security experts rate the threat level as high or very high. At the same time, companies are responding increasingly strategically: Artificial intelligence (AI) is increasingly becoming a key tool for detecting attacks at an early stage and strengthening their own resilience.

"AI is a crucial lever for enhanced cyber security," says Professor Norbert Pohlmann, eco's Board Member for IT Security. "It helps to identify threats in real-time and enables companies to operate resiliently at a new level."

Around 40 per cent of companies are already actively using AI in IT security - for example, for automated anomaly detection, log data analysis or supporting incident response processes. At the same time, over 90 per cent expect that attackers will increasingly rely on AI as well - for deceptively authentic phishing emails, deepfakes or automated vulnerability scans. The study clearly shows that AI is shifting the dynamics between attack and defence - and fundamentally changing the rules of the game in cybersecurity.

"AI is not a risk for companies per se, but rather a tool to protect themselves significantly better," Pohlmann emphasises. "The key is to use it correctly - responsibly, securely and in the interest of Europe's digital sovereignty."

Ransomware remains the frontrunner - CEO fraud is on the rise

The number of major security incidents is increasing: one in six companies was affected by at least one serious attack last year.

Ransomware remains the most common form of attack, closely followed by CEO fraud, which has increased significantly compared to the previous year. Particularly critical is the increase in so-called double-extortion attacks, in which data is not only encrypted but also exfiltrated and used for blackmail.

On a positive note: none of the companies surveyed reported paying ransom - an indication of growing professionalism in handling incidents and clearer processes for emergencies.

Prevention and planning are coming into focus

Despite the growing threat landscape, progress in security culture is evident: 60 per cent of companies have defined emergency plans, and just as many conduct regular employee training. Nearly half plan to increase their security budgets in the coming year. This makes it clear that cybersecurity has reached the executive level - as a strategic investment, not a cost factor.

"The results show that German companies are catching up in terms of cyber resilience," explains Oliver Dehning, eco Security Expert and Head of the eco Security Competence Group. "But they must continue on this course consistently. Only those who combine prevention, awareness and AI-based defence strategies can adequately protect themselves against increasingly intelligent attacks."

Digital sovereignty through resilience

The eco IT Security Survey 2025 paints an ambivalent picture: threats are increasing, but simultaneously, the ability to counter them is growing.

Companies are investing more targeted strategically, planning more simultaneously and using modern cybersecurity technologies that were still considered futuristic just a few years ago. AI, prevention and cooperation form the new triangle of modern cybersecurity - and thus the foundation for a secure, sovereign and innovative digital economy in Europe. As an association, eco is therefore keen not to weaken this trend through excessive and complex AI regulation, but rather to empower companies to deploy AI to defend against the new dangers posed by this very technology.

You can download the entire German study here - with the entire English study to be available next week!

We cordially invite all specialists to participate in our new survey and contribute their expertise to ensure that the results paint as accurate and practical a picture of the security situation as possible!

Join in - your expertise is needed!